Tech Support Forum banner
Cancel

BSOD Driver_IRQL_not_less_or_equal

Jump to Latest Follow
Status
Not open for further replies.
1 - 5 of 5 Posts
N

· Registered
Joined
·
5 Posts
Discussion Starter · #1 ·
Hi,

I was wondering if I could get some help with the BSOD I keep getting. I read the BSOD posting instructions written by jcgriff2, but wasn't able to follow them. My laptop wouldn't stay on long enough for me to follow the instructions (I'm currently using an old Hp laptop to make this post).

I lent my laptop to a friend over the weekend and I'm not sure if this has anything to do with it, but, when i started up my computer this morning I got a alert from windows defender that detected a Trojan called Win32/Renos.PJ. I selected the remove button and it said it was successfully removed.
After that the computer restarted by itself and windows defender alerted me again that the same Trojan was still on the laptop. I ran Malwarebytes to see if it would find anything and it did, but, the laptop wouldn't stay on long enough for the scan to complete and remove what was detected. I think the BSOD started popping up after the 3rd time i restarted my computer.

Here is what i could find out about my laptop:
32 bit operating system
windows 7 (Originally installed, that came pre-installed on the system when i purchased it)
Age of system: 1 year
I have never re-installed OS
intel(R) Core (TM) i5 CPU [email protected]
Model: Toshiba Satellite A500

The blue screen comes up with :
Technical information:
Stop: 0x0000000D1 (0x00000000, 0x00000002, 0x00000001, 0x8B872948)
iqstor.sys - Address 8B872948 base at 8B82F00


I've attached a zip of the memory dump files that i managed to copy.

I'm desperate to fix this problem, any help is MUCH appreciated! :pray:

Please HELP!

-Anny
 

Attachments

Jonathan_King

· Registered
Joined
·
3,285 Posts
#2 ·
Hello,

See if you can run the Kaspersky TDSSKiller tool: How to remove malware belonging to the family Rootkit.Win32.TDSS (aka Tidserv, TDSServ, Alureon)?

...Summary of the dumps:
Code: 
[font=lucida console]
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Debug session time: Mon Apr  4 05:45:42.585 2011 (UTC - 4:00)
System Uptime: 0 days 0:04:45.756
*** WARNING: Unable to verify timestamp for iaStor.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStor.sys
Probably caused by : iaStor.sys ( iaStor+43948 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xD1
PROCESS_NAME:  System
FAILURE_BUCKET_ID:  0xD1_iaStor+43948
SystemProductName = Satellite A500
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Debug session time: Mon Apr  4 05:32:19.604 2011 (UTC - 4:00)
System Uptime: 0 days 0:01:22.104
Probably caused by : ntkrpamp.exe ( nt!ExpAllocateHandleTableEntry+1f )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0x8E
PROCESS_NAME:  iexplore.exe
FAILURE_BUCKET_ID:  0x8E_nt!ExpAllocateHandleTableEntry+1f
SystemProductName = Satellite A500
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Debug session time: Mon Apr  4 05:09:56.394 2011 (UTC - 4:00)
System Uptime: 0 days 0:04:51.940
*** WARNING: Unable to verify timestamp for iaStor.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStor.sys
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0x70860002
PROCESS_NAME:  explorer.exe
FAILURE_BUCKET_ID:  0x70860002_iaStor+5df8b
SystemProductName = Satellite A500
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Debug session time: Mon Apr  4 04:52:26.863 2011 (UTC - 4:00)
System Uptime: 0 days 0:36:34.034
*** WARNING: Unable to verify timestamp for iaStor.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStor.sys
Probably caused by : iaStor.sys ( iaStor+86ca )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xD1
PROCESS_NAME:  System
FAILURE_BUCKET_ID:  0xD1_iaStor+86ca
SystemProductName = Satellite A500
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Debug session time: Mon Apr  4 04:15:23.417 2011 (UTC - 4:00)
System Uptime: 0 days 0:10:19.587
*** WARNING: Unable to verify timestamp for iaStor.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStor.sys
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0x70860002
PROCESS_NAME:  System
FAILURE_BUCKET_ID:  0x70860002_iaStor+5df8b
SystemProductName = Satellite A500
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Debug session time: Mon Apr  4 04:04:22.067 2011 (UTC - 4:00)
System Uptime: 0 days 0:16:47.237
Probably caused by : ntkrpamp.exe ( nt!RtlImageNtHeaderEx+4a )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  iexplore.exe
BUGCHECK_STR:  0x7E
FAILURE_BUCKET_ID:  0x7E_nt!RtlImageNtHeaderEx+4a
SystemProductName = Satellite A500
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Debug session time: Mon Apr  4 03:46:42.670 2011 (UTC - 4:00)
System Uptime: 0 days 0:13:44.230
Probably caused by : ntkrpamp.exe ( nt!RtlImageNtHeaderEx+4a )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  iexplore.exe
BUGCHECK_STR:  0x7E
FAILURE_BUCKET_ID:  0x7E_nt!RtlImageNtHeaderEx+4a
SystemProductName = Satellite A500
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Debug session time: Mon Apr  4 03:32:28.156 2011 (UTC - 4:00)
System Uptime: 0 days 0:05:43.327
*** WARNING: Unable to verify timestamp for iaStor.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStor.sys
Probably caused by : iaStor.sys ( iaStor+86ca )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xD1
PROCESS_NAME:  svchost.exe
FAILURE_BUCKET_ID:  0xD1_iaStor+86ca
SystemProductName = Satellite A500
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Debug session time: Mon Apr  4 03:25:51.673 2011 (UTC - 4:00)
System Uptime: 0 days 0:18:21.844
*** WARNING: Unable to verify timestamp for iaStor.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStor.sys
Probably caused by : iaStor.sys ( iaStor+86ca )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xD1
PROCESS_NAME:  wmplayer.exe
FAILURE_BUCKET_ID:  0xD1_iaStor+86ca
SystemProductName = Satellite A500
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Debug session time: Mon Apr  4 03:06:49.202 2011 (UTC - 4:00)
System Uptime: 0 days 0:03:55.763
Probably caused by : ntkrpamp.exe ( nt!RtlImageNtHeaderEx+4a )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  iexplore.exe
BUGCHECK_STR:  0x7E
FAILURE_BUCKET_ID:  0x7E_nt!RtlImageNtHeaderEx+4a
SystemProductName = Satellite A500
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Debug session time: Mon Apr  4 02:56:53.220 2011 (UTC - 4:00)
System Uptime: 0 days 0:08:07.766
*** WARNING: Unable to verify timestamp for iaStor.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStor.sys
Probably caused by : iaStor.sys ( iaStor+43948 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xD1
PROCESS_NAME:  System
FAILURE_BUCKET_ID:  0xD1_iaStor+43948
SystemProductName = Satellite A500
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Built by: 7600.16695.x86fre.win7_gdr.101026-1503
Debug session time: Mon Apr  4 02:47:48.836 2011 (UTC - 4:00)
System Uptime: 0 days 0:02:51.381
*** WARNING: Unable to verify timestamp for iaStor.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStor.sys
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0x70860002
PROCESS_NAME:  svchost.exe
FAILURE_BUCKET_ID:  0x70860002_iaStor+5df8b
SystemProductName = Satellite A500
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
  
[/font]
 
Glaswegian

· Premium Member
Joined
·
39,718 Posts
#5 ·
nee2nee:

Please start here and follow the instructions.

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

Do not post your logs back in this thread - follow the guidance in the above link!

If you have problems with any of the steps, simply move on to the next one and make a note of the problem in your reply.

Please note that the Security Forum is always busy, so I would ask for your patience while waiting for a reply - it may take a few days.
 
1 - 5 of 5 Posts
Status
Not open for further replies.
About this Discussion
4 Replies
4 Participants
Last post:
Glaswegian
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top