BSoD - DRIVER_IRQL_NOT_LESS_OR_EQUAL

johnnydfox · 11 Listopad 2011 09:36

Witam!

Zainstalowałem wczoraj program Soluto. Usunąłem parę rzeczy z bootu (skype itp.), do tego zaktualizowałem sterownik graficzny do najnowszej wersji. Dziś rano włączam komputer… i wita mnie BSoD, z błędem DRIVER_IRQL_NOT_LESS_OR_EQUAL. Wchodzę na tryb awaryjny, usuwam sterownik i Soluto. Próbuję odpalić go w normalnym trybie, ale nie ładuję się nawet podstawowy sterownik (mam czarny obraz), ale nie wyskakuje BSoD. Jak mogę to naprawić? Zależy mi na bardzo szybkich odpowiedziach.

Pozdrawiam.

felixik · 11 Listopad 2011 09:45

Spróbuj przywrócić ostatnią poprawną konfigurację

johnnydfox · 11 Listopad 2011 09:46

Tylko proszę dokładną instrukcję jak co zrobić…

drobok · 11 Listopad 2011 09:46

Zainstaluj poprzedni sterownik karty graficznej w trybie awaryjnym.

johnnydfox · 11 Listopad 2011 09:51

Próbuję zainstalować sterownik nVidia 275.33, ale i tak na razie nic to nie daje…

@EDIT:

Komputer pochodził ok. 3 minuty i znów włączył się BSoD… Czy przyczyna może leżeć gdzieś indziej?

Log z ComboFix:

ComboFix 11-11-11.02 - Mateusz 2011-11-11 11:09:24.1.2 - x86 NETWORK

Microsoft Windows 7 Ultimate 6.1.7600.0.1250.48.1045.18.3070.2403 [GMT 1:00]

Uruchomiony z: c:\users\Mateusz\Desktop\ComboFix.exe

AV: Bitdefender Antywirus *Disabled/Outdated* {50909708-FF80-02AF-F814-B28405891E92}

FW: Bitdefender Zapora Sieciowa *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}

SP: Bitdefender Antyszpieg *Disabled/Outdated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 * Utworzono nowy punkt przywracania

.

[i] ADS - Windows: deleted 24 bytes in 1 streams. [/i]

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\data

c:\programdata\1320934978.bdinstall.bin

c:\programdata\1320943040.bdinstall.bin

c:\programdata\mazuki.dll

c:\users\Mateusz\AppData\Roaming\AdVantage

c:\users\Mateusz\AppData\Roaming\advantage\AdVantage.exe

c:\users\Mateusz\AppData\Roaming\chrtmp

c:\users\Mateusz\AppData\Roaming\UpxGui

c:\users\Mateusz\AppData\Roaming\UpxGui\peid.exe

c:\users\Mateusz\AppData\Roaming\UpxGui\upx.exe

c:\windows\IsUn0415.exe

c:\windows\pkunzip.pif

c:\windows\pkzip.pif

D:\install.exe

.

c:\windows\explorer.exe . . . jest zainfekowany!!

.

.

((((((((((((((((((((((((( Pliki utworzone od 2011-10-11 do 2011-11-11 )))))))))))))))))))))))))))))))

.

.

2011-11-11 09:31 . 2011-11-11 09:31	--------	d-----w-	c:\windows\LastGood

2011-11-11 09:22 . 2011-11-11 09:22	29481	----a-w-	c:\programdata\1321003324.bdinstall.bin

2011-11-11 08:15 . 2011-11-11 08:15	--------	d-----w-	c:\windows\B9DB4C7601A446D58910F7AA6376DBAF.TMP

2011-11-10 17:00 . 2011-11-10 17:00	417041	----a-w-	c:\programdata\1320943389.bdinstall.bin

2011-11-10 16:58 . 2011-11-10 16:58	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Bitdefender

2011-11-10 16:58 . 2011-11-10 16:58	--------	d-----w-	c:\programdata\Bitdefender

2011-11-10 16:43 . 2011-10-06 17:19	311248	----a-w-	c:\windows\system32\drivers\trufos.sys

2011-11-10 16:43 . 2011-03-24 14:36	353096	------w-	c:\windows\system32\drivers\bdfsfltr.sys

2011-11-10 14:05 . 2011-11-10 14:05	207390	----a-w-	c:\programdata\1320933647.bdinstall.bin

2011-11-10 14:05 . 2011-11-10 14:05	--------	d-----w-	c:\program files\Bitdefender

2011-11-10 14:01 . 2011-11-10 14:01	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\QuickScan

2011-11-10 14:00 . 2011-11-10 16:43	--------	d-----w-	c:\program files\Common Files\Bitdefender

2011-11-10 12:58 . 2011-11-10 12:59	--------	d-----w-	c:\users\Mateusz\AppData\Local\Akamai

2011-11-09 15:27 . 2011-11-09 15:27	--------	d--h--w-	c:\program files\InstallJammer Registry

2011-11-09 14:32 . 2011-11-11 09:18	--------	d-----w-	c:\programdata\Soluto

2011-11-09 14:31 . 2011-11-09 14:31	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Songbird2

2011-11-09 14:31 . 2011-11-09 14:31	--------	d-----w-	c:\users\Mateusz\AppData\Local\Songbird2

2011-11-09 14:30 . 2011-10-25 10:14	15664	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys

2011-11-09 14:30 . 2011-10-25 10:14	109360	----a-w-	c:\windows\system32\GEARAspi.dll

2011-11-09 14:30 . 2011-11-09 14:30	--------	d-----w-	c:\program files\Songbird

2011-11-09 12:11 . 2011-11-09 12:11	--------	d-----w-	c:\program files\Microsoft Sync Framework

2011-11-09 12:10 . 2011-11-09 12:10	--------	d-----w-	c:\program files\Microsoft Visual Studio 8

2011-11-09 12:08 . 2011-11-09 12:08	--------	d-----w-	c:\program files\Microsoft Analysis Services

2011-11-09 12:06 . 2011-11-09 12:06	--------	d-----r-	C:\MSOCache

2011-11-07 11:21 . 2011-11-07 11:21	--------	d-----w-	c:\users\Mateusz\AppData\Local\Nero_AG

2011-11-03 20:09 . 2011-11-03 20:09	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Nero

2011-11-03 20:00 . 2011-11-03 20:07	--------	d-----w-	c:\programdata\Nero

2011-11-03 19:59 . 2011-11-03 20:00	--------	d-----w-	c:\program files\Common Files\Nero

2011-11-03 19:59 . 2011-11-03 20:07	--------	d-----w-	c:\program files\Nero

2011-11-03 17:44 . 2011-11-03 17:44	--------	d-----w-	c:\users\Mateusz\.screenshooter

2011-11-03 17:44 . 2011-11-03 17:44	--------	d-----w-	c:\program files\ScreenShooter

2011-11-03 14:05 . 2011-11-10 20:10	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\HaoZip

2011-11-02 14:55 . 2011-08-02 12:45	611224	----a-w-	c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

2011-11-02 14:31 . 2011-11-02 19:29	28992	----a-w-	c:\windows\system32\uxtuneup.dll

2011-11-02 14:14 . 2011-11-02 19:29	31552	----a-w-	c:\windows\system32\TURegOpt.exe

2011-11-02 14:14 . 2011-11-02 19:29	21312	----a-w-	c:\windows\system32\authuitu.dll

2011-11-02 14:14 . 2011-11-02 14:31	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\TuneUp Software

2011-11-02 14:14 . 2011-11-09 17:39	--------	d-----w-	c:\program files\TuneUp Utilities 2012

2011-11-02 14:13 . 2011-11-02 14:14	--------	d-----w-	c:\programdata\TuneUp Software

2011-11-02 14:13 . 2011-11-02 14:13	--------	d-sh--w-	c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2011-11-02 13:43 . 2011-11-02 13:43	--------	d-----w-	c:\program files\uTorrent

2011-11-02 13:42 . 2011-11-02 13:42	--------	d-----w-	c:\users\Mateusz\AppData\Local\uTorrent

2011-10-30 15:16 . 2011-10-30 15:16	--------	d-----w-	c:\program files\FileZilla FTP Client

2011-10-30 14:30 . 2011-10-30 14:33	--------	d-----w-	C:\xampp

2011-10-30 13:32 . 2011-10-30 13:32	--------	d-----w-	c:\users\Mateusz\.swt

2011-10-30 13:32 . 2011-11-06 17:16	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Azureus

2011-10-30 13:31 . 2011-10-30 13:31	--------	d-----w-	c:\program files\Vuze

2011-10-30 13:30 . 2011-10-30 13:30	--------	d-----w-	c:\program files\Conduit

2011-10-30 13:30 . 2011-10-30 13:30	--------	d-----w-	c:\users\Mateusz\AppData\Local\Conduit

2011-10-29 18:21 . 2011-10-29 18:21	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Thunderbird

2011-10-29 18:21 . 2011-10-29 18:21	--------	d-----w-	c:\users\Mateusz\AppData\Local\Thunderbird

2011-10-29 18:20 . 2011-10-29 18:20	--------	d-----w-	c:\program files\Mozilla Thunderbird

2011-10-29 08:02 . 2011-10-29 08:02	--------	d-----w-	c:\program files\Audacity

2011-10-23 18:33 . 2011-10-23 18:32	8192	----a-w-	c:\windows\system32\srvany.exe

2011-10-23 18:33 . 2011-10-23 18:32	151552	----a-w-	c:\windows\KMService.exe

2011-10-23 13:54 . 2011-10-23 13:54	--------	d-----w-	c:\users\Mateusz\AppData\Local\minusdesktop

2011-10-23 13:54 . 2011-10-23 13:54	--------	d-----w-	c:\program files\Minus

2011-10-23 08:59 . 2011-10-23 08:59	--------	d-----w-	C:\Wu7z Tools

2011-10-22 18:23 . 2011-11-10 16:57	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\NVIDIA

2011-10-22 12:44 . 2011-10-22 12:44	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\SmartFTP

2011-10-22 12:43 . 2011-10-22 12:44	--------	d-----w-	c:\program files\SmartFTP Client

2011-10-22 12:42 . 2011-10-22 12:42	--------	d-----w-	c:\program files\SmartFTP Client 4.0 Setup Files

2011-10-15 14:38 . 2011-10-15 14:38	--------	d-----w-	c:\users\Mateusz\AppData\Local\FlickrNet

2011-10-15 14:38 . 2011-10-15 14:38	160001	----a-w-	c:\windows\FlickrDown Uninstaller.exe

2011-10-15 14:38 . 2011-10-15 14:38	--------	d-----w-	c:\program files\FlickrDown

2011-10-14 18:40 . 2011-10-14 18:40	--------	d-----w-	c:\program files\Common Files\Skype

2011-10-13 14:18 . 2011-10-13 14:18	--------	d-----w-	c:\users\Mateusz\AppData\Roaming\Passware

2011-10-13 14:18 . 2011-10-13 14:18	--------	d-----w-	c:\program files\Passware

.

.

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-11-09 15:27 . 2011-11-09 15:27	1486058	----a-w-	c:\windows\cursors\uninstall.exe

2011-11-09 15:02 . 2011-04-29 12:32	2614784	----a-w-	c:\windows\explorer.exe

2011-11-09 15:01 . 2011-04-29 12:32	2614784	----a-w-	c:\windows\explorer_.exe.Back.1.08703990750343

2011-10-22 06:27 . 2011-05-26 18:56	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-09 14:47 . 2011-10-09 14:47	436792	----a-w-	c:\windows\system32\drivers\sptd.sys

2011-10-01 10:43 . 2011-09-25 19:42	234768	----a-w-	c:\windows\system32\PnkBstrB.xtr

2011-10-01 10:43 . 2011-08-19 16:17	234768	------w-	c:\windows\system32\PnkBstrB.exe

2011-10-01 10:18 . 2011-08-19 16:18	138264	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys

2011-09-29 15:09 . 2011-09-29 15:09	63056	----a-w-	c:\windows\system32\drivers\bdsandbox.sys

2011-09-28 15:28 . 2011-08-08 13:34	138056	----a-w-	c:\users\Mateusz\AppData\Roaming\PnkBstrK.sys

2011-09-28 15:26 . 2011-08-19 16:17	75136	------w-	c:\windows\system32\PnkBstrA.exe

2011-09-26 14:05 . 2011-08-19 16:17	270240	----a-w-	c:\windows\system32\PnkBstrB.ex0

2011-09-15 19:48 . 2011-09-15 19:48	98304	----a-w-	c:\windows\system32\CmdLineExt.dll

2011-09-01 10:15 . 2011-09-01 10:15	454960	----a-w-	c:\windows\system32\drivers\avckf.sys

2011-09-01 10:12 . 2011-09-01 10:12	596600	----a-w-	c:\windows\system32\drivers\avc3.sys

2011-08-16 06:48 . 2011-09-09 16:13	7152464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{95CFA862-FFAF-4CCB-AFA9-BC7C87670314}\mpengine.dll

2011-11-08 17:44 . 2011-06-18 18:00	134104	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[-] 2011-11-09 . F05EA21D67CF1B635AEA35903E89AC59 . 2614784 . . [6.1.7600.16385] . . c:\windows\explorer.exe

[7] 2011-02-26 . 255CF508D7CFB10E0794D6AC93280BD8 . 2614784 . . [6.1.7600.20910] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe

[7] 2011-02-26 . 2AF58D15EDC06EC6FDACCE1F19482BBF . 2614784 . . [6.1.7600.16768] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe

[7] 2011-02-26 . 0FB9C74046656D1579A64660AD67B746 . 2616320 . . [6.1.7601.21669] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe

[7] 2011-02-25 . 8B88EBBB05A0E56B7DCC708498C02B3E . 2616320 . . [6.1.7601.17567] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

[7] 2009-10-31 . C76153C7ECA00FA852BB0C193378F917 . 2614272 . . [6.1.7600.20563] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

[7] 2009-10-31 . 2626FC9755BE22F805D3CFA0CE3EE727 . 2614272 . . [6.1.7600.16450] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe

[7] 2009-08-03 . 9FF6C4C91A3711C0A3B18F87B08B518D . 2613248 . . [6.1.7600.20500] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe

[7] 2009-08-03 . B95EEB0F4E5EFBF1038A35B3351CF047 . 2613248 . . [6.1.7600.16404] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe

[7] 2009-07-14 . 15BC38A7492BEFE831966ADB477CF76F . 2613248 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane  

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1AD61D5B-58A3-4592-9B34-DC84688FF805}]

2010-10-13 16:27	107328	----a-w-	c:\program files\PDF Suite 2011\PDFIEHelper.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-11-02 641400]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"trustGTX14"="c:\program files\Trust\GXT14 Mouse\POINTERGHOST.exe" [2009-06-05 4833792]

"BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2011-10-07 1146536]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"GrpConv"="grpconv -o" [X]

"C:/Program Files/NVIDIA Corporation/Installer2/installer.2/NVI2.DLL"="c:\program files\NVIDIA Corporation\Installer2\installer.2\NVI2.DLL" [2011-10-15 3114816]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages	REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2011-06-06 10:55	937920	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]

2011-03-30 06:46	499608	------w-	c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]

2011-01-12 05:08	1523360	----a-w-	c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]

2009-04-24 03:21	203928	----a-w-	c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AQQ]

2011-11-09 12:24	10032128	----a-w-	c:\progra~1\WapSter\WAPSTE~1\AQQ.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]

2010-03-13 13:54	91520	----a-w-	c:\program files\Microsoft Office\Office14\BCSSync.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clock Widget (HTC Home)]

2011-06-21 06:07	2035712	----a-w-	c:\program files\HTC Home\Clock.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]

2009-01-29 22:20	57344	----a-w-	c:\program files\SlySoft\CloneCD\CloneCDTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

2011-01-20 09:20	1305408	----a-w-	c:\program files\DAEMON Tools Lite\DTLite.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3]

2010-12-16 06:12	2840112	----a-w-	c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2011-05-15 13:25	136176	----atw-	c:\users\Mateusz\AppData\Local\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPLA!]

2011-06-03 08:41	19764728	----a-w-	c:\program files\ipla\ipla.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]

2011-08-15 14:18	1955208	----a-w-	c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]

2010-03-26 09:52	1234216	----a-w-	c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]

2011-08-04 12:46	3077528	----a-w-	c:\program files\Pando Networks\Media Booster\PMB.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\screenshooter]

2010-09-03 12:52	606208	----a-w-	c:\program files\ScreenShooter\screenshooter.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

2006-12-19 03:34	868352	----a-w-	c:\program files\Analog Devices\Core\smax4pnp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2011-05-04 11:59	252136	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]

2010-02-19 11:37	517096	----a-w-	c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

2011-07-27 15:15	273544	----a-w-	c:\program files\Real\RealPlayer\Update\realsched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]

2011-11-02 13:43	641400	----a-w-	c:\program files\uTorrent\uTorrent.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather Widget (HTC Home)]

2011-06-21 06:06	890880	----a-w-	c:\program files\HTC Home\Weather.exe

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" /MINIMIZED

"Minus"="c:\program files\Minus\minus.exe"

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun

.

R0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2011-09-01 596600]

R0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [x]

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-10-09 436792]

R1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-08-10 90704]

R1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [2010-01-19 85128]

R1 MpKsl266a5c8c;MpKsl266a5c8c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F8894E9D-DD27-48C7-BA17-2B469D3A3D66}\MpKsl266a5c8c.sys [x]

R1 MpKsl2cfe0d43;MpKsl2cfe0d43;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A2B23B4B-DC9C-4535-8174-03CBC812A1B7}\MpKsl2cfe0d43.sys [x]

R1 MpKsl53a74b32;MpKsl53a74b32;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D79447EF-5522-439E-977A-85E9C2AFDBB9}\MpKsl53a74b32.sys [x]

R1 MpKsl99973d8e;MpKsl99973d8e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6CBF5595-8A98-4280-A4D2-62C31DFDDE03}\MpKsl99973d8e.sys [x]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 KmGameMouseServiceV1;Game Mouse Communication And Update Service V1;c:\program files\Trust\GXT14 Mouse\GameMouseServiceApp.exe [2009-05-18 354816]

R2 KMService;KMService;c:\windows\system32\srvany.exe [2011-10-23 8192]

R2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]

R2 PDF Suite 2011 Service;PDF Suite 2011 Service;c:\program files\PDF Suite 2011\ConversionService.exe [2010-10-13 791360]

R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [x]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-11-02 1479488]

R2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2011-10-06 50128]

R2 Winstep Xtreme Service;Winstep Xtreme Service;c:\program files\Winstep\WsxService [x]

R3 ATP;Comodo EasyVPN Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys [x]

R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2011-09-01 454960]

R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [2011-09-29 63056]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-20 10064]

R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-06 307544]

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-01 100560]

R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]

R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2011-05-16 33072]

R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-29 1343400]

R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]

R4 WO_LiveService;Ashampoo LiveTuner Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [2011-07-20 884120]

S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2011-03-01 74320]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-04 218688]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]

S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]

S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [2011-07-15 240184]

S3 KMWDFILTERV1;HIDUASServiceDesc;c:\windows\system32\DRIVERS\RPGMOUSEV1.sys [2009-06-10 18432]

S3 RTL8167;Sterownik Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Akamai	REG_MULTI_SZ Akamai

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Zawartość folderu 'Zaplanowane zadania'

.

2011-11-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3093065952-1056814746-524572515-1000Core.job

- c:\users\Mateusz\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 13:25]

.

2011-11-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3093065952-1056814746-524572515-1000UA.job

- c:\users\Mateusz\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-15 13:25]

.

.

------- Skan uzupełniający -------

.

uInternet Settings,ProxyOverride = *.local

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: Download all by FlashGet3 - c:\users\Mateusz\AppData\Roaming\FlashGetBHO\GetAllUrl.htm

IE: Download by FlashGet3 - c:\users\Mateusz\AppData\Roaming\FlashGetBHO\GetUrl.htm

IE: E&ksportuj do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: ????3?? - c:\users\Mateusz\AppData\Roaming\FlashGetBHO\GetUrl.htm

IE: ????3?????? - c:\users\Mateusz\AppData\Roaming\FlashGetBHO\GetAllUrl.htm

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Mateusz\AppData\Roaming\Mozilla\Firefox\Profiles\ygvrxneu.default\

FF - prefs.js: browser.startup.homepage - hxxp://google.pl

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

.

- - - - USUNIĘTO PUSTE WPISY - - - -

.

URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

Toolbar-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

HKLM-Run-StereoLinksInstall - c:\program files\NVIDIA Corporation\3D Vision\nvstlink.exe

HKLM-RunOnce-InstallShieldSetup1 - c:\progra~1\INSTAL~1\{714B9~1\setup.exe

HKLM-RunOnce-InstallShieldSetup - c:\progra~1\INSTAL~1\{714B9~1\setup.exe

MSConfigStartUp-Acrobat Assistant 8 - d:\adobe\Acrobat 10.0\Acrobat\Acrotray.exe

MSConfigStartUp-Adobe Acrobat Speed Launcher - d:\adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe

MSConfigStartUp-AdVantage - c:\users\Mateusz\AppData\Roaming\advantage\AdVantage.exe

MSConfigStartUp-ALLUpdate - c:\program files\ALLPlayer\ALLUpdate.exe

MSConfigStartUp-Comodo EasyVPN - c:\program files\COMODO\EasyVPN\EasyVPN.exe

MSConfigStartUp-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil10q_Plugin.exe

MSConfigStartUp-GrooveMonitor - c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winstep Xtreme Service]

"ImagePath"="c:\program files\Winstep\WsxService"

.

--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

.

[HKEY_USERS\S-1-5-21-3093065952-1056814746-524572515-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]

@Allowed: (Read) (RestrictedCode)

@="c:\\Users\\Mateusz\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"

"contexts"=dword:00000022

.

[HKEY_USERS\S-1-5-21-3093065952-1056814746-524572515-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]

@Allowed: (Read) (RestrictedCode)

@="c:\\Users\\Mateusz\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"

"contexts"=dword:000000f3

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Czas ukończenia: 2011-11-11 11:18:29

ComboFix-quarantined-files.txt 2011-11-11 10:18

.

Przed: 11 890 864 128 bajtów wolnych

Po: 11 891 982 336 bajtów wolnych

.

- - End Of File - - 8AB331859FC48DFFD6530D5AD2F19C17

Lufcik · 11 Listopad 2011 10:31

Gdy spotkałem się z takim samym BSoD, winowajcą była pamięć ram. Nie wiem czy jedna czy całość, bo nie doświadczyłem tego osobiście, tylko koledze pomagałem. Nie dało się nawet zainstalować windowsa. Jednak w tym przypadku nie musi to być pamięć. Z jakiego korzystasz z systemu?

Skorzystaj z przywracania systemu na początek.

johnnydfox · 11 Listopad 2011 10:49

Kopiuję właśnie na wszelki wypadek najważniejsze pliki i potem przeinstaluję system…