Hello:
The problem I’m having started about a week after I worked on a Dell laptop that was loaded with Trojan viruses. It would not run at all. It kept giving tons of “bad image” errors and then locked up on the desktop. What I did was copy the laptop’s hard drive to an external Western digital USB drive using Norton Ghost. Then I used the Dell restore/recovery partition on the laptop to restore the laptop to operating condition. The laptop is now doing great.
Then I carried the external drive over to a desktop Dell XPS 400, and used the XPS 400 to scan the external drive for viruses. I used McAfee and also Super Anti-Spyware. I found that the external drive was loaded with Trojans, and I ended up deleting the Windows folder, and basically everything else except for the documents and settings folder. I was trying to save various files in that folder, including some e-books, music, word documents, and pictures.
While I was scanning for viruses, I got a ton of hits for Trojans and also PUP’s. When I was done, the external drive seemed virus free, and the desktop also seemed okay. I also note, that from now on, I will only use a junk computer in a situation such as this to scan for viruses on an infected drive! Lesson learned.
About a week after all of the above, the Dell XPS 400 started blue screening, with the dreaded BSOD error DRIVER_IRQL_NOT_LESS_OR_EQUAL. I assumed that there was a virus hidden somewhere that had damaged the XPS 400’s Windows XP operating system. I took what I thought would be a *shortcut*. I used a known good image from the XPS 400 that was taken about two months ago to overwrite the C partition. Then, the ONLY thing I used from the C partition from before I overwrote it was a backup I made of iTunes before I overwrote the partition with the known good image. What I did was copy the iTunes folder before I wiped the C partition. Then I scanned the iTunes folder for viruses, and copied it back to the machine after the C partition was wiped. The iTunes then said that it could not open the music because it was from a previous version of iTunes. So I decided to delete the iTunes folder, reinstall the latest version of iTunes, and then use some iTunes backup disks I also made to restore iTunes to the way it was before this started. I left iTunes installing (from the internet) and went to bed. In the morning, the machine was locked up and the iTunes never installed.
When I rebooted it, the machine is blue screening again. Could a virus make it start blue screening again that fast, or is this more likely an intermittent hardware cause? After I used the image from 2-3 months ago, initially it booted right up the first time.
I also replaced the memory in the XPS 400 about 2-3 months ago with 4GB of Crucial RAM (Ballstix Model). I read that some people had problems with the Crucial Ballstix RAM going bad, and they were mad because it’s supposed to be “high-end” RAM. It has fancy metal heat sinks on it, etc. etc.. The machine is well maintained otherwise, no dust or anything like that.
I read the sticky about things to look at before you post minidump files, and I have a question about underpowered CPU’s.
How would I know if the power supply was going bad and not supplying enough power to the CPU? Would that show up in a diagnostic test? I had a machine once that was blue screening, and that I traced back to improperly installed heat sinking compound that had caused hot spots on the CPU and blown the CPU.
So, I’m not sure which thing to think next:
1) Should I overwrite the C partition again and not use the potentially infected iTunes and see if the machine is okay, therefore proving there is a virus on the iTunes?
2) Should I put the old memory back in and see what effect if any that has?
3) From reading, I think Hijack this! Has something to do with situations like this for diagnosis, and/or the dump and/or the mini-dump files.
From my limited understanding, I understand you put the mini-dump files through a “debugger” program to find the problem?
What I really would like is if someone could point me in the right direction explaining how you interpret dump or mini-dump files, and/or how you use Hijack this and what it actually is? Is Hijack this software, like a debugger or something, and how does it compare to the use of the dump files.
I’m very good with Norton Partition Magic and Norton Ghost, but I am very new to diagnosing the dreaded BSOD.
Do we think this is a hidden virus lurking on the hard drive, or is that not likely if I ran McAfee and Super Anti-Spyware many times?
I’m going to send along three or four mini-dump files in case they will help.
What is my next move?
THANK YOU,
Lee
The problem I’m having started about a week after I worked on a Dell laptop that was loaded with Trojan viruses. It would not run at all. It kept giving tons of “bad image” errors and then locked up on the desktop. What I did was copy the laptop’s hard drive to an external Western digital USB drive using Norton Ghost. Then I used the Dell restore/recovery partition on the laptop to restore the laptop to operating condition. The laptop is now doing great.
Then I carried the external drive over to a desktop Dell XPS 400, and used the XPS 400 to scan the external drive for viruses. I used McAfee and also Super Anti-Spyware. I found that the external drive was loaded with Trojans, and I ended up deleting the Windows folder, and basically everything else except for the documents and settings folder. I was trying to save various files in that folder, including some e-books, music, word documents, and pictures.
While I was scanning for viruses, I got a ton of hits for Trojans and also PUP’s. When I was done, the external drive seemed virus free, and the desktop also seemed okay. I also note, that from now on, I will only use a junk computer in a situation such as this to scan for viruses on an infected drive! Lesson learned.
About a week after all of the above, the Dell XPS 400 started blue screening, with the dreaded BSOD error DRIVER_IRQL_NOT_LESS_OR_EQUAL. I assumed that there was a virus hidden somewhere that had damaged the XPS 400’s Windows XP operating system. I took what I thought would be a *shortcut*. I used a known good image from the XPS 400 that was taken about two months ago to overwrite the C partition. Then, the ONLY thing I used from the C partition from before I overwrote it was a backup I made of iTunes before I overwrote the partition with the known good image. What I did was copy the iTunes folder before I wiped the C partition. Then I scanned the iTunes folder for viruses, and copied it back to the machine after the C partition was wiped. The iTunes then said that it could not open the music because it was from a previous version of iTunes. So I decided to delete the iTunes folder, reinstall the latest version of iTunes, and then use some iTunes backup disks I also made to restore iTunes to the way it was before this started. I left iTunes installing (from the internet) and went to bed. In the morning, the machine was locked up and the iTunes never installed.
When I rebooted it, the machine is blue screening again. Could a virus make it start blue screening again that fast, or is this more likely an intermittent hardware cause? After I used the image from 2-3 months ago, initially it booted right up the first time.
I also replaced the memory in the XPS 400 about 2-3 months ago with 4GB of Crucial RAM (Ballstix Model). I read that some people had problems with the Crucial Ballstix RAM going bad, and they were mad because it’s supposed to be “high-end” RAM. It has fancy metal heat sinks on it, etc. etc.. The machine is well maintained otherwise, no dust or anything like that.
I read the sticky about things to look at before you post minidump files, and I have a question about underpowered CPU’s.
How would I know if the power supply was going bad and not supplying enough power to the CPU? Would that show up in a diagnostic test? I had a machine once that was blue screening, and that I traced back to improperly installed heat sinking compound that had caused hot spots on the CPU and blown the CPU.
So, I’m not sure which thing to think next:
1) Should I overwrite the C partition again and not use the potentially infected iTunes and see if the machine is okay, therefore proving there is a virus on the iTunes?
2) Should I put the old memory back in and see what effect if any that has?
3) From reading, I think Hijack this! Has something to do with situations like this for diagnosis, and/or the dump and/or the mini-dump files.
From my limited understanding, I understand you put the mini-dump files through a “debugger” program to find the problem?
What I really would like is if someone could point me in the right direction explaining how you interpret dump or mini-dump files, and/or how you use Hijack this and what it actually is? Is Hijack this software, like a debugger or something, and how does it compare to the use of the dump files.
I’m very good with Norton Partition Magic and Norton Ghost, but I am very new to diagnosing the dreaded BSOD.
Do we think this is a hidden virus lurking on the hard drive, or is that not likely if I ran McAfee and Super Anti-Spyware many times?
I’m going to send along three or four mini-dump files in case they will help.
What is my next move?
THANK YOU,
Lee
