Niebieski ekran tcpip.sys

miron50 · 15 Luty 2012 10:38

driver irql not less equal.Witam i pozdrawiam, przeglądarki powodują błedy,reset kompa,albo blue screen.Oto log

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:24:47, on 2012-02-15

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

E:\WINDOWS\System32\smss.exe

E:\PROGRA~1\AVG\AVG2012\avgrsx.exe

E:\Program Files\AVG\AVG2012\avgcsrvx.exe

E:\WINDOWS\system32\winlogon.exe

E:\WINDOWS\system32\services.exe

E:\WINDOWS\system32\lsass.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\System32\svchost.exe

E:\WINDOWS\Explorer.EXE

E:\WINDOWS\system32\spoolsv.exe

E:\Program Files\AVG\AVG2012\avgtray.exe

E:\Program Files\Common Files\Java\Java Update\jusched.exe

E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

E:\WINDOWS\system32\ctfmon.exe

E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

E:\Program Files\AVG\AVG2012\avgwdsvc.exe

E:\Program Files\Java\jre6\bin\jqs.exe

E:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

E:\WINDOWS\system32\wuauclt.exe

E:\Program Files\AVG\AVG2012\avgnsx.exe

E:\Program Files\AVG\AVG2012\avgemcx.exe

E:\WINDOWS\system32\msiexec.exe

F:\Programy\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\AVG2012\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM…\Run: [AVG_TRAY] “E:\Program Files\AVG\AVG2012\avgtray.exe”

O4 - HKLM…\Run: [sunJavaUpdateSched] “E:\Program Files\Common Files\Java\Java Update\jusched.exe”

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”

O4 - HKLM…\Run: [Adobe ARM] “E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

O4 - HKLM…\Run: [startCCC] “E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun

O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU…\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG2012\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\system32\browseui.dll

O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - E:\Program Files\Skype\Updater\Updater.exe

–

End of file - 5236 bytes DZIĘ KI ZA POMOC

Tomzito · 15 Luty 2012 11:06

Twoim rozwiązaniem jest to:

http://half-open.com/download_en.htm

Uruchom Half-open limit fix 4.2
Wybierz nowy limit jednoczesnych pół-otwartych ilość połączeń wychodzących i naciśnij przycisk “Add to tcpip.sys”(Dla większości zmiana limitu na 100 będzie więcej niż wystarczającą.)
Uruchom ponownie komputer

Mam nadzieję,że pomogło.

“Zaczerpnięte z innej strony”

miron50 · 16 Luty 2012 09:20

Tomzito dzięki piękne!,własnie to zrobiłem co napisałeś teraz testuję ,jak będzie to napiszę ,narazie dziękuję serdecznie

– Dodane 16.02.2012 (Cz) 11:19 –

Pochodził pól godziny i sie resetnął.System wygenerował taki błąd

kod błedu 100000d1,parametr 1 0000000c,parametr 20000002,parametr3 00000000,parametr4 aa7595c6

identyfikator zdarzenia 1003

kategoria {102}

nazwa pliku faultrep.dll

sciagnałem ten plik z netu i wkleiłem do windows\ sys32

i patrzę co się dzieje.

– Dodane 16.02.2012 (Cz) 17:56 –

Witam

Komputer chodzi dłużej ,ale dalej sie restartuje

system podaje taki komunikat:

Nastąpił ponowny rozruch komputera po operacji wykrywania błędów. Wyniki tej operacji były następujące: 0x000000fe (0x00000005, 0x86e410e0, 0x10397001, 0x86b3e510). Zrzut zapisano w: C:\WINDOWS\Minidump\Mini021612-02.dmp.

POMOCY

– Dodane 16.02.2012 (Cz) 18:14 –

Prosze tu jest log z ostatniego reseta

Symbol search path is: *** Invalid ***

****************************************************************************

* Symbol loading may be unreliable without a symbol search path. *

* Use .symfix to have the debugger choose a symbol path. *

* After setting your symbol path, use .reload to refresh symbol locations. *

****************************************************************************

Executable search path is:

*********************************************************************

* Symbols can not be loaded because symbol path is not initialized. *

* *

* The Symbol Path can be set by: *

* using the _NT_SYMBOL_PATH environment variable. *

* using the -y argument when starting the debugger. *

* using .sympath and .sympath+ *

*********************************************************************

Unable to load image ntoskrnl.exe, Win32 error 0n2

*** WARNING: Unable to verify timestamp for ntoskrnl.exe

*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe

Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible

Product: WinNt, suite: TerminalServer SingleUserTS

Machine Name:

Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055a6a0

Debug session time: Thu Feb 16 17:47:07.046 2012 (GMT+1)

System Uptime: 0 days 2:20:26.619

*********************************************************************

* Symbols can not be loaded because symbol path is not initialized. *

* *

* The Symbol Path can be set by: *

* using the _NT_SYMBOL_PATH environment variable. *

* using the -y argument when starting the debugger. *

* using .sympath and .sympath+ *

*********************************************************************

Unable to load image ntoskrnl.exe, Win32 error 0n2

*** WARNING: Unable to verify timestamp for ntoskrnl.exe

*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe

Loading Kernel Symbols

…

Loading User Symbols

Loading unloaded module list

…

*******************************************************************************

* *

* Bugcheck Analysis *

* *

*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck FE, {5, 86e410e0, 10397001, 86b3e510}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************

*** ***

*** Your debugger is not using the correct symbols ***

*** ***

*** In order for this command to work properly, your symbol path ***

*** must point to .pdb files that have full type information. ***

*** ***

*** Certain .pdb files (such as the public OS symbols) do not ***

*** contain the required information. Contact the group that ***

*** provided you with these symbols if you need this command to ***

*** work. ***

*** ***

*** Type referenced: nt!_KPRCB ***

*** ***

*************************************************************************

*** ***

*** Your debugger is not using the correct symbols ***

*** ***

*** In order for this command to work properly, your symbol path ***

*** must point to .pdb files that have full type information. ***

*** ***

*** Certain .pdb files (such as the public OS symbols) do not ***

*** contain the required information. Contact the group that ***

*** provided you with these symbols if you need this command to ***

*** work. ***

*** ***

*** Type referenced: nt!KPRCB ***

*** ***

*************************************************************************

*** ***

*** Your debugger is not using the correct symbols ***

*** ***

*** In order for this command to work properly, your symbol path ***

*** must point to .pdb files that have full type information. ***

*** ***

*** Certain .pdb files (such as the public OS symbols) do not ***

*** contain the required information. Contact the group that ***

*** provided you with these symbols if you need this command to ***

*** work. ***

*** ***

*** Type referenced: nt!_KPRCB ***

*** ***

*************************************************************************

*** ***

*** Your debugger is not using the correct symbols ***

*** ***

*** In order for this command to work properly, your symbol path ***

*** must point to .pdb files that have full type information. ***

*** ***

*** Certain .pdb files (such as the public OS symbols) do not ***

*** contain the required information. Contact the group that ***

*** provided you with these symbols if you need this command to ***

*** work. ***

*** ***

*** Type referenced: nt!KPRCB ***

*** ***

*************************************************************************

*** ***

*** Your debugger is not using the correct symbols ***

*** ***

*** In order for this command to work properly, your symbol path ***

*** must point to .pdb files that have full type information. ***

*** ***

*** Certain .pdb files (such as the public OS symbols) do not ***

*** contain the required information. Contact the group that ***

*** provided you with these symbols if you need this command to ***

*** work. ***

*** ***

*** Type referenced: nt!_KPRCB ***

*** ***

*************************************************************************

*** ***

*** Your debugger is not using the correct symbols ***

*** ***

*** In order for this command to work properly, your symbol path ***

*** must point to .pdb files that have full type information. ***

*** ***

*** Certain .pdb files (such as the public OS symbols) do not ***

*** contain the required information. Contact the group that ***

*** provided you with these symbols if you need this command to ***

*** work. ***

*** ***

*** Type referenced: nt!_KPRCB ***

*** ***

*************************************************************************

*** ***

*** Your debugger is not using the correct symbols ***

*** ***

*** In order for this command to work properly, your symbol path ***

*** must point to .pdb files that have full type information. ***

*** ***

*** Certain .pdb files (such as the public OS symbols) do not ***

*** contain the required information. Contact the group that ***

*** provided you with these symbols if you need this command to ***

*** work. ***

*** ***

*** Type referenced: nt!_KPRCB ***

*** ***

*************************************************************************

*********************************************************************

* Symbols can not be loaded because symbol path is not initialized. *

* *

* The Symbol Path can be set by: *

* using the _NT_SYMBOL_PATH environment variable. *

* using the -y argument when starting the debugger. *

* using .sympath and .sympath+ *

*********************************************************************

* Symbols can not be loaded because symbol path is not initialized. *

* *

* The Symbol Path can be set by: *

* using the _NT_SYMBOL_PATH environment variable. *

* using the -y argument when starting the debugger. *

* using .sympath and .sympath+ *

*********************************************************************

Probably caused by : ntoskrnl.exe ( nt+5c58e )

Followup: MachineOwner