BSoD Vista Home Basic

V

vini

Member
My computer recently went BSoD on me in the past week. I only bought it about four months ago.

Model: NEC Powermate P Series
- Windows Vista Home Basic 32-bit
- Yes, OS installed.
- OEM version
- The computer is approximately four months old.

Additional information:
OS Version: 6.0.6000.2.0.0.768.2
Locale ID: 17417

BCCode: d1
BCP1: B947A000
BCP2: 00000002
BCP3: 00000000
BCP4: 80731CCB
OS Version: 6_0_6000
Service Pack: 0_0
Product: 768_1

I've attached the perfmon and Windows_NT6_BSOD_jcgriff2 files.

Thanks.
 

Attachments

  • PERFMON HTML.zip
    158.7 KB · Views: 2

My Computer

System One

Perfmon reports that Windows Update is disabled. Please enable it and visit Windows Updates to get all available updates.

Systeminfo.txt reports that you don't have SP1 or SP2 installed. Please visit the PC Manufacturer's website and update ALL drivers, then visit Windows Update to get SP1, SP2, and any subsequent updates.

Both dump files blame oebdbmpi.sys - and a Google search for this driver doesn't reveal anything.
I'd suggest searching your system for this file. Once you find it, right click on it and select "Properties"
Then select the Details tab and let us know what you find there.
Then go to Jotti's malware scan and upload that file for scanning. Let us know the results of the scan.

BSOD BUGCHECK SUMMARY
Code: 
[font=lucida console]
Built by: 6000.17021.x86fre.vista_gdr.100218-0019
Debug session time: Sun Oct 17 09:44:06.832 2010 (UTC - 4:00)
System Uptime: 0 days 2:10:12.008
BugCheck D1, {b947a000, 2, 0, 80731ccb}
*** WARNING: Unable to verify timestamp for oebdbmpi.sys
*** ERROR: Module load completed but symbols could not be loaded for oebdbmpi.sys
Probably caused by : oebdbmpi.sys ( oebdbmpi+4ccb )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xD1
PROCESS_NAME:  svchost.exe
Bugcheck code 000000D1
Arguments b947a000 00000002 00000000 80731ccb
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Built by: 6000.17021.x86fre.vista_gdr.100218-0019
Debug session time: Sun Oct 17 07:29:09.361 2010 (UTC - 4:00)
System Uptime: 0 days 2:46:24.644
BugCheck D1, {b5e9b000, 2, 0, 80731ccb}
*** WARNING: Unable to verify timestamp for oebdbmpi.sys
*** ERROR: Module load completed but symbols could not be loaded for oebdbmpi.sys
Probably caused by : oebdbmpi.sys ( oebdbmpi+4ccb )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0xD1
PROCESS_NAME:  firefox.exe
Bugcheck code 000000D1
Arguments b5e9b000 00000002 00000000 80731ccb
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
  
  [/font]
 

My Computer

System One

Thanks for the help.

I ran a Malwarebytes scan and found it here C:\Windows\system32\Drivers\oebdbmpi.sys (Rootkit.Agent) which I quarantined and deleted.
 
Last edited:

My Computer

System One

I checked the properties of this file but it doesn't seem to tell me anything. I've enclosed the attachments for you to see. I'm wondering if I can just remove this file or leave it. This is the one with the malware problem.
 

Attachments

  • image 1.jpg
    image 1.jpg
    37 KB · Views: 38
  • image 2.jpg
    image 2.jpg
    54.5 KB · Views: 34
  • image 3.jpg
    image 3.jpg
    56.9 KB · Views: 27

My Computer

System One

In general, the issues with the Security tab are cause for concern.
The missing info in the Details tab is also a concern, although not as serious (IMO) as the Security tab.

I'm not a malware expert. But I do know that Rootkits are some of the meanest, nastiest infections out there. Run further scans as I suggested above - you want to be sure that the system isn't infected.
 

My Computer

System One

I've run scans using several of the scans you've suggested. None of them picked up the Rootkit (which keeps popping up despite numerous attempts at quarantine/removing) aside from Malwarebytes. Attempts at using the file scanners on that particular file comes up with the message 'a device attached to the system is not working'.
 

My Computer

System One

You must log in or register to reply here.
Back
Top