Need help with BSOD

[arthurdp]

This is a freinds computer so any help would be appreciated.

I changed the computers settings to save mini dump files as it was not before.
I only have one mini dump at the current time sadly.

Now for what I did personally. First off it did 15 passes on memtest. Seems my
spin rite disk is to scratched to run but will try to make a new one after work
today and run that tonight. Currently have it in safe mode running some
virus/malware etc software to clean it up.

Here's the only mini dump I have at the moment.

 

[Route44]

Does he have an Adaptec CD/DVD drive installed or anything else by this company?

The driver causing this problem is aspi32.sys and many people have had issues with it regardless of the Windows version one uses.

See this link: http://www.vistax64.com/vista-general/90951-aspi-adaptec-driver-aspi32-sys.html

 

[arthurdp]

Does he have an Adaptec CD/DVD drive installed or anything else by this company?

The driver causing this problem is aspi32.sys and many people have had issues with it regardless of the Windows version one uses.

See this link: http://www.vistax64.com/vista-general/90951-aspi-adaptec-driver-aspi32-sys.html

How would I find that out?
In device manager it says sony CRWDVD CRX310S.
I test spin rite on other pc my disk is fine so I think your right on this one.
I removed a "PC fraudulent" item with spybot in safe mode no other infections
were found. I also gave him a copy of nod32 (paid version) along with spybot
and malware bytes to prevent that from happening again.

Oh I should mention I ran driver sweeper to remove old drivers and uhh Ccleaner to clean registry.
Maybe one of them removed it? I have no idea as I have it running now 2 hours no BSOD yet but who knows.
I want to resolve it before i say its fixed.

**edit checked all of device manager nothing with aspi at all or aptec.
Clearing the system page or w/e now and defraging.

 

[Route44]

There is known malware that mimics aspi32.sys right down to the lettering. So nice work on your part.

By the way, nice to see someone else use NOD32; been doing so on my main rig for several years.

* Keep us updated.

 

[arthurdp]

There is known malware that mimics aspi32.sys right down to the lettering. So nice work on your part.

By the way, nice to see someone else use NOD32; been doing so on my main rig for several years.

* Keep us updated.

Still BSOD...

sigh flashing so fast can't see error code nor is it saving the minidump. computer
is set to save them to.

Doing a chkdsk now once rebooted I'll be setting the memory page properly this time.
Going to try one last attempt with my spin rite disk afterwards though going to use my
external dvd drive to insure no issue with the disk drive.
(thinking I may also disconnect the current one when I try to boot it)

Can you analyze hijack this reports? Maybe theres something still lingering.

 

[arthurdp]

Everything passed those tests last night.
Since then got 2 more BSOD's (0x0000001 & 0x000008E) sadly it only saved
1 of the minidumps which is attached below.

I truly think its a rootkit but I have no experience with hijack this so I'm going
to do a full format now and see if I can't just resolve it that way. If its driver based
I can cut that part out as well by installing the most current ones manually.

***edit

turns out I can't access the bloody recovery partition, ctrl f11 nor the boot menu shows it so I'm stuck now.
Unless I order a DVD from dell at 150$. sigh hopefully you get something from that last mini dump cause I'm stuck.

***edit

Back doored there partition and now restoring to original state.
Sigh this is one long ordeal.

 

[Route44]

Bug check 1. Weird. Simply cited the Windows OS driver win32k.sys and nothing more. As you know usually OS drivers are usually too general to be of much diagnostic help (though there are exceptions).

In any of your tests did you do a harddrive diagnostics?

 

[arthurdp]

Ran chkdsk. Spin rite on level 4 (deep surface scan/erase and write data) Used
windows and dells hardrive diagnostic tools. In all cases it passed.

I just finished the format and pc has yet to show signs of issues after 4 hours or so.

I'm thinking there was a rootkit or two along with a corrupted OS.
All the hardware is in working condition so it can only be software.
we will see how this goes from here