Something out of blue happened: BSOD on attempting to connect to a Skype call. Could this be due to Trojan:Ertfor?

Snow,

I'm not in a position to comment about the possible Trojan/Malware issue here... but I do have a comment in general:

1) When it comes to drivers, my philosophy is "if it ain't broke, don't fix it".   It seems that more damage can be done tinkering with a working driver, for the sake of an update that sometimes offers little, if any, "improvement".

2) In the event of a malfunctioning driver... or indications that a critical security update [rather than simply additional "bells and whistles"] is available for the driver... then in such a case, you should obtain it from the PC manufacturer's website rather than from Microsoft Updates.   The reason is that OEMs typically customize drivers, for optimum performance on their particular hardware.   By getting it from Windows Update, you're often settling for a "generic" driver that's not been customized for your system.

Hi ky331,

I don't usually update drivers like what you have said. On that day in question, I did not check for WU either. However when I came to shut down the computer, I noticed the information to pop up to inform WU automatically updating not to turn off the computer. Out of curiosity I went check as to what was installed and found the following

NVIDIA driver update for NVIDIA GeForce GTS 250

Installation date: ‎13/‎04/‎2013 21:10

Installation status: Successful

Update type: Important

This driver was provided by NVIDIA for support of NVIDIA GeForce GTS 250

More information:
http://sysdev.microsoft.com/support/default.aspx

Help and Support:
http://support.microsoft.com/select/?target=hub

I never given a second thought to it..

From now on I will take your advice and check what is to be installed & do as you've suggested.

I have not had another BSOD yet... But I have not gone on the Skype either.

If the BSOD keep happening, I will try to capture on a camera and come back one of the forum here to find out if a solution could be found.

My sincere regards to you.

Hi snow.

I totally agree with David. It is better to leave drivers alone if they are working well, and to avoid using Microsoft update drivers.

The BSOD must have said something. Some code or even the driver which produced the BSOD. Also you must have the minidump or dump in your Windows Explorer.

Location: C:\WINDOWS\Minidump or C:\Windows\MEMORY.DMP

All depends how your Windows is set up. Usually it comes set up to create a minidump, but I have been told that Win 7 creates a Memory dump. So if you want to know more and how to configure Windows to create dumps read this:

http://www.sevenforums.com/tutorials/174459-dump-files-configure-windows-create-bsod.html

If you find that your Windows has created a dump file you can run this program to find the file that cause the BSOD. Keep in mind that this just gives you the offending file, and not the real cause of it.

http://www.resplendence.com/whocrashed

Regards.

Hi snowshine,

I thought I replied here earlier, but lately my posts seem to be disappearing.

What I wanted to ask you was to please post your log from MBAM on the day when it found the Trojan. You can access your logs by clicking on the Logs tab in MBAM. Simply copy/paste the report from that scan.

Thanks.

Hi Bugbatter,

Here follows log details:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.18.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
Dei :: DINNINGROOM [administrator]

18/04/2013 20:10:34
mbam-log-2013-04-18 (20-10-34).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 262105
Time elapsed: 5 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Deirdre\AppData\Local\Temp\Login.exe (Trojan.Ertfor) -> Quarantined and deleted successfully.

(end)

Hi iroc9555,

When I return home tonight I will try . Thank you very much.

Regards

Hi Snow,

I haven't seen your dump file yet, but at least what MBAM found was in a temporary folder and the file was removed.

I'm not sure where you got that, and there could be a couple of reasons, especially if heuristics was used. Nevertheless, it's gone.

I agree with the others above regarding driver downloads. It's always best to stick to your computer manufacturer for downloading them.

Thank you Bugbatter.

BSOD in my case was suspected to have been caused by Logitec Webcam Pro 9000 driver.

Since the update of my Webcam Pro 9000 driver BSOD has not happened. I keep my finger crossed.

Regards

I'm glad that the issue has been resolved. You mentioned your NVIDIA driver update for NVIDIA GeForce GTS 250, but did not tell us you have a Logitec Webcam. When posting here if you provide as much information as possible about the system along with text of any errors it helps us fix things more quickly. :emotion-15: