DRIVER_VERIFIER_DETECTED_VIOLATION - pawlacco - 15.09.2014 23:39
Mam taki(e) problem(y) ze sterownikami. Wie ktos, co poradzic...?
RE: DRIVER_VERIFIER_DETECTED_VIOLATION - thermalfake - 16.09.2014 06:59
Widać tylko 3 różne bsody i praktycznie nic więcej bo obrazek nie powiększa się a poza tym je trzeba debugować.
Więc proszę podesłać mini zrzuty.
RE: DRIVER_VERIFIER_DETECTED_VIOLATION - pawlacco - 16.09.2014 14:45
Sorry, zle wrzucilem
http://www.fotosik.pl/pokaz_obrazek/pelny/64d2acc3d351c649.html
RE: DRIVER_VERIFIER_DETECTED_VIOLATION - thermalfake - 16.09.2014 16:19
Nie wiem czy Ty nadal śpisz ale ja prosiłem o mini zrzuty czyli pliki dmp do analizy z widocznej nawet lokalizacji ze zrzutu. Masz 3 różne rodzaje bsodów z jednego dnia.
Mechanik widząc auto tylko z obrazka też niewiele jest w stanie zrobić.
RE: DRIVER_VERIFIER_DETECTED_VIOLATION - pawlacco - 17.09.2014 00:01
http://www71.zippyshare.com/v/25599990/file.html
RE: DRIVER_VERIFIER_DETECTED_VIOLATION - thermalfake - 17.09.2014 23:07
To co teraz podesłałeś to zupełnie inna nazwa pliku niż to co widziałem w BSV.
Także spakuj całość i wtedy wyślij.
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
Z tego błędu wynika iż nie zakończyłeś weryfikacji sterowników stąd nadal sypie bsodami z niepoprawnie pracującymi driverami. Aby to zrobić w wierszu poleceń wpisz verifier /reset
Ogólnie odnaleziono błąd krytyczny podczas testowania sterownika przez weryfikator sterowników (Driver Verifier).
Więcej o konkretnym błędzie może powiedzieć pierwszy argument jak i szczegółowa analiza stosu wywołań jak i rejestry procesora.
Pierwszy argument który ma zastosowanie od Win 7 wzwyż wskazuje iż sterownik robi referencję do obiektu w trybie jądra (kernel mode) - przestrzeni adresów w tym trybie zamiast w trybie użytkownika (user mode). Ten pierwszy ma dostęp niskopoziomowy do zasobów sprzętowych.
Na stosie wywołań pojawia się
bdfsfltr.sys Wed Mar 23 14:49:13 2011 (4D89FA59)
BitDefender AntiVirus FS filter driver
W tym wypadku jest on przyczyną tego bsoda.
Moje uwagi są następujące
- stare sterowniki do aktualizacji o ile istnieją
e100b325.sys Fri Nov 16 19:53:32 2007 (473DE72C)
Intel PRO/100 Adapter NDIS 5.1 driver
atikmdag.sys Fri Apr 24 12:50:20 2009 (49F1996C)
ATI Video driver
ssmdrv.sys Tue May 5 12:05:18 2009 (4A000F5E)
Avira anti-virus
- podejrzane
1C2863933 1C2863933.sys Fri Apr 18 11: 28: 30 2014 (5350F03E)
1C5E3747C 1C5E3747C.sys Wed Jun 11 12: 00: 23 2014 (539828B7)
- zdecyduj się na jedno rozwiązanie chroniące komputer plus oprogramowanie do czyszczenia malware'u
U Ciebie jest Avira i Bitdefender AV do kupy razem wzięte.
Kod:
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: srv*c: \symbols*http: //msdl.microsoft.com/download/symbols;symsrv*symsrv.dll*c: \symb*http: //msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17592.x86fre.win7sp1_gdr.110408-1631
Machine Name:
Kernel base = 0x81a4a000 PsLoadedModuleList = 0x81b934d0
Debug session time: Tue Sep 16 07: 47: 11.674 2014 (UTC + 2: 00)
System Uptime: 0 days 2: 54: 43.206
Loading Kernel Symbols
...............................................................
................................................................
................
Loading User Symbols
Loading unloaded module list
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 000000f6, Referencing user handle as KernelMode.
Arg2: 00000ee8, Handle value being referenced.
Arg3: 94953030, Address of the current process.
Arg4: 8c117cae, Address inside the driver that is performing the incorrect reference.
Debugging Details:
------------------
*** WARNING: Unable to verify timestamp for bdfsfltr.sys
*** ERROR: Module load completed but symbols could not be loaded for bdfsfltr.sys
*** WARNING: Unable to verify timestamp for 1C2863933.sys
*** ERROR: Module load completed but symbols could not be loaded for 1C2863933.sys
BUGCHECK_STR: 0xc4_f6
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: explorer.exe
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 81d80f1f to 81b28f2c
STACK_TEXT:
8fcf124c 81d80f1f 000000c4 000000f6 00000ee8 nt!KeBugCheckEx+0x1e
8fcf126c 81d85782 00000ee8 94953030 b6ccf378 nt!VerifierBugCheckIfAppropriate+0x30
8fcf1300 81c6bf6b 00000000 00002000 bdf30000 nt!VfCheckUserHandle+0x14f
8fcf1334 81c6be25 00000ee8 00000001 843dbeb0 nt!ObReferenceObjectByHandleWithTag+0x13b
8fcf1358 81ca3b07 00000ee8 00000001 843dbeb0 nt!ObReferenceObjectByHandle+0x21
8fcf13f0 81a881ea 00000ee8 ae487000 00002000 nt!NtQueryDirectoryObject+0x113
8fcf13f0 81a868e5 00000ee8 ae487000 00002000 nt!KiFastCallEntry+0x12a
8fcf1484 8c1174ed 00000ee8 ae487000 00002000 nt!ZwQueryDirectoryObject+0x11
WARNING: Stack unwind information not available. Following frames may be wrong.
8fcf1608 8c117cae 94953030 94055aa4 8fcf1678 bdfsfltr+0x334ed
8fcf16c8 8c0e5804 999e6068 94055a80 03dd92b0 bdfsfltr+0x33cae
8fcf1818 849bf627 999e6068 8fcf18b0 8fcf18dc bdfsfltr+0x1804
8fcf1890 8499aaeb 999e6068 8fcf18b0 8fcf18dc fltmgr!FltvPreOperation+0x81
8fcf18fc 8499d9f0 8fcf1940 b8fbef00 00000000 fltmgr!FltpPerformPreCallbacks+0x34d
8fcf1914 849b11fe 8fcf1940 849b4f3c 00000000 fltmgr!FltpPassThroughInternal+0x40
8fcf1928 849b18b7 8fcf1940 88a0a318 8129e890 fltmgr!FltpCreateInternal+0x24
8fcf196c 81d7b6c3 88a0a318 999b3008 b8fbefd4 fltmgr!FltpCreate+0x2c9
8fcf1990 81a8154a 00000000 b8fbeff8 88a0a318 nt!IovCallDriver+0x258
8fcf19a4 bb667d58 999e6ad0 9984d728 b8fbef00 nt!IofCallDriver+0x1b
8fcf1a44 bb6563cc 999e6ad0 b8fbef00 8fcf1a68 1C2863933+0x14d58
8fcf1a54 bb655541 999e6ad0 b8fbef00 b8fbef00 1C2863933+0x33cc
8fcf1a68 81d7b6c3 999e6ad0 b8fbef00 99861d00 1C2863933+0x2541
8fcf1a8c 81a8154a 00000000 99861d5c 999e6ad0 nt!IovCallDriver+0x258
8fcf1aa0 81c902ad dca77e99 8fcf1c48 00000000 nt!IofCallDriver+0x1b
8fcf1b78 81c6fab5 81383030 8534ceb0 8a311008 nt!IopParseDevice+0xed7
8fcf1bf4 81c7fec6 00000000 8fcf1c48 00000040 nt!ObpLookupObjectName+0x4fa
8fcf1c50 81c769a4 05b8e2bc 8534ceb0 81adb201 nt!ObOpenObjectByName+0x165
8fcf1ccc 81c7cb2a 049dff64 80100000 05b8e2bc nt!IopCreateFile+0x673
8fcf1d14 81a881ea 049dff64 80100000 05b8e2bc nt!NtOpenFile+0x2a
8fcf1d14 77b764f4 049dff64 80100000 05b8e2bc nt!KiFastCallEntry+0x12a
05b8e300 00000000 00000000 00000000 00000000 0x77b764f4
STACK_COMMAND: kb
FOLLOWUP_IP:
bdfsfltr+334ed
8c1174ed 8bf0 mov esi,eax
SYMBOL_STACK_INDEX: 8
SYMBOL_NAME: bdfsfltr+334ed
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: bdfsfltr
IMAGE_NAME: bdfsfltr.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4d89fa59
FAILURE_BUCKET_ID: 0xc4_f6_bdfsfltr+334ed
BUCKET_ID: 0xc4_f6_bdfsfltr+334ed
Followup: MachineOwner
---------
CPUID: "Intel(R) Pentium(R) D CPU 3.00GHz"
MaxSpeed: 3000
CurrentSpeed: 3000
[SMBIOS Data Tables v2.4]
[DMI Version - 0]
[2.0 Calling Convention - No]
[Table Size - 2524 bytes]
[BIOS Information (Type 0) - Length 24 - Handle 0000h]
Vendor Phoenix Technologies, LTD
BIOS Version 3.17
BIOS Starting Address Segment e000
BIOS Release Date 04/20/2006
BIOS ROM Size 80000
BIOS Characteristics
04: - ISA Supported
07: - PCI Supported
09: - Plug and Play Supported
10: - APM Supported
11: - Upgradeable FLASH BIOS
12: - BIOS Shadowing Supported
15: - CD-Boot Supported
16: - Selectable Boot Supported
17: - BIOS ROM Socketed
19: - EDD Supported
22: - 360KB Floppy Supported
23: - 1.2MB Floppy Supported
24: - 720KB Floppy Supported
25: - 2.88MB Floppy Supported
26: - Print Screen Device Supported
27: - Keyboard Services Supported
28: - Serial Services Supported
29: - Printer Services Supported
30: - CGA/Mono Services Supported
49: - System Vendor Reserved
BIOS Characteristic Extensions
00: - ACPI Supported
01: - USB Legacy Supported
04: - LS120-Boot Supported
05: - ATAPI ZIP-Boot Supported
08: - BIOS Boot Specification Supported
09: - Fn-Key NET-Boot Supported
BIOS Major Revision 3
BIOS Minor Revision 15
EC Firmware Major Revision 255
EC Firmware Minor Revision 255
[System Information (Type 1) - Length 27 - Handle 0001h]
Manufacturer HP Pavilion 061
Product Name ED845AA-ABA M7277C
Version 0qn1114RE101LITHI00
Serial Number
UUID 00000000-0000-0000-0000-000000000000
Wakeup Type Power Switch
SKUNumber
Family
[BaseBoard Information (Type 2) - Length 8 - Handle 0002h]
Manufacturer ASUSTek Computer INC.
Product LITHIUM
Version 1.05
Serial Number
[System Enclosure (Type 3) - Length 17 - Handle 0003h]
Manufacturer
Chassis Type Desktop
Version 1111
Serial Number
Asset Tag Number
Bootup State Safe
Power Supply State Safe
Thermal State Safe
Security Status None
OEM Defined 0
[Processor Information (Type 4) - Length 35 - Handle 0004h]
Socket Designation Socket 775
Processor Type Central Processor
Processor Family 01h - Other
Processor Manufacturer Intel
Processor ID 440f0000fffbebbf
Processor Version Intel(R) Pentium(R) D CPU 3.00GHz
Processor Voltage 8dh - 1.3V
External Clock 200MHz
Max Speed 3800MHz
Current Speed 3000MHz
Status Enabled Populated
Processor Upgrade ZIF Socket
L1 Cache Handle 000ah
L2 Cache Handle 000bh
L3 Cache Handle 000ch
Serial Number
Asset Tag Number
Part Number
[Memory Controller Information (Type 5) - Length 24 - Handle 0005h]
Error Detecting Method 04h - 8-bit Parity
Error Correcting Capability 04h - None
Supported Interleave 03h - One Way Interleave
Current Interleave 03h - One Way Interleave
Maximum Memory Module Size 0ah - 1024MB
Supported Speeds 0001h - Other
Supported Memory Types 0001h - Other
Memory Module Voltage 5V
Number of Memory Slots 4
Memory Slot Handle 0006h
Memory Slot Handle 0007h
Memory Slot Handle 0008h
Memory Slot Handle 0009h
Enabled Err Correcting Caps 04h - None
[Memory Module Information (Type 6) - Length 12 - Handle 0006h]
Socket Designation A0
Bank Connections 01h - 1 0
Current Speed 1ns
Current Memory Type 0001h - Other
Installed Size 8ah - 1024 [double bank]
Enabled Size 8ah - 1024 [double bank]
Error Status 00h - [No Errors]
[Memory Module Information (Type 6) - Length 12 - Handle 0007h]
Socket Designation A1
Bank Connections 23h - 3 2
Current Speed 35ns
Current Memory Type 0001h - Other
Installed Size 8ah - 1024 [double bank]
Enabled Size 8ah - 1024 [double bank]
Error Status 00h - [No Errors]
[Memory Module Information (Type 6) - Length 12 - Handle 0008h]
Socket Designation A2
Bank Connections 45h - 5 4
Current Speed 69ns
Current Memory Type 0001h - Other
Installed Size 8ah - 1024 [double bank]
Enabled Size 8ah - 1024 [double bank]
Error Status 00h - [No Errors]
[Memory Module Information (Type 6) - Length 12 - Handle 0009h]
Socket Designation A3
Bank Connections 67h - 7 6
Current Speed 103ns
Current Memory Type 0001h - Other
Installed Size 8ah - 1024 [double bank]
Enabled Size 8ah - 1024 [double bank]
Error Status 00h - [No Errors]
[Cache Information (Type 7) - Length 19 - Handle 000ah]
Socket Designation L1 Cache
Cache Configuration 0180h - WB Enabled Int NonSocketed L1
Maximum Cache Size 0010h - 16K
Installed Size 0010h - 16K
Supported SRAM Type 0020h - Synchronous
Current SRAM Type 0020h - Synchronous
Cache Speed 0ns
Error Correction Type Multi-Bit ECC
System Cache Type Data
Associativity 4-way Set-Associative
[Cache Information (Type 7) - Length 19 - Handle 000bh]
Socket Designation L2 Cache
Cache Configuration 0181h - WB Enabled Int NonSocketed L2
Maximum Cache Size 0400h - 1024K
Installed Size 0400h - 1024K
Supported SRAM Type 0020h - Synchronous
Current SRAM Type 0020h - Synchronous
Cache Speed 0ns
Error Correction Type Multi-Bit ECC
System Cache Type Unified
Associativity 4-way Set-Associative
[Cache Information (Type 7) - Length 19 - Handle 000ch]
Socket Designation L3 Cache
Cache Configuration 0202h - Varies Disabled Int NonSocketed L3
Maximum Cache Size 0000h - 0K
Installed Size 0000h - 0K
Supported SRAM Type 0020h - Synchronous
Current SRAM Type 0020h - Synchronous
Cache Speed 0ns
Error Correction Type Unknown
System Cache Type Unknown
Associativity Unknown
[Onboard Devices Information (Type 10) - Length 12 - Handle 0026h]
Number of Devices 4
01: Type Other [enabled]
01: Description
02: Type Video [disabled]
02: Description
03: Type Ethernet [enabled]
03: Description
04: Type Sound [enabled]
04: Description
[Physical Memory Array (Type 16) - Length 15 - Handle 0028h]
Location 03h - SystemBoard/Motherboard
Use 03h - System Memory
Memory Error Correction 03h - None
Maximum Capacity 4194304KB
Memory Error Inf Handle [Not Provided]
Number of Memory Devices 4
[Memory Device (Type 17) - Length 27 - Handle 0029h]
Physical Memory Array Handle 0028h
Memory Error Info Handle [Not Provided]
Total Width 64 bits
Data Width 64 bits
Size 1024MB
Form Factor 09h - DIMM
Device Set [None]
Device Locator A0
Bank Locator Bank0/1
Memory Type 13h - Specification Reserved
Type Detail 0080h - Synchronous
Speed 533MHz
Manufacturer None
Serial Number
Asset Tag Number
Part Number None
[Memory Device (Type 17) - Length 27 - Handle 002ah]
Physical Memory Array Handle 0028h
Memory Error Info Handle [Not Provided]
Total Width 64 bits
Data Width 64 bits
Size 1024MB
Form Factor 09h - DIMM
Device Set [None]
Device Locator A1
Bank Locator Bank2/3
Memory Type 13h - Specification Reserved
Type Detail 0080h - Synchronous
Speed 533MHz
Manufacturer None
Serial Number
Asset Tag Number
Part Number None
[Memory Device (Type 17) - Length 27 - Handle 002bh]
Physical Memory Array Handle 0028h
Memory Error Info Handle [Not Provided]
Total Width 64 bits
Data Width 64 bits
Size 1024MB
Form Factor 09h - DIMM
Device Set [None]
Device Locator A2
Bank Locator Bank4/5
Memory Type 13h - Specification Reserved
Type Detail 0080h - Synchronous
Speed 533MHz
Manufacturer None
Serial Number
Asset Tag Number
Part Number None
[Memory Device (Type 17) - Length 27 - Handle 002ch]
Physical Memory Array Handle 0028h
Memory Error Info Handle [Not Provided]
Total Width 64 bits
Data Width 64 bits
Size 1024MB
Form Factor 09h - DIMM
Device Set [None]
Device Locator A3
Bank Locator Bank6/7
Memory Type 13h - Specification Reserved
Type Detail 0080h - Synchronous
Speed 533MHz
Manufacturer None
Serial Number
Asset Tag Number
Part Number None
[Memory Array Mapped Address (Type 19) - Length 15 - Handle 002dh]
Starting Address 00000000h
Ending Address 003fffffh
Memory Array Handle 0028h
Partition Width 01
[Memory Device Mapped Address (Type 20) - Length 19 - Handle 002eh]
Starting Address 00000000h
Ending Address 000fffffh
Memory Device Handle 0029h
Mem Array Mapped Adr Handle 002dh
Partition Row Position 01
Interleave Position [None]
Interleave Data Depth [None]
[Memory Device Mapped Address (Type 20) - Length 19 - Handle 002fh]
Starting Address 00100000h
Ending Address 001fffffh
Memory Device Handle 002ah
Mem Array Mapped Adr Handle 002dh
Partition Row Position 01
Interleave Position [None]
Interleave Data Depth [None]
[Memory Device Mapped Address (Type 20) - Length 19 - Handle 0030h]
Starting Address 00200000h
Ending Address 002fffffh
Memory Device Handle 002bh
Mem Array Mapped Adr Handle 002dh
Partition Row Position 01
Interleave Position [None]
Interleave Data Depth [None]
[Memory Device Mapped Address (Type 20) - Length 19 - Handle 0031h]
Starting Address 00300000h
Ending Address 003fffffh
Memory Device Handle 002ch
Mem Array Mapped Adr Handle 002dh
Partition Row Position 01
Interleave Position [None]
Interleave Data Depth [None]
[OEM Strings (Type 11) - Length 5 - Handle 0033h]
Number of Strings 16
1 bid=54NAemMPC1,54NAemMPC1;ARDY;C_GC;DLED;IS.N60d;KBDRV;MDVD_STD;
2 MSENC;MSMON_STD;PROD_MSWORKS;QUIF_NUE;RP_STD;SDMED_PLS;SFCHK;WD_
3 SE;##
4
5
6
7
8
9
10
11
12
13
14
15
16
start end module name
8a6a1000 8a6cd000 1394ohci 1394ohci.sys Tue Jul 14 01: 51: 59 2009 (4A5BC89F)
bb653000 bb69ad00 1C2863933 1C2863933.sys Fri Apr 18 11: 28: 30 2014 (5350F03E)
bb69b000 bb6bde80 1C5E3747C 1C5E3747C.sys Wed Jun 11 12: 00: 23 2014 (539828B7)
84ab6000 84afe000 ACPI ACPI.sys Tue Jul 14 01: 11: 11 2009 (4A5BBF0F)
89458000 894b2000 afd afd.sys Tue Jul 14 01: 12: 34 2009 (4A5BBF62)
8a70e000 8a720000 AgileVpn AgileVpn.sys Tue Jul 14 01: 55: 00 2009 (4A5BC954)
84a23000 84a2c000 amdxata amdxata.sys Tue May 19 19: 57: 35 2009 (4A12F30F)
84be2000 84beb000 atapi atapi.sys Tue Jul 14 01: 11: 15 2009 (4A5BBF13)
84a00000 84a23000 ataport ataport.SYS Tue Jul 14 01: 11: 18 2009 (4A5BBF16)
8c084000 8c09c000 AtihdW73 AtihdW73.sys Thu Feb 23 13: 29: 48 2012 (4F46313C)
8b820000 8bc74000 atikmdag atikmdag.sys Fri Apr 24 12: 50: 20 2009 (49F1996C)
8cba7000 8cbc5000 avgntflt avgntflt.sys Wed Apr 30 18: 33: 30 2014 (536125DA)
8a64a000 8a66e000 avipbb avipbb.sys Thu Mar 20 08: 45: 01 2014 (532A9C7D)
8a63e000 8a64a000 avkmgr avkmgr.sys Mon Sep 16 13: 13: 08 2013 (5236E7C4)
8c827000 8c829680 awealloc awealloc.sys Thu Jun 13 23: 01: 15 2013 (51BA331B)
8c0e4000 8c138900 bdfsfltr bdfsfltr.sys Wed Mar 23 14: 49: 13 2011 (4D89FA59)
84df9000 84e00000 Beep Beep.SYS Tue Jul 14 01: 45: 00 2009 (4A5BC6FC)
8a630000 8a63e000 blbdrive blbdrive.sys Tue Jul 14 01: 23: 04 2009 (4A5BC1D8)
848a3000 848ab000 BOOTVID BOOTVID.dll Tue Jul 14 03: 04: 34 2009 (4A5BD9A2)
8f590000 8f5ae000 cdd cdd.dll Tue Jul 14 03: 04: 18 2009 (4A5BD992)
8a600000 8a616000 cdfs cdfs.sys Tue Jul 14 01: 11: 14 2009 (4A5BBF12)
84c08000 84c27000 cdrom cdrom.sys Sat Nov 20 09: 38: 09 2010 (4CE788F1)
848ed000 84998000 CI CI.dll Tue Jul 14 03: 09: 28 2009 (4A5BDAC8)
84dab000 84dd0000 CLASSPNP CLASSPNP.SYS Tue Jul 14 01: 11: 20 2009 (4A5BBF18)
848ab000 848ed000 CLFS CLFS.SYS Tue Jul 14 01: 11: 10 2009 (4A5BBF0E)
84e37000 84e94000 cng cng.sys Tue Jul 14 01: 32: 55 2009 (4A5BC427)
8a701000 8a70e000 CompositeBus CompositeBus.sys Tue Jul 14 01: 45: 26 2009 (4A5BC716)
8cb12000 8cb1f000 crashdmp crashdmp.sys Tue Jul 14 01: 45: 50 2009 (4A5BC72E)
89400000 89418000 dfsc dfsc.sys Tue Jul 14 01: 14: 16 2009 (4A5BBFC8)
895ef000 895fb000 discache discache.sys Tue Jul 14 01: 24: 04 2009 (4A5BC214)
84fe6000 84ff7000 disk disk.sys Tue Jul 14 01: 11: 28 2009 (4A5BBF20)
8c0cb000 8c0e4000 drmk drmk.sys Tue Jul 14 02: 36: 05 2009 (4A5BD2F5)
8cb2a000 8cb33000 dump_atapi dump_atapi.sys Tue Jul 14 01: 11: 15 2009 (4A5BBF13)
8cb1f000 8cb2a000 dump_ataport dump_ataport.sys Tue Jul 14 01: 11: 16 2009 (4A5BBF14)
8cb33000 8cb44000 dump_dumpfve dump_dumpfve.sys Tue Jul 14 01: 12: 47 2009 (4A5BBF6F)
8cb44000 8cb4e000 Dxapi Dxapi.sys Tue Jul 14 01: 25: 25 2009 (4A5BC265)
8bc74000 8bd2b000 dxgkrnl dxgkrnl.sys Tue Jul 14 01: 26: 15 2009 (4A5BC297)
8bd2b000 8bd64000 dxgmms1 dxgmms1.sys Tue Jul 14 01: 25: 25 2009 (4A5BC265)
8a6cd000 8a6f3e00 e100b325 e100b325.sys Fri Nov 16 19: 53: 32 2007 (473DE72C)
84beb000 84bfc000 fileinfo fileinfo.sys Tue Jul 14 01: 21: 51 2009 (4A5BC18F)
84998000 849cc000 fltmgr fltmgr.sys Tue Jul 14 01: 11: 13 2009 (4A5BBF11)
84ea2000 84eab000 Fs_Rec Fs_Rec.sys Tue Jul 14 01: 11: 14 2009 (4A5BBF12)
84c27000 84c36000 FsDepends FsDepends.sys Tue Jul 14 01: 15: 38 2009 (4A5BC01A)
84e00000 84e32000 fvevol fvevol.sys Tue Jul 14 01: 13: 01 2009 (4A5BBF7D)
8517c000 851ad000 fwpkclnt fwpkclnt.sys Tue Jul 14 01: 12: 03 2009 (4A5BBF43)
81a13000 81a4a000 hal halmacpi.dll Tue Jul 14 01: 11: 03 2009 (4A5BBF07)
8bd64000 8bd83000 HDAudBus HDAudBus.sys Tue Jul 14 01: 50: 55 2009 (4A5BC85F)
8cb72000 8cb85000 HIDCLASS HIDCLASS.SYS Sat Nov 20 10: 59: 37 2010 (4CE79C09)
8cb85000 8cb8b480 HIDPARSE HIDPARSE.SYS Tue Jul 14 01: 50: 59 2009 (4A5BC863)
8cb67000 8cb72000 hidusb hidusb.sys Sat Nov 20 10: 59: 38 2010 (4CE79C0A)
84fde000 84fe6000 hwpolicy hwpolicy.sys Tue Jul 14 01: 11: 01 2009 (4A5BBF05)
8b800000 8b818000 i8042prt i8042prt.sys Tue Jul 14 01: 11: 23 2009 (4A5BBF1B)
8c000000 8c01e000 idmwfp idmwfp.sys Mon Jun 09 00: 40: 46 2014 (5394E66E)
8c82a000 8c830c80 imdisk imdisk.sys Thu Jun 13 23: 01: 11 2013 (51BA3317)
84bb0000 84bb7000 intelide intelide.sys Tue Jul 14 01: 11: 19 2009 (4A5BBF17)
8a68f000 8a6a1000 intelppm intelppm.sys Tue Jul 14 01: 11: 03 2009 (4A5BBF07)
8a7ab000 8a7b8000 kbdclass kbdclass.sys Tue Jul 14 01: 11: 15 2009 (4A5BBF13)
8cbc5000 8cbd1000 kbdhid kbdhid.sys Sat Nov 20 10: 50: 10 2010 (4CE799D2)
81926000 8192e000 kdcom kdcom.dll Tue Jul 14 03: 08: 58 2009 (4A5BDAAA)
8a7b8000 8a7ec000 ks ks.sys Tue Jul 14 01: 45: 13 2009 (4A5BC709)
84d98000 84dab000 ksecdd ksecdd.sys Tue Jul 14 01: 11: 56 2009 (4A5BBF3C)
84fa0000 84fc5000 ksecpkg ksecpkg.sys Tue Jul 14 01: 34: 00 2009 (4A5BC468)
8c817000 8c827000 lltdio lltdio.sys Tue Jul 14 01: 53: 18 2009 (4A5BC8EE)
8cb8c000 8cba7000 luafv luafv.sys Tue Jul 14 01: 15: 44 2009 (4A5BC020)
8481a000 84892000 mcupdate mcupdate.dll Tue Jul 14 03: 06: 41 2009 (4A5BDA21)
8a6f4000 8a701000 mouclass mouclass.sys Tue Jul 14 01: 11: 15 2009 (4A5BBF13)
84bcc000 84be2000 mountmgr mountmgr.sys Tue Jul 14 01: 11: 27 2009 (4A5BBF1F)
8c139000 8c14b000 mpsdrv mpsdrv.sys Tue Jul 14 01: 52: 52 2009 (4A5BC8D4)
8941d000 89428000 Msfs Msfs.SYS Tue Jul 14 01: 11: 26 2009 (4A5BBF1E)
84b07000 84b0f000 msisadrv msisadrv.sys Tue Jul 14 01: 11: 09 2009 (4A5BBF0D)
84d6d000 84d98000 msrpc msrpc.sys Tue Jul 14 01: 11: 59 2009 (4A5BBF3F)
895ce000 895d8000 mssmbios mssmbios.sys Tue Jul 14 01: 19: 25 2009 (4A5BC0FD)
84fce000 84fde000 mup mup.sys Tue Jul 14 01: 14: 14 2009 (4A5BBFC6)
84eab000 84f62000 ndis ndis.sys Tue Jul 14 01: 12: 24 2009 (4A5BBF58)
8a738000 8a743000 ndistapi ndistapi.sys Tue Jul 14 01: 54: 24 2009 (4A5BC930)
8a743000 8a765000 ndiswan ndiswan.sys Tue Jul 14 01: 54: 34 2009 (4A5BC93A)
8c073000 8c084000 NDProxy NDProxy.SYS Tue Jul 14 01: 54: 27 2009 (4A5BC933)
8950a000 89518000 netbios netbios.sys Tue Jul 14 01: 53: 54 2009 (4A5BC912)
894b2000 894e4000 netbt netbt.sys Tue Jul 14 01: 12: 18 2009 (4A5BBF52)
84f62000 84fa0000 NETIO NETIO.SYS Tue Jul 14 01: 12: 35 2009 (4A5BBF63)
89428000 89436000 Npfs Npfs.SYS Tue Jul 14 01: 11: 31 2009 (4A5BBF23)
895c4000 895ce000 nsiproxy nsiproxy.sys Tue Jul 14 01: 12: 08 2009 (4A5BBF48)
81a4a000 81e5c000 nt ntkrpamp.exe Sat Apr 09 05: 49: 39 2011 (4D9FD753)
84c3e000 84d6d000 Ntfs Ntfs.sys Tue Jul 14 01: 12: 05 2009 (4A5BBF45)
84c36000 84c3d000 Null Null.SYS Tue Jul 14 01: 11: 12 2009 (4A5BBF10)
84fc5000 84fce000 NVAMACPI NVAMACPI.sys Wed Nov 25 02: 33: 42 2009 (4B0C8976)
894eb000 8950a000 pacer pacer.sys Tue Jul 14 01: 53: 58 2009 (4A5BC916)
8bde8000 8be00000 parport parport.sys Tue Jul 14 01: 45: 34 2009 (4A5BC71E)
84b44000 84b55000 partmgr partmgr.sys Tue Jul 14 01: 11: 35 2009 (4A5BBF27)
84b0f000 84b39000 pci pci.sys Tue Jul 14 01: 11: 16 2009 (4A5BBF14)
84bc5000 84bcc000 pciide pciide.sys Tue Jul 14 01: 11: 19 2009 (4A5BBF17)
84bb7000 84bc5000 PCIIDEX PCIIDEX.SYS Tue Jul 14 01: 11: 15 2009 (4A5BBF13)
84e94000 84ea2000 pcw pcw.sys Tue Jul 14 01: 11: 10 2009 (4A5BBF0E)
8c14b000 8c1e2000 peauth peauth.sys Tue Jul 14 02: 35: 44 2009 (4A5BD2E0)
8c09c000 8c0cb000 portcls portcls.sys Tue Jul 14 01: 51: 00 2009 (4A5BC864)
84892000 848a3000 PSHED PSHED.dll Tue Jul 14 03: 09: 36 2009 (4A5BDAD0)
8a720000 8a738000 rasl2tp rasl2tp.sys Tue Jul 14 01: 54: 33 2009 (4A5BC939)
8a765000 8a77d000 raspppoe raspppoe.sys Tue Jul 14 01: 54: 53 2009 (4A5BC94D)
8a77d000 8a794000 raspptp raspptp.sys Tue Jul 14 01: 54: 47 2009 (4A5BC947)
8a794000 8a7ab000 rassstp rassstp.sys Tue Jul 14 01: 54: 57 2009 (4A5BC951)
89583000 895c4000 rdbss rdbss.sys Tue Jul 14 01: 14: 26 2009 (4A5BBFD2)
84c00000 84c08000 RDPCDD RDPCDD.sys Tue Jul 14 02: 01: 40 2009 (4A5BCAE4)
84a2c000 84a34000 rdpencdd rdpencdd.sys Tue Jul 14 02: 01: 39 2009 (4A5BCAE3)
8480d000 84815000 rdprefmp rdprefmp.sys Tue Jul 14 02: 01: 41 2009 (4A5BCAE5)
85005000 85032000 rdyboost rdyboost.sys Tue Jul 14 01: 22: 02 2009 (4A5BC19A)
8cbeb000 8cbfe000 rspndr rspndr.sys Tue Jul 14 01: 53: 20 2009 (4A5BC8F0)
8c834000 8cb11700 RTKVHDA RTKVHDA.sys Fri Feb 14 12: 49: 59 2014 (52FE02E7)
8c1e2000 8c1ec000 secdrv secdrv.SYS Wed Sep 13 15: 18: 32 2006 (45080528)
85000000 85004280 speedfan speedfan.sys Sat Dec 29 21: 59: 33 2012 (50DF59B5)
851f5000 851fd000 spldr spldr.sys Mon May 11 18: 13: 47 2009 (4A084EBB)
8957d000 89582a00 ssmdrv ssmdrv.sys Tue May 05 12: 05: 18 2009 (4A000F5E)
8b818000 8b819380 swenum swenum.sys Tue Jul 14 01: 45: 08 2009 (4A5BC704)
85033000 8517c000 tcpip tcpip.sys Tue Jul 14 01: 13: 18 2009 (4A5BBF8E)
8c1ec000 8c1f9000 tcpipreg tcpipreg.sys Tue Jul 14 01: 54: 14 2009 (4A5BC926)
8944d000 89458000 TDI TDI.SYS Tue Jul 14 01: 12: 12 2009 (4A5BBF4C)
89436000 8944d000 tdx tdx.sys Tue Jul 14 01: 12: 10 2009 (4A5BBF4A)
8956d000 8957d000 termdd termdd.sys Tue Jul 14 02: 01: 35 2009 (4A5BCADF)
8f560000 8f569000 TSDDD TSDDD.dll Tue Jul 14 02: 01: 40 2009 (4A5BCAE4)
8a66e000 8a68f000 tunnel tunnel.sys Tue Jul 14 01: 54: 03 2009 (4A5BC91B)
bb613000 bb653000 udfs udfs.sys Tue Jul 14 01: 14: 09 2009 (4A5BBFC1)
8a7ec000 8a7fa000 umbus umbus.sys Sat Nov 20 11: 00: 23 2010 (4CE79C37)
8cb4e000 8cb65000 usbccgp usbccgp.sys Tue Jul 14 01: 51: 31 2009 (4A5BC883)
8cb65000 8cb66700 USBD USBD.SYS Tue Jul 14 01: 51: 05 2009 (4A5BC869)
8bdd9000 8bde8000 usbehci usbehci.sys Tue Jul 14 01: 51: 14 2009 (4A5BC872)
8c02f000 8c073000 usbhub usbhub.sys Tue Jul 14 01: 52: 06 2009 (4A5BC8A6)
8bd8e000 8bdd9000 USBPORT USBPORT.SYS Tue Jul 14 01: 51: 13 2009 (4A5BC871)
8c800000 8c817000 USBSTOR USBSTOR.SYS Tue Jul 14 01: 51: 19 2009 (4A5BC877)
8bd83000 8bd8e000 usbuhci usbuhci.sys Tue Jul 14 01: 51: 10 2009 (4A5BC86E)
89537000 8956d000 VBoxDrv VBoxDrv.sys Fri May 16 15: 25: 38 2014 (537611D2)
89518000 89537000 VBoxUSBMon VBoxUSBMon.sys Fri May 16 15: 24: 47 2014 (5376119F)
84b39000 84b44000 vdrvroot vdrvroot.sys Tue Jul 14 01: 46: 19 2009 (4A5BC74B)
849cc000 849d8000 vga vga.sys Tue Jul 14 01: 25: 50 2009 (4A5BC27E)
849d8000 849f9000 VIDEOPRT VIDEOPRT.SYS Tue Jul 14 01: 25: 49 2009 (4A5BC27D)
851ad000 851b5380 vmstorfl vmstorfl.sys Tue Jul 14 01: 28: 44 2009 (4A5BC32C)
84b55000 84b65000 volmgr volmgr.sys Tue Jul 14 01: 11: 25 2009 (4A5BBF1D)
84b65000 84bb0000 volmgrx volmgrx.sys Tue Jul 14 01: 11: 41 2009 (4A5BBF2D)
851b6000 851f5000 volsnap volsnap.sys Tue Jul 14 01: 11: 34 2009 (4A5BBF26)
84800000 8480d000 watchdog watchdog.sys Tue Jul 14 01: 24: 10 2009 (4A5BC21A)
84a37000 84aa8000 Wdf01000 Wdf01000.sys Tue Jul 14 01: 11: 36 2009 (4A5BBF28)
84aa8000 84ab6000 WDFLDR WDFLDR.SYS Tue Jul 14 01: 11: 25 2009 (4A5BBF1D)
894e4000 894eb000 wfplwf wfplwf.sys Tue Jul 14 01: 53: 51 2009 (4A5BC90F)
8f300000 8f54a000 win32k win32k.sys Tue Jul 14 01: 26: 26 2009 (4A5BC2A2)
84afe000 84b07000 WMILIB WMILIB.SYS Tue Jul 14 01: 11: 22 2009 (4A5BBF1A)
8cbd1000 8cbeb000 WudfPf WudfPf.sys Tue Jul 14 01: 50: 13 2009 (4A5BC835)
Unloaded modules:
895d8000 895ef000 ISODrive.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00017000
bb6be000 bb6c4000 SEDriverVist
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00006000
84dd0000 84ddd000 crashdmp.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000D000
84ddd000 84de8000 dump_ataport
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000B000
84ff7000 85000000 dump_atapi.s
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00009000
84de8000 84df9000 dump_dumpfve
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00011000
84c00000 84c08000 viaide.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00008000
quit:
RE: DRIVER_VERIFIER_DETECTED_VIOLATION - pawlacco - 18.09.2014 10:29
Nie mam zadnefgo programu chroniacego na stale. Czasem odpalam avire, a tak to wersje portable.
Z ta weryfikacja zrobilem tak, ze w ogole ja wylaczylem.
Co do tych podejrzenych, to nie ma ich na dysku, ani w rejestrze nic. Amba fatima bylo i nima.
Thx
|