BSOD - A device driver has been caught..

[Destruktor77]

I get the BSoD when shutting down my pc, sometimes on startup and when trying to install some software.

It says a Device Driver attempting to corrupt the system has been caught. STOP message 0x000000c4

I have tried disconnected all devices from the computer and nothing has been recently installed. I have recently cleaned out a Trojan but I don't think that's the case. Avast found some corrupt drivers while doing a boot scan, but those have been sorted out and haven't sorted it.

The event viewer info:
Error code 000000c4, parameter1 0000003c, parameter2 000002c4, parameter3 00000000, parameter4 00000000.

Words:
0000: 74737953 45206d65 726f7272 72452020
0010: 20726f72 65646f63 30303020 63303030
0020: 50202034 6d617261 72657465 30302073
0030: 30303030 202c6333 30303030 34633230
0040: 3030202c 30303030 202c3030 30303030
0050: 30303030

I don't know how to open minidump files, I tried running dumpchk.exe but it said it couldn't be found.

Hope someone can help :wave: Thanks.

 

[Route44]

0xC4 errors are caused by drivers.

How to find and post your Minidump Files:

My Computer > C Drive > Windows Folder > Minidump Folder > Minidump Files.

It is these files that we need (not the folder). Attach to your next post the five most recent dumps. Notice the Manage Attachments button at the bottom when you go to post the next time. You can Zip up to five files per Zip; if you only have one or two you don’t need to zip them, just attach as is. Please do us a favor and don’t Zip each one individually.

 

[Destruktor77]

There you go 5 Minidumps :slurp: just out of curiosity, what do you use to view them?

 

[Route44]

To answer your question the tool used to read minidump files is called Windebugger. But to make it work you also must download and install what is known as symbol packages. Symbol packages take a long time to install due to size and number of said packages.

Every error code is the same 0x000000C4: DRIVER_VERIFIER_DETECTED_VIOLATION
This is the general bug check code for fatal errors that the Driver Verifier finds.

They all cite the same Avast driver aswSP.sys. Now Avast is an excellent product and in light of the fact that you had a trojan there is the possibility that a) you are still infected and b) the former infection compromised and corrupted Avast. No matter how good the security software internet habits can and will overrride protection.

Do the following first to make sure you are compelely clean: Go to our Virus and Malware Removal forum, read the Updated 8 Step sticky, follow the given steps in order, and then on that forum post there with the required logs attached.

You'll get superb help.