Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Weird Infection possibly reappeared even after Windows Reinstall (Trov


  • This topic is locked This topic is locked

#16
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Yes I would. That's the first step before we dig deeper.

 

Let me know if you have any questions while installing.


  • 0

Advertisements


#17
Lola2014

Lola2014

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Ok, will do :-).
  • 0

#18
Lola2014

Lola2014

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Dear Brian,

Good afternoon! So, I installed every single driver you had mentioned but am still having issues with the error Driver_power_state_failure :-(. Please let me know what I should do next.

Thank you so much:-)
  • 0

#19
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Bummer but that was a necessary first step. A couple questions.

 

1. Does your computer blue-screen with the error while actively using your computer or only when it has been sleeping and you wake it up? Can you give me some more specifics on when this exactly happens?

2. Is your machine currently under warranty?

3. Do you have any USB drives currently connected to your laptop?

 

Thank you.


  • 0

#20
Lola2014

Lola2014

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Def a bummer!

1. I cant be 100% sure but I think that it does both times I.e. while I am using it and after a hibernation but it definitely crashes with that error after a hibernation.

2. It has been more than a year since I bought this computer, so I don't think that it is under warranty now.

3. I don't have any USB connected to the computer.

Thanks a lot!
  • 0

#21
Lola2014

Lola2014

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Def a bummer!

1. I cant be 100% sure but I think that it does both times I.e. while I am using it and after a hibernation but it definitely crashes with that error after a hibernation.

2. It has been more than a year since I bought this computer, so I don't think that it is under warranty now.

3. I don't have any USB connected to the computer.

Thanks a lot!
  • 0

#22
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

I'd like you to send me that actual memory dump file. Please follow the instructions below.

 

1. Go to the following folder: C:\WINDOWS\Minidump

2. You should see a bunch of files in here since you've been crashing so often.

3. Please select the most recent three files. You can use your mouse to click on the most recent and then hold down the CTRL button on your keyboard while you click the next one and then the 3rd one. At this point three files should be highlighted.

4. Right-click your mouse and select Send to...compressed (zipped) folder. A .zip file will be automatically created that contains these three files.

5. Please send this file to me. You will need to use a service such as Dropbox, Onedrive, SendSpace or something similar to attach the file and then send me a link.

 

Please let me know if you have any issues with this. Thank you.


  • 0

#23
Lola2014

Lola2014

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

Hi Brian,

 

I could locate the C:\WINDOWS\Minidump, it has only four files (1 from yesterday and 3 from today). Also, when I select the most recent three files and right click to send to compressed folder, a small window pops out which says "file not found or no read permission".

 

Thank you!


  • 0

#24
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Sorry about that. When you select the three files can you right-click your mouse and select Copy. Then go to your desktop and right-click and choose paste. Once they are on your desktop, select them and then try to right-click and send to...compressed (zipped) folder.

 

Thanks.


  • 0

#25
Lola2014

Lola2014

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

No worries! I am not sure if this is how you share a file, can you access the below link?

 

https://www.dropbox....Vni8gPgqMa?dl=0

 

Thank you!


  • 0

Advertisements


#26
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Perfect. Got them. I'll review and report back.


  • 0

#27
Lola2014

Lola2014

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

Great, awesome! At least now I know how to share files with someone ;-).


  • 0

#28
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Thanks for the information. I've analyzed the dump files and identified the Intel Rapid Storage Technology (RST) driver (iaStorA.sys) as the cause. We've already updated this driver. Unfortunately this means that you likely have a hardware issue and there's nothing more that I can do. This is my professional opinion.

 

As we are malware specialists in this forum you may want to get a second opinion from the Windows 8 forum where there are more hardware dedicated experts.

 

I apologize that I couldn't help you further. Are there any other questions that you have before we close this malware issue?

 

Thank you.


  • 0

#29
Lola2014

Lola2014

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts

Dear Brian,

 

Thank you for diagnosing the problem, I will contact the Window8 forum. I don't think that there is any remaining malware issues with the computer anymore. Thank you so much for all the help, I greatly appreciate it!!!!


  • 0

#30
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

No problem at all.

 

OK! Well done, your computer is clean again!  Part of our jobs here at G2G are to help you clean your computer. But beyond that and just as important is to provide you with some information to keep you safe and secure on the net as well as to share knowledge. Following is that information.
 
 
1. Clean Up!
We need to remove all the tools that we used so that should you ever be re-infected, you will download updated versions which may have updated detection logic.
1. Download Delfix from here.
2. Ensure everything is checked.
3. Click Run.

Note: The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.
 
2. Keeping Programs Updated
You need to ensure that any programs installed on your machine are kept current. The bad guys exploit vulnerabilities that are found in older versions of software. A very good piece of software that keeps your programs up-to-date is Secunia Personal Software Inspector (PSI). You can download and install it from here. You can read more information about this free software as well as a video walkthrough from here.
 
Another alternative and popular software program for keeping your programs current is FileHippo Update Checker. Some people prefer this one.
 
1. Please download FileHippo update checker from here and save to your desktop.
2. Double-click the FHSetup.exe file that was downloaded and accept all the defaults to install the program.
3. The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases. Once updates are found you will see information
    from your task bar as follows. If you click on this informational message you will be take to a website showing the programs that you have that are outdated and links will be provided to the updates.
Capture.JPG

 
 
3. Keeping Java Updated
WARNING: Java is one of the most exploited programs at this time. The Department of Homeland Security recommends that computer users disable Java. You can read more about this here.
I would recommend that you completely uninstall Java unless you need it to run an important software. If you need it or are unsure or uncomfortable with removing it then I would recommend that you disable Java in your browsers until you need it and then enable it at that time. (See How to diasble Java in your web browser and How to unplug Java from the browser). If you don't uninstall it, it's also important that you follow the directions below to update to the latest version of Java.
 
1. Go to this page to download the latest version of Java SE Runtime Environment JRE 8 Update 25.
2. When you click this link you will need to click the "Accept License Agreement" radio button and then click on the "Windows x86 Offline" installer link. You will notice that there is also a Windows x64 link option, however even if you are using a 64-bit operating system, it's very likely you aren't running a 64-bit browser and should only download the "Windows x86 Offline" installer. To determine if you are using a 64-bit browser you can follow these
instructions. If you find that you ARE using a 64-bit browser then you can download the "Windows x64" one.

8u25.JPG
3. Once you click on the appropriate link, please download this to your Desktop like we have with all of our tools.
4. Close any programs you may have running - especially your web browser.
5. Now we need to uninstall all versions of Java that are currently on your machine before we install the newest version. Go to Add/Remove programs (instructions are here) and uninstall any item that appears in the list that has the following as part of the name: You don't currently have this software installed which is fine. Use these instructions if you ever need it.

6. Reboot your computer once all Java components are removed.
7. Then from your desktop, right click on the file that was downloaded (jre-8u25-windows-i586.exe or jre-8u25-windows-x64.exe) and select Run as an Administrator to install the latest version. Accept all the defaults and you're good to go.

Note: Java has been notorious for installing foistware (software downloaded without the users knowledge). If you follow the instructions I provided no foistware will be installed but that doesn't mean it won't in the future. While performing the install of this software or any software for that matter, pay attention to each screen and ensure you uncheck any extra software that you don't want installed (i.e. Ask Toolbar, Chrome Browser, etc.).
 
4. Keep Adobe Reader Updated
Check to see what the latest major version of Adobe Reader is here. The full version is something like 11.0.06 for example but the major version is just the first number before the period so 11 in this case or XI.
Verify what version you have by doing the following.
1. Open Adobe Reader
2. Click Help on the menu at the top
3. Select About Adobe Reader

If your major version matches the major version from Adobe then perform the following steps.
1. Open Adobe Reader
2. Click Help on the menu at the top
3. Click Check for Updates
4. Allow any Updates to be downloaded and installed
5. If asked to reboot, please do.
6. Repeat these steps until you are told that no updates are available.

If your major version is lower than the major version from Adobe then perform the following steps.
1. Uninstall Adobe Reader. Click here for instructions on how to uninstall a program.
2. Install the newest version from this website.
Note: Make sure to uncheck the Optional Offer (i.e. Google Chrome, Google Toolbar) unless you really want it.

NOTE: You should disable JavaScript in the program as this is a highly exploitable method for the bad guys to get in your machine. Follow these instructions to disable it in Adobe Reader.
1. Open Adobe Reader
2. Select Edit from the menu and select Preferences
3. Click on JavaScript in the left column and uncheck Enable Acrobat JavaScript.
4. Click OK and close the program.

NOTE: Many installers, including Adobe Reader, offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.
 
 
5. Antivirus - Preventative
 
Note: Let's keep Malwarebytes installed as it's a fantastic piece of software. Malwarebytes is not actively monitoring your machine so it won't conflict with the Antivirus that you decide to install. I would recommend that you open up this program, allow it to update and scan your machine at least quarterly...monthly if you can.
 
6. Crypto Warning!!!! - Complete Data Loss can occur!
There are particularly nasty infections out there at the moment that encrypt your data and hold it for ransom. You may read more about this here.

  • Download CryptoPrevent free for home use here following the instructions below.
  • Save the file to your desktop from the link above and then open the program by clicking Run when prompted from your browser or by going to the desktop where the file was saved and double-clicking.
  • Accept all the defaults during the install. The last screen of the install has a checkmark in "Launch CryptoPrevent". This is good and will launch the program once you click Finish.
  • You will get a prompt asking if you purchased a Product Key for Automatic Updates. You can answer No.
  • You will then be prompted to learn more about automatic updates or if you want to purchase a key. This is up to you but you don't have to.
  • You will then be prompted to apply all default protections. Answer Yes.
  • You may get a message stating that Windows Sidebar and Desktop Gadgets are a major security vulnerability and asking you if you want to disable them. If you don't use these features, answer Yes.
  • That's it. The protection is in place.

Note: The free version doesn't provide automatic updates. Periodically, you should open up the program (there is a shortcut on your desktop now) and select the Updates! menu....and select Check for Updates to see if there are any as this infection has serious consequences.
 
Updates.JPG
 
 
 
For more information about computer security and how to protect yourself when on the internet, please read this guide Best Practices for Safe Computing
OK, all the best, and stay safe!
 
Items for your next post.
1. Contents of the Delfix log.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP