Blue Screen Error 0x70860002

Discussion in 'Windows 7 Blue Screen of Death (BSOD)' started by phx, Jan 10, 2011.

  1. phx

    phx New Member

    Joined:
    Jan 10, 2011
    Messages:
    6
    Likes Received:
    0
    Hello,

    After downloading a possible virus, malware etc.-- from keygenguru.com -- , the system crashed and windows didnt load successfully ever after.

    I'm getting a 0x70860002 error with blue screen when tried to boot with safe mode.

    I can't get any dump as I can't have any access to files.

    << edited I managed to get th dump files >>View attachment dumpfiles.zipView attachment dumpfiles.zip Untitled2. Untitled.

    I tried to recover the PC to an earlier time but it didnt help either.

    I'm using Windows 7 Professional edition.
     
    #1 phx, Jan 10, 2011
    Last edited: Jan 10, 2011
  2. Captain Jack

    Captain Jack Extraordinary Member

    Joined:
    Mar 6, 2010
    Messages:
    1,952
    Likes Received:
    139
    Hello and Welcome to W7F !

    Seems like iaStor.sys caused the System to crash. it's Intel Matrix Storage Manager driver go to here then see if that works. if not go to C:\Windows\System32\Drivers and rename the iaStor.sys ot iaStor.old and reboot the System.

    Then SFC /SCANNOW Command - System File Checker - Windows 7 Forums

    Code:
    KMODE_EXCEPTION_NOT_HANDLED (1e)
    This is a very common bugcheck.  Usually the exception address pinpoints
    the driver/function that caused the problem.  Always note this address
    as well as the link date of the driver/image that contains this address.
    Arguments:
    Arg1: 0000000000000000, The exception code that was not handled
    Arg2: 0000000000000000, The address that the exception occurred at
    Arg3: 0000000000000000, Parameter 0 of the exception
    Arg4: 0000000000000000, Parameter 1 of the exception
    
    Debugging Details:
    ------------------
    
    
    EXCEPTION_CODE: (Win32) 0 (0) - The operation completed successfully.
    
    FAULTING_IP: 
    +1ae952f009bdfdc
    00000000`00000000 ??              ???
    
    EXCEPTION_PARAMETER1:  0000000000000000
    
    EXCEPTION_PARAMETER2:  0000000000000000
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    BUGCHECK_STR:  0x1E
    
    PROCESS_NAME:  AtBroker.exe
    
    CURRENT_IRQL:  2
    
    EXCEPTION_RECORD:  fffff80000ba0a88 -- (.exr 0xfffff80000ba0a88)
    ExceptionAddress: fffff88001278dc2 (iaStor+0x0000000000009dc2)
       ExceptionCode: c0000005 (Access violation)
      ExceptionFlags: 00000000
    NumberParameters: 2
       Parameter[0]: 0000000000000000
       Parameter[1]: ffffffffffffffff
    Attempt to read from address ffffffffffffffff
    
    TRAP_FRAME:  fffff80000ba0b30 -- (.trap 0xfffff80000ba0b30)
    NOTE: The trap frame does not contain all registers.
    Some register values may be zeroed or incorrect.
    rax=fffef880029091b8 rbx=0000000000000000 rcx=0000000000000000
    rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
    rip=fffff88001278dc2 rsp=fffff80000ba0cc0 rbp=fffff80000ba0d70
     r8=fffff80000ba0ce0  r9=0000000000000050 r10=fffffa8004320dc0
    r11=0000000000000002 r12=0000000000000000 r13=0000000000000000
    r14=0000000000000000 r15=0000000000000000
    iopl=0         nv up ei pl zr na po nc
    iaStor+0x9dc2:
    fffff880`01278dc2 ??              ???
    Resetting default scope
    
    LAST_CONTROL_TRANSFER:  from fffff80002e6946e to fffff80002e71710
    
    STACK_TEXT:  
    fffff800`00b9fb78 fffff800`02e6946e : 00000000`00000000 00000000`00000000 fffff800`00ba02f0 fffff800`02e9e668 : nt!KeBugCheck
    fffff800`00b9fb80 fffff800`02e9740d : fffff800`0307fb7c fffff800`02fb9e84 fffff800`02e01000 fffff800`00ba0a88 : nt!KiKernelCalloutExceptionHandler+0xe
    fffff800`00b9fbb0 fffff800`02e9ea90 : fffff800`02fc0a40 fffff800`00b9fc28 fffff800`00ba0a88 fffff800`02e01000 : nt!RtlpExecuteHandlerForException+0xd
    fffff800`00b9fbe0 fffff800`02eab9ef : fffff800`00ba0a88 fffff800`00ba02f0 fffff800`00000000 00000000`00000000 : nt!RtlDispatchException+0x410
    fffff800`00ba02c0 fffff800`02e70d82 : fffff800`00ba0a88 fffffa80`0434ac68 fffff800`00ba0b30 fffff800`00ba0d01 : nt!KiDispatchException+0x16f
    fffff800`00ba0950 fffff800`02e6f68a : 00000000`00000000 00000000`00000002 fffffa80`0359e040 fffff800`02e5100e : nt!KiExceptionDispatch+0xc2
    fffff800`00ba0b30 fffff880`01278dc2 : fffffa80`0434ac68 fffffa80`0434ac68 fffff800`00ba0d01 fffff880`049ca700 : nt!KiGeneralProtectionFault+0x10a
    fffff800`00ba0cc0 fffffa80`0434ac68 : fffffa80`0434ac68 fffff800`00ba0d01 fffff880`049ca700 00000000`00000000 : iaStor+0x9dc2
    fffff800`00ba0cc8 fffffa80`0434ac68 : fffff800`00ba0d01 fffff880`049ca700 00000000`00000000 fffffa80`04351408 : 0xfffffa80`0434ac68
    fffff800`00ba0cd0 fffff800`00ba0d01 : fffff880`049ca700 00000000`00000000 fffffa80`04351408 fffffa80`0434ac02 : 0xfffffa80`0434ac68
    fffff800`00ba0cd8 fffff880`049ca700 : 00000000`00000000 fffffa80`04351408 fffffa80`0434ac02 fffff880`0129d12c : 0xfffff800`00ba0d01
    fffff800`00ba0ce0 00000000`00000000 : fffffa80`04351408 fffffa80`0434ac02 fffff880`0129d12c 00000000`00000000 : 0xfffff880`049ca700
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    iaStor+9dc2
    fffff880`01278dc2 ??              ???
    
    SYMBOL_STACK_INDEX:  7
    
    SYMBOL_NAME:  iaStor+9dc2
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: iaStor
    
    IMAGE_NAME:  iaStor.sys
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4ac65b7a
    
    FAILURE_BUCKET_ID:  X64_0x1E_iaStor+9dc2
    
    BUCKET_ID:  X64_0x1E_iaStor+9dc2
    
    Followup: MachineOwner
    ---------
    
     
  3. phx

    phx New Member

    Joined:
    Jan 10, 2011
    Messages:
    6
    Likes Received:
    0
    thanks Captain, I actually implemented a fix stated in one of other forums as:

    Bootrec.exe /FixMbr (then hit enter - wait for it to finish)
    Bootrec.exe /FixBoot (then hit enter - wait for it to finish)

    it solved the problems and now everything looks fine.
     
  4. Captain Jack

    Captain Jack Extraordinary Member

    Joined:
    Mar 6, 2010
    Messages:
    1,952
    Likes Received:
    139
    Since that command fixed your problem I wonder it might be the Virus that corrupted the MBR. I think it's a good idea to Download and run Malwrebytes in Safe Mode to remove any infection. Also stay away from these crack or keygen software and websites it cause more damage to OS also those developers who build the software deserves some credit for the hard work and hours they put to build software.
     
  5. phx

    phx New Member

    Joined:
    Jan 10, 2011
    Messages:
    6
    Likes Received:
    0
    fully agree. :cool:


    thx.
     
  6. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    I would think that you're probably correct Cap'n Jack. Just went through this on two Vista Machines for a couple friends, had to boot from the media and fixboot and fixmbr just to get them to boot. As soon as they booted the malware was obvious and I used Malwarebytes and Spybot Search and Destroy updated the signatures and then ran them both in safemode and removed everything they found and then did a complete scan afterwards with MSE, both seem to be working fine now. Time will tell.
     

Share This Page

Loading...