I have a dell notebook that's running windows 7 for about two months now. Started experiencing BSODs for about a week. No new hardware/software has been installed and there is ample disk space on the hard drive.
The system will boot up in normal mode and typically within 3-5 minutes will error out mentioning "ataport.sys" in the error message.
I've tried running a system restore, start up repair and have run a hardware diagnostic test but still getting the BSOD.
I ran tddskiller and the scan found something which I asked it to cure but after the reboot I continue to get the BSOD.
Tried running Malware Bytes but I continue get error messages before the application will even launch.
So far, it unit hasn't BSOD'd while in safe mode, just in normal mode.
· OS - Vista/ Windows 7 ? windows 7 · x86 (32-bit) or x64 ? 32 · What was original installed OS on system? vista · Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? full · Age of system (hardware) 3-5 years? not sure, its not mine. · Age of OS installation - have you re-installed the OS? 2 month old install - no havent tried to reinstall · CPU intel core duo t5750 · Video Card stock · MotherBoard stock · Power Supply - brand & wattage stock · System Manufacturer dell · Exact model number (if laptop, check label on bottom)inspiron 1525 model pp29l
I've attached some of the error logs to help someone troubleshoot.
.
DDS (Ver_2011-08-26.01) - NTFSx86 MINIMAL
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Diana at 17:04:41 on 2012-10-09
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.3062.2368 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\userinit.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 4.2.2.2
TCP: Interfaces\{E6E05765-2CB6-47A7-9526-61D4F02466EE} : DhcpNameServer = 192.168.1.1 4.2.2.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
S0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 171064]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-8-15 250808]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 74112]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 214952]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-8-13 15872]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-8-14 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-8-13 1343400]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
.
=============== Created Last 30 ================
.
2012-10-09 04:34:17 5322 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-10-08 01:38:56 -------- d-----w- c:\users\diana\appdata\roaming\Malwarebytes
2012-10-08 01:38:43 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-10-08 01:38:42 -------- d-----w- c:\programdata\Malwarebytes
2012-10-08 01:38:39 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-08 01:38:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-08 01:00:32 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{2dd1cabe-45e0-4a6d-ae03-3bbcfac2bbd3}\offreg.dll
2012-10-08 01:00:21 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-08 00:32:38 6980552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{2dd1cabe-45e0-4a6d-ae03-3bbcfac2bbd3}\mpengine.dll
2012-10-04 15:24:52 126976 ----a-w- c:\programdata\microsoft\windows\drm\DD44.tmp
2012-09-29 17:25:38 6980552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-09-25 23:34:00 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-12 01:50:38 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 01:50:38 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 01:50:37 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 01:50:37 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 01:50:36 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 01:50:36 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-10 02:56:55 -------- d-----w- c:\users\diana\appdata\local\Adobe
.
==================== Find3M ====================
.
2012-10-08 21:26:27 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-08 21:26:27 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-16 05:21:19 76 --sh--r- c:\windows\CT4CET.bin
2012-08-16 02:43:07 687600 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-16 00:02:30 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-07-18 17:47:53 2345984 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 17:08:11.38 ===============
The system will boot up in normal mode and typically within 3-5 minutes will error out mentioning "ataport.sys" in the error message.
I've tried running a system restore, start up repair and have run a hardware diagnostic test but still getting the BSOD.
I ran tddskiller and the scan found something which I asked it to cure but after the reboot I continue to get the BSOD.
Tried running Malware Bytes but I continue get error messages before the application will even launch.
So far, it unit hasn't BSOD'd while in safe mode, just in normal mode.
· OS - Vista/ Windows 7 ? windows 7 · x86 (32-bit) or x64 ? 32 · What was original installed OS on system? vista · Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? full · Age of system (hardware) 3-5 years? not sure, its not mine. · Age of OS installation - have you re-installed the OS? 2 month old install - no havent tried to reinstall · CPU intel core duo t5750 · Video Card stock · MotherBoard stock · Power Supply - brand & wattage stock · System Manufacturer dell · Exact model number (if laptop, check label on bottom)inspiron 1525 model pp29l
I've attached some of the error logs to help someone troubleshoot.
.
DDS (Ver_2011-08-26.01) - NTFSx86 MINIMAL
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Diana at 17:04:41 on 2012-10-09
Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.3062.2368 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\userinit.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 4.2.2.2
TCP: Interfaces\{E6E05765-2CB6-47A7-9526-61D4F02466EE} : DhcpNameServer = 192.168.1.1 4.2.2.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
S0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 171064]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-8-15 250808]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 74112]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 214952]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-8-13 15872]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-8-14 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-8-13 1343400]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
.
=============== Created Last 30 ================
.
2012-10-09 04:34:17 5322 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-10-08 01:38:56 -------- d-----w- c:\users\diana\appdata\roaming\Malwarebytes
2012-10-08 01:38:43 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-10-08 01:38:42 -------- d-----w- c:\programdata\Malwarebytes
2012-10-08 01:38:39 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-08 01:38:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-08 01:00:32 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{2dd1cabe-45e0-4a6d-ae03-3bbcfac2bbd3}\offreg.dll
2012-10-08 01:00:21 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-08 00:32:38 6980552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{2dd1cabe-45e0-4a6d-ae03-3bbcfac2bbd3}\mpengine.dll
2012-10-04 15:24:52 126976 ----a-w- c:\programdata\microsoft\windows\drm\DD44.tmp
2012-09-29 17:25:38 6980552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-09-25 23:34:00 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-12 01:50:38 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 01:50:38 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 01:50:37 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 01:50:37 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 01:50:36 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 01:50:36 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-10 02:56:55 -------- d-----w- c:\users\diana\appdata\local\Adobe
.
==================== Find3M ====================
.
2012-10-08 21:26:27 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-08 21:26:27 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-16 05:21:19 76 --sh--r- c:\windows\CT4CET.bin
2012-08-16 02:43:07 687600 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-16 00:02:30 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-07-18 17:47:53 2345984 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 17:08:11.38 ===============