Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
This topic is locked
I have PC with Q9650, 4GB memory, PNY nVidia 1.8GB videocard, Windows 7 Ultimate, Avira antivirus.
Everything was fine, but a few days ago I got BSOD with ataport.sys and Stop: 0x0000008E
And after this if I boot normally, Windows 7 Ultimate is crashing every time after a few minutes.
But it's works in safe mode (!), except for today - it crushed after 3 hours of use.
I tried everything: Avira, sfc /scandisk, chkdsk,
Comodo Cleaning Essentials, ComboFix, Windows Memory Test etc.
Some of programs for testing I wasn't able to install
b/c of Safe Mode. And I also can't use System Restore points, it's just fail each time I tried.
I don't want to reinstall Windows and rather will try fix it (of course if it possible to find a solution).
I attached two files with DDS logs.
Thank in advance and please help!
(English is my second language)
These DDS & GMER logs are from Windows 7 in SAFE MODE:
.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by Riverdale at 19:57:14 on 2012-04-20
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3071.1059 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\SeaMonkey\seamonkey.exe
C:\Program Files\SeaMonkey\plugin-container.exe
C:\Program Files\SeaMonkey\plugin-container.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:Tabs
BHO: TBSB01620 Class: {58124a0b-dc32-4180-9bff-e0e21ae34026} - c:\program files\iminent toolbar\tbcore3.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: HrefNewTabBHO Class: {9ee1a6e7-e822-4d0e-9664-815f94b00373} - c:\users\riverdale\appdata\local\epicnewtab\HrefIENewTab.dll
BHO: Facebackgrounds: {b11cbda9-6702-469e-9ce1-64e3971a6b44} - c:\users\riverdale\appdata\local\fb.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: TravelGraspBHO Class: {f1813754-5468-41d5-bb9f-a922bbb20399} - c:\users\riverdale\appdata\local\TravelGrasp.dll
TB: Copernic Desktop Search - Home Toolbar: {4a1c6093-14f9-44d7-860e-5d265cfca9d9} - c:\program files\copernic desktop search - home\toolbar\ToolbarContainer101000325.dll
TB: IMinent Toolbar: {977ae9cc-af83-45e8-9e03-e2798216e2d5} - c:\program files\iminent toolbar\tbcore3.dll
uRun: [SystemExplorerAutoStart] "c:\program files\system explorer\SystemExplorer.exe" /TRAY
uRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
mRun: [Cmaudio8788GX] c:\windows\system\HsMgr.exe Envoke
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
uPolicies-explorer: NoThumbnailCache = 1 (0x1)
uPolicies-explorer: DisableThumbnailsOnNetworkFolders = 1 (0x1)
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{48EC117C-0733-4B33-AC39-B177E543A6D6} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{D657EFC1-6459-4217-9A79-5FB9A4016C88} : DhcpNameServer = 192.168.0.1
STS: FencesShlExt Class: {1984dd45-52cf-49cd-ab77-18f378fea264} - c:\program files\stardock\fences\FencesMenu.dll
SEH: Directory Opus Shell Execute Hook: {3cf9ece0-1a9f-11d2-8c73-00c06c2005de} - c:\program files\gpsoftware\directory opus\dopuslib.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\riverdale\appdata\roaming\mozilla\firefox\profiles\w849fygt.default\
FF - prefs.js: browser.search.selectedEngine -
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - f4e8f8ff-cfc3-450b-add0-6dd42f776bd6
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,TopRelatedTopics,BestVideoDownloader,
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-4-19 242240]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2007-8-2 22784]
R3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\drivers\netr28u.sys [2009-5-25 734208]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S1 SCT_SKMScan;SCT_SKMScan;c:\windows\system32\drivers\sct_skmscan.sys [2011-3-9 33568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-7-19 136176]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-3-7 654408]
S2 MDES;DVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-3-24 319488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-26 253088]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 cmudaxp;ASUS Xonar Essence STX Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [2011-7-19 1760256]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-7-19 136176]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-7-20 22344]
S3 qfumxu;qfumxu;c:\program files\comodo cleaning essentials\cce_1.6.183539.73_x32\cce\ccekrnl.dat [2012-2-13 320808]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-7-20 15872]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2011-12-10 27192]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
S3 SystemExplorerHelpService;System Explorer Service;c:\program files\system explorer\service\SystemExplorerService.exe [2012-2-23 536208]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-20 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-7-19 1343400]
S3 zhuqix;zhuqix;c:\program files\comodo cleaning essentials\cce_1.6.183539.73_x32\cce\ccekrnl.dat [2012-2-13 320808]
.
=============== Created Last 30 ================
.
2012-04-20 22:44:01 -------- d-----w- c:\programdata\ErrorEND
2012-04-20 22:43:56 -------- d-----w- c:\program files\ErrorEND
2012-04-20 22:41:47 -------- d-----w- c:\program files\NirSoft
2012-04-20 22:25:32 -------- d-----w- C:\Intel
2012-04-20 18:53:26 -------- d-sh--w- C:\$RECYCLE.BIN
2012-04-20 18:53:25 -------- d-----w- c:\users\riverdale\appdata\local\temp
2012-04-20 01:26:45 -------- d-----w- c:\users\riverdale\appdata\roaming\SpeedyPC Software
2012-04-20 01:26:45 -------- d-----w- c:\users\riverdale\appdata\roaming\DriverCure
2012-04-20 01:26:21 -------- d-----w- c:\programdata\SpeedyPC Software
2012-04-20 00:17:44 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-04-19 13:42:29 -------- d-----w- C:\CCE_Quarantine
2012-04-19 13:30:45 -------- d-----w- c:\program files\Comodo Cleaning Essentials
2012-04-19 03:42:03 -------- d-----w- c:\program files\Avast aswMBR 0.9.9
2012-04-19 03:22:03 -------- d-----w- c:\windows\system32\wbem\repository
2012-04-19 03:03:17 -------- d-----w- c:\program files\Kaspersky TDSSKiller
2012-04-19 02:56:39 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-19 02:55:38 624480 ----a-w- C:\DriverUpdate-setup.exe
2012-04-19 02:12:21 -------- d-----w- c:\programdata\Sophos
2012-04-19 02:12:18 73728 ----a-r- c:\users\riverdale\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2012-04-19 02:12:18 73728 ----a-r- c:\users\riverdale\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2012-04-19 02:12:18 73728 ----a-r- c:\users\riverdale\appdata\roaming\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\ARPPRODUCTICON.exe
2012-04-19 02:12:15 -------- d-----w- c:\program files\Sophos
2012-04-18 16:41:06 28488 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2012-04-18 14:39:50 -------- d-----w- c:\program files\GMER 1.0.15.15641
2012-04-15 04:04:04 -------- d-----w- c:\users\riverdale\appdata\roaming\foobar2000
2012-04-15 04:03:54 -------- d-----w- c:\program files\foobar2000
2012-04-11 07:01:05 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-11 07:01:05 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-11 07:01:05 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-04-11 07:01:05 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-11 07:00:47 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 07:00:46 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-07 03:55:17 -------- d-----w- c:\program files\TSTTB
2012-04-06 01:50:15 -------- d-----w- c:\program files\PDF-XChange Viewer
2012-04-05 15:10:31 -------- d-----w- c:\users\riverdale\appdata\local\Tracker Software
2012-04-04 03:09:52 -------- d-----w- c:\program files\EA
2012-03-27 13:14:43 -------- d-----w- c:\users\riverdale\appdata\roaming\Key Metric Software
2012-03-27 13:14:43 -------- d-----w- c:\program files\Key Metric Software
2012-03-27 13:14:43 -------- d-----w- c:\program files\common files\Key Metric Software
2012-03-27 13:14:38 -------- dc-h--w- c:\programdata\{E918F213-70D6-413C-ADD5-BC8B1B755B23}
2012-03-27 02:16:53 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-27 02:16:53 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-23 04:42:37 -------- d-----w- c:\users\riverdale\appdata\roaming\MediaMonkey
2012-03-23 04:42:33 -------- d-----w- c:\programdata\MediaMonkey
2012-03-23 04:42:30 -------- d-----w- c:\program files\MediaMonkey
.
==================== Find3M ====================
.
2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-20 01:47:44 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2012-02-17 05:34:22 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-02-17 05:34:22 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14:08 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13:22 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-10 05:38:43 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-02-03 03:54:27 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-01-25 05:32:35 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-01-25 05:32:34 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-01-25 05:27:51 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2010-01-26 15:11:08 444283 ----a-w- c:\program files\common files\WinPcapNmap.exe
.
============= FINISH: 19:57:25.69 ===============
Attached Files
-
dds.txt 12.38K
0 downloads
-
attach.txt 26.59K
7 downloads
-
ark.txt 9.57K
4 downloads
Back to top
