TechSpot

Stop: 0x000000d1 DRIVER_IRQL_NOT_LESS_OR_EQUAL

By chi-master
May 24, 2007
  1. Please help

    This is becoming a big problem for me

    ok this is what it says in full

    DRIVER_IRQL_NOT_LESS_OR_EQUAL

    Stop: 0x000000D1 (0x0000000C, 0x00000002, 0x00000000, 0xBA4882AD)


    A3AB.sys - Address BA4882AD base at Ba466000, Datestamp 4137ec 8a



    its that pesky blue screen of death, and it talks about "if you recently installed any software or hardware" which i have done neither

    ok anyways, i've been reading up on some similar issues with the "0x000000d1" and people said they had no virus's and then the problem actually came from a corrupt file from a virus

    now the thing is, I suspected that it was this virus i recently had

    I use avast! antivirus professional, and ad-aware SE personal

    and well, avast alerted me to this virus, and it was a TRICKY bastard

    i eventually had to kill the files that it was saying was the trojan by using this program called "tune up utilities 2007" which has a feature to just annihilate a file permanently.

    anyways so after i got rid of it I thought i was in the clear, I did several deep scans with both programs and they found nothing, including avast's boot time scan

    anyways, I have no clue on how to remedy the error

    The blue screen usually only pops up when im trying to play a game, which is frustrating because i want to finish my games on supreme commander and dawn of war dark crusade

    if you can help please do!

    it would be much appreciated

    ask any questions, and i'll be happy to answer
     
  2. chi-master

    chi-master TS Rookie Topic Starter

    Also, to some one's advice, i used "hijack this" and if any of you could use the information to help me, it would be great, this is what the program said in its log files

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 3:22:10 PM, on 5/24/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\system32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\svchost.exe
    F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    F:\Program Files\Alwil Software\Avast4\ashServ.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
    F:\Program Files\AlienGUIse\wbload.exe
    F:\WINDOWS\Explorer.EXE
    F:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    F:\Program Files\DAEMON Tools\daemon.exe
    F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    F:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    F:\WINDOWS\SOUNDMAN.EXE
    F:\Program Files\CursorXP\CursorXP.exe
    F:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe
    F:\WINDOWS\eHome\ehRecvr.exe
    F:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    F:\WINDOWS\eHome\ehSched.exe
    F:\WINDOWS\system32\nvsvc32.exe
    F:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    F:\Program Files\CyberLink\Shared files\RichVideo.exe
    F:\WINDOWS\system32\svchost.exe
    F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    F:\WINDOWS\system32\dllhost.exe
    F:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
    F:\Program Files\Mozilla Firefox\firefox.exe
    F:\Documents and Settings\Michael\Desktop\HiJackThis_v2.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - F:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - F:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: &Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - F:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - F:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [DAEMON Tools] "F:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ANIWZCS2Service] F:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [CursorXP] F:\Program Files\CursorXP\CursorXP.exe
    O4 - HKCU\..\Run: [TuneUp MemOptimizer] "F:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" autostart
    O4 - Startup: Stardock ObjectDock.lnk = F:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O4 - Global Startup: Run Google Web Accelerator.lnk = F:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - F:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - F:\Program Files\Yahoo!\Common\yinsthelper.dll
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B5EB042E-7B79-4755-96D1-6E1D93A11516}: NameServer = 192.168.0.1
    O20 - AppInit_DLLs: wbsys.dll F:\PROGRA~1\Google\WEBACC~1\FASTSE~1.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - F:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - F:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe LM Service - Adobe Systems - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - F:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - F:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - F:\Program Files\WinPcap\rpcapd.exe (file missing)

    --
    End of file - 6472 bytes
     
  3. Tarkus

    Tarkus TechSpot Ambassador Posts: 621

Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...