Windows 7 Forum: konfiguracja, optymalizacja, porady, gadżety •
Rozwiązany DRIVER_VERIFIER_DETECTED_VIOLATION - Wersja do druku

+- Windows 7 Forum: konfiguracja, optymalizacja, porady, gadżety • (https://windows7forum.pl)
+-- Dział: Pomoc i wsparcie, Windows 7 (/pomoc-i-wsparcie-windows-7-26-f)
+--- Dział: Software (/software-27-f)
+---- Dział: Sterowniki (/sterowniki-17-f)
+---- Wątek: Rozwiązany DRIVER_VERIFIER_DETECTED_VIOLATION (/driver-verifier-detected-violation-41991-t)



DRIVER_VERIFIER_DETECTED_VIOLATION - pawlacco - 15.09.2014 23:39

Mam taki(e) problem(y) ze sterownikami. Wie ktos, co poradzic...?

[Obrazek: 64d2acc3d351c649med.jpg]


RE: DRIVER_VERIFIER_DETECTED_VIOLATION - thermalfake - 16.09.2014 06:59

Widać tylko 3 różne bsody i praktycznie nic więcej bo obrazek nie powiększa się a poza tym je trzeba debugować.
Więc proszę podesłać mini zrzuty.


RE: DRIVER_VERIFIER_DETECTED_VIOLATION - pawlacco - 16.09.2014 14:45

Sorry, zle wrzucilem

http://www.fotosik.pl/pokaz_obrazek/pelny/64d2acc3d351c649.html


RE: DRIVER_VERIFIER_DETECTED_VIOLATION - thermalfake - 16.09.2014 16:19

Nie wiem czy Ty nadal śpisz ale ja prosiłem o mini zrzuty czyli pliki dmp do analizy z widocznej nawet lokalizacji ze zrzutu. Masz 3 różne rodzaje bsodów z jednego dnia.
Mechanik widząc auto tylko z obrazka też niewiele jest w stanie zrobić.


RE: DRIVER_VERIFIER_DETECTED_VIOLATION - pawlacco - 17.09.2014 00:01

http://www71.zippyshare.com/v/25599990/file.html


RE: DRIVER_VERIFIER_DETECTED_VIOLATION - thermalfake - 17.09.2014 23:07

To co teraz podesłałeś to zupełnie inna nazwa pliku niż to co widziałem w BSV.
Także spakuj całość i wtedy wyślij.

DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
Z tego błędu wynika iż nie zakończyłeś weryfikacji sterowników stąd nadal sypie bsodami z niepoprawnie pracującymi driverami. Aby to zrobić w wierszu poleceń wpisz verifier /reset
Ogólnie odnaleziono błąd krytyczny podczas testowania sterownika przez weryfikator sterowników (Driver Verifier).
Więcej o konkretnym błędzie może powiedzieć pierwszy argument jak i szczegółowa analiza stosu wywołań jak i rejestry procesora.
Pierwszy argument który ma zastosowanie od Win 7 wzwyż wskazuje iż sterownik robi referencję do obiektu w trybie jądra (kernel mode) - przestrzeni adresów w tym trybie zamiast w trybie użytkownika (user mode). Ten pierwszy ma dostęp niskopoziomowy do zasobów sprzętowych.
Na stosie wywołań pojawia się
bdfsfltr.sys Wed Mar 23 14:49:13 2011 (4D89FA59)
BitDefender AntiVirus FS filter driver
W tym wypadku jest on przyczyną tego bsoda.

Moje uwagi są następujące

- stare sterowniki do aktualizacji o ile istnieją

e100b325.sys Fri Nov 16 19:53:32 2007 (473DE72C)
Intel PRO/100 Adapter NDIS 5.1 driver

atikmdag.sys Fri Apr 24 12:50:20 2009 (49F1996C)
ATI Video driver

ssmdrv.sys Tue May 5 12:05:18 2009 (4A000F5E)
Avira anti-virus

- podejrzane
1C2863933 1C2863933.sys Fri Apr 18 11: 28: 30 2014 (5350F03E)
1C5E3747C 1C5E3747C.sys Wed Jun 11 12: 00: 23 2014 (539828B7)

- zdecyduj się na jedno rozwiązanie chroniące komputer plus oprogramowanie do czyszczenia malware'u
U Ciebie jest Avira i Bitdefender AV do kupy razem wzięte.


Kod:
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Mini Kernel Dump File:  Only registers and stack trace are available

Symbol search path is:  srv*c: \symbols*http: //msdl.microsoft.com/download/symbols;symsrv*symsrv.dll*c: \symb*http: //msdl.microsoft.com/download/symbols
Executable search path is:  
Windows 7 Kernel Version 7601 MP (2 procs) Free x86 compatible
Product:  WinNt, suite:  TerminalServer SingleUserTS
Built by:  7601.17592.x86fre.win7sp1_gdr.110408-1631
Machine Name:  
Kernel base = 0x81a4a000 PsLoadedModuleList = 0x81b934d0
Debug session time:  Tue Sep 16 07: 47: 11.674 2014 (UTC + 2: 00)
System Uptime:  0 days 2: 54: 43.206
Loading Kernel Symbols
...............................................................
................................................................
................
Loading User Symbols
Loading unloaded module list
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught.  This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:  
Arg1:  000000f6, Referencing user handle as KernelMode.
Arg2:  00000ee8, Handle value being referenced.
Arg3:  94953030, Address of the current process.
Arg4:  8c117cae, Address inside the driver that is performing the incorrect reference.

Debugging Details:  
------------------

*** WARNING:  Unable to verify timestamp for bdfsfltr.sys
*** ERROR:  Module load completed but symbols could not be loaded for bdfsfltr.sys
*** WARNING:  Unable to verify timestamp for 1C2863933.sys
*** ERROR:  Module load completed but symbols could not be loaded for 1C2863933.sys

BUGCHECK_STR:   0xc4_f6

CUSTOMER_CRASH_COUNT:   1

DEFAULT_BUCKET_ID:   VISTA_DRIVER_FAULT

PROCESS_NAME:   explorer.exe

CURRENT_IRQL:   0

LAST_CONTROL_TRANSFER:   from 81d80f1f to 81b28f2c

STACK_TEXT:    
8fcf124c 81d80f1f 000000c4 000000f6 00000ee8 nt!KeBugCheckEx+0x1e
8fcf126c 81d85782 00000ee8 94953030 b6ccf378 nt!VerifierBugCheckIfAppropriate+0x30
8fcf1300 81c6bf6b 00000000 00002000 bdf30000 nt!VfCheckUserHandle+0x14f
8fcf1334 81c6be25 00000ee8 00000001 843dbeb0 nt!ObReferenceObjectByHandleWithTag+0x13b
8fcf1358 81ca3b07 00000ee8 00000001 843dbeb0 nt!ObReferenceObjectByHandle+0x21
8fcf13f0 81a881ea 00000ee8 ae487000 00002000 nt!NtQueryDirectoryObject+0x113
8fcf13f0 81a868e5 00000ee8 ae487000 00002000 nt!KiFastCallEntry+0x12a
8fcf1484 8c1174ed 00000ee8 ae487000 00002000 nt!ZwQueryDirectoryObject+0x11
WARNING:  Stack unwind information not available. Following frames may be wrong.
8fcf1608 8c117cae 94953030 94055aa4 8fcf1678 bdfsfltr+0x334ed
8fcf16c8 8c0e5804 999e6068 94055a80 03dd92b0 bdfsfltr+0x33cae
8fcf1818 849bf627 999e6068 8fcf18b0 8fcf18dc bdfsfltr+0x1804
8fcf1890 8499aaeb 999e6068 8fcf18b0 8fcf18dc fltmgr!FltvPreOperation+0x81
8fcf18fc 8499d9f0 8fcf1940 b8fbef00 00000000 fltmgr!FltpPerformPreCallbacks+0x34d
8fcf1914 849b11fe 8fcf1940 849b4f3c 00000000 fltmgr!FltpPassThroughInternal+0x40
8fcf1928 849b18b7 8fcf1940 88a0a318 8129e890 fltmgr!FltpCreateInternal+0x24
8fcf196c 81d7b6c3 88a0a318 999b3008 b8fbefd4 fltmgr!FltpCreate+0x2c9
8fcf1990 81a8154a 00000000 b8fbeff8 88a0a318 nt!IovCallDriver+0x258
8fcf19a4 bb667d58 999e6ad0 9984d728 b8fbef00 nt!IofCallDriver+0x1b
8fcf1a44 bb6563cc 999e6ad0 b8fbef00 8fcf1a68 1C2863933+0x14d58
8fcf1a54 bb655541 999e6ad0 b8fbef00 b8fbef00 1C2863933+0x33cc
8fcf1a68 81d7b6c3 999e6ad0 b8fbef00 99861d00 1C2863933+0x2541
8fcf1a8c 81a8154a 00000000 99861d5c 999e6ad0 nt!IovCallDriver+0x258
8fcf1aa0 81c902ad dca77e99 8fcf1c48 00000000 nt!IofCallDriver+0x1b
8fcf1b78 81c6fab5 81383030 8534ceb0 8a311008 nt!IopParseDevice+0xed7
8fcf1bf4 81c7fec6 00000000 8fcf1c48 00000040 nt!ObpLookupObjectName+0x4fa
8fcf1c50 81c769a4 05b8e2bc 8534ceb0 81adb201 nt!ObOpenObjectByName+0x165
8fcf1ccc 81c7cb2a 049dff64 80100000 05b8e2bc nt!IopCreateFile+0x673
8fcf1d14 81a881ea 049dff64 80100000 05b8e2bc nt!NtOpenFile+0x2a
8fcf1d14 77b764f4 049dff64 80100000 05b8e2bc nt!KiFastCallEntry+0x12a
05b8e300 00000000 00000000 00000000 00000000 0x77b764f4


STACK_COMMAND:   kb

FOLLOWUP_IP:  
bdfsfltr+334ed
8c1174ed 8bf0            mov     esi,eax

SYMBOL_STACK_INDEX:   8

SYMBOL_NAME:   bdfsfltr+334ed

FOLLOWUP_NAME:   MachineOwner

MODULE_NAME:  bdfsfltr

IMAGE_NAME:   bdfsfltr.sys

DEBUG_FLR_IMAGE_TIMESTAMP:   4d89fa59

FAILURE_BUCKET_ID:   0xc4_f6_bdfsfltr+334ed

BUCKET_ID:   0xc4_f6_bdfsfltr+334ed

Followup:  MachineOwner
---------

CPUID:         "Intel(R) Pentium(R) D CPU 3.00GHz"
MaxSpeed:      3000
CurrentSpeed:  3000
[SMBIOS Data Tables v2.4]
[DMI Version - 0]
[2.0 Calling Convention - No]
[Table Size - 2524 bytes]

[BIOS Information (Type 0) - Length 24 - Handle 0000h]
  Vendor                        Phoenix Technologies, LTD
  BIOS Version                   3.17
  BIOS Starting Address Segment e000
  BIOS Release Date             04/20/2006
  BIOS ROM Size                 80000
  BIOS Characteristics
       04:  - ISA Supported
       07:  - PCI Supported
       09:  - Plug and Play Supported
       10:  - APM Supported
       11:  - Upgradeable FLASH BIOS
       12:  - BIOS Shadowing Supported
       15:  - CD-Boot Supported
       16:  - Selectable Boot Supported
       17:  - BIOS ROM Socketed
       19:  - EDD Supported
       22:  - 360KB Floppy Supported
       23:  - 1.2MB Floppy Supported
       24:  - 720KB Floppy Supported
       25:  - 2.88MB Floppy Supported
       26:  - Print Screen Device Supported
       27:  - Keyboard Services Supported
       28:  - Serial Services Supported
       29:  - Printer Services Supported
       30:  - CGA/Mono Services Supported
       49:  - System Vendor Reserved
  BIOS Characteristic Extensions
       00:  - ACPI Supported
       01:  - USB Legacy Supported
       04:  - LS120-Boot Supported
       05:  - ATAPI ZIP-Boot Supported
       08:  - BIOS Boot Specification Supported
       09:  - Fn-Key NET-Boot Supported
  BIOS Major Revision           3
  BIOS Minor Revision           15
  EC Firmware Major Revision    255
  EC Firmware Minor Revision    255
[System Information (Type 1) - Length 27 - Handle 0001h]
  Manufacturer                  HP Pavilion 061
  Product Name                  ED845AA-ABA M7277C
  Version                       0qn1114RE101LITHI00
  Serial Number                                  
  UUID                          00000000-0000-0000-0000-000000000000
  Wakeup Type                   Power Switch
  SKUNumber                      
  Family                          
[BaseBoard Information (Type 2) - Length 8 - Handle 0002h]
  Manufacturer                  ASUSTek Computer INC.
  Product                       LITHIUM
  Version                       1.05
  Serial Number                              
[System Enclosure (Type 3) - Length 17 - Handle 0003h]
  Manufacturer                    
  Chassis Type                  Desktop
  Version                       1111
  Serial Number                  
  Asset Tag Number                
  Bootup State                  Safe
  Power Supply State            Safe
  Thermal State                 Safe
  Security Status               None
  OEM Defined                   0
[Processor Information (Type 4) - Length 35 - Handle 0004h]
  Socket Designation            Socket 775
  Processor Type                Central Processor
  Processor Family              01h - Other
  Processor Manufacturer        Intel
  Processor ID                  440f0000fffbebbf
  Processor Version             Intel(R) Pentium(R) D CPU 3.00GHz
  Processor Voltage             8dh - 1.3V
  External Clock                200MHz
  Max Speed                     3800MHz
  Current Speed                 3000MHz
  Status                        Enabled Populated
  Processor Upgrade             ZIF Socket
  L1 Cache Handle               000ah
  L2 Cache Handle               000bh
  L3 Cache Handle               000ch
  Serial Number                  
  Asset Tag Number                
  Part Number                    
[Memory Controller Information (Type 5) - Length 24 - Handle 0005h]
  Error Detecting Method        04h - 8-bit Parity
  Error Correcting Capability   04h - None  
  Supported Interleave          03h - One Way Interleave
  Current Interleave            03h - One Way Interleave
  Maximum Memory Module Size    0ah - 1024MB
  Supported Speeds              0001h - Other  
  Supported Memory Types        0001h - Other  
  Memory Module Voltage         5V  
  Number of Memory Slots        4
  Memory Slot Handle            0006h
  Memory Slot Handle            0007h
  Memory Slot Handle            0008h
  Memory Slot Handle            0009h
  Enabled Err Correcting Caps   04h - None  
[Memory Module Information (Type 6) - Length 12 - Handle 0006h]
  Socket Designation            A0
  Bank Connections              01h - 1 0
  Current Speed                 1ns
  Current Memory Type           0001h - Other  
  Installed Size                8ah - 1024 [double bank]
  Enabled Size                  8ah - 1024 [double bank]
  Error Status                  00h - [No Errors]  
[Memory Module Information (Type 6) - Length 12 - Handle 0007h]
  Socket Designation            A1
  Bank Connections              23h - 3 2
  Current Speed                 35ns
  Current Memory Type           0001h - Other  
  Installed Size                8ah - 1024 [double bank]
  Enabled Size                  8ah - 1024 [double bank]
  Error Status                  00h - [No Errors]  
[Memory Module Information (Type 6) - Length 12 - Handle 0008h]
  Socket Designation            A2
  Bank Connections              45h - 5 4
  Current Speed                 69ns
  Current Memory Type           0001h - Other  
  Installed Size                8ah - 1024 [double bank]
  Enabled Size                  8ah - 1024 [double bank]
  Error Status                  00h - [No Errors]  
[Memory Module Information (Type 6) - Length 12 - Handle 0009h]
  Socket Designation            A3
  Bank Connections              67h - 7 6
  Current Speed                 103ns
  Current Memory Type           0001h - Other  
  Installed Size                8ah - 1024 [double bank]
  Enabled Size                  8ah - 1024 [double bank]
  Error Status                  00h - [No Errors]  
[Cache Information (Type 7) - Length 19 - Handle 000ah]
  Socket Designation            L1 Cache
  Cache Configuration           0180h - WB Enabled Int NonSocketed L1
  Maximum Cache Size            0010h - 16K
  Installed Size                0010h - 16K
  Supported SRAM Type           0020h - Synchronous  
  Current SRAM Type             0020h - Synchronous  
  Cache Speed                   0ns
  Error Correction Type         Multi-Bit ECC
  System Cache Type             Data
  Associativity                 4-way Set-Associative
[Cache Information (Type 7) - Length 19 - Handle 000bh]
  Socket Designation            L2 Cache
  Cache Configuration           0181h - WB Enabled Int NonSocketed L2
  Maximum Cache Size            0400h - 1024K
  Installed Size                0400h - 1024K
  Supported SRAM Type           0020h - Synchronous  
  Current SRAM Type             0020h - Synchronous  
  Cache Speed                   0ns
  Error Correction Type         Multi-Bit ECC
  System Cache Type             Unified
  Associativity                 4-way Set-Associative
[Cache Information (Type 7) - Length 19 - Handle 000ch]
  Socket Designation            L3 Cache
  Cache Configuration           0202h - Varies Disabled Int NonSocketed L3
  Maximum Cache Size            0000h - 0K
  Installed Size                0000h - 0K
  Supported SRAM Type           0020h - Synchronous  
  Current SRAM Type             0020h - Synchronous  
  Cache Speed                   0ns
  Error Correction Type         Unknown
  System Cache Type             Unknown
  Associativity                 Unknown
[Onboard Devices Information (Type 10) - Length 12 - Handle 0026h]
  Number of Devices             4
  01:  Type                      Other [enabled]
  01:  Description                
  02:  Type                      Video [disabled]
  02:  Description                
  03:  Type                      Ethernet [enabled]
  03:  Description                
  04:  Type                      Sound [enabled]
  04:  Description                
[Physical Memory Array (Type 16) - Length 15 - Handle 0028h]
  Location                      03h - SystemBoard/Motherboard
  Use                           03h - System Memory
  Memory Error Correction       03h - None
  Maximum Capacity              4194304KB
  Memory Error Inf Handle       [Not Provided]
  Number of Memory Devices      4
[Memory Device (Type 17) - Length 27 - Handle 0029h]
  Physical Memory Array Handle  0028h
  Memory Error Info Handle      [Not Provided]
  Total Width                   64 bits
  Data Width                    64 bits
  Size                          1024MB
  Form Factor                   09h - DIMM
  Device Set                    [None]
  Device Locator                A0
  Bank Locator                  Bank0/1
  Memory Type                   13h - Specification Reserved
  Type Detail                   0080h - Synchronous
  Speed                         533MHz
  Manufacturer                  None
  Serial Number                      
  Asset Tag Number                  
  Part Number                   None
[Memory Device (Type 17) - Length 27 - Handle 002ah]
  Physical Memory Array Handle  0028h
  Memory Error Info Handle      [Not Provided]
  Total Width                   64 bits
  Data Width                    64 bits
  Size                          1024MB
  Form Factor                   09h - DIMM
  Device Set                    [None]
  Device Locator                A1
  Bank Locator                  Bank2/3
  Memory Type                   13h - Specification Reserved
  Type Detail                   0080h - Synchronous
  Speed                         533MHz
  Manufacturer                  None
  Serial Number                      
  Asset Tag Number                  
  Part Number                   None
[Memory Device (Type 17) - Length 27 - Handle 002bh]
  Physical Memory Array Handle  0028h
  Memory Error Info Handle      [Not Provided]
  Total Width                   64 bits
  Data Width                    64 bits
  Size                          1024MB
  Form Factor                   09h - DIMM
  Device Set                    [None]
  Device Locator                A2
  Bank Locator                  Bank4/5
  Memory Type                   13h - Specification Reserved
  Type Detail                   0080h - Synchronous
  Speed                         533MHz
  Manufacturer                  None
  Serial Number                      
  Asset Tag Number                  
  Part Number                   None
[Memory Device (Type 17) - Length 27 - Handle 002ch]
  Physical Memory Array Handle  0028h
  Memory Error Info Handle      [Not Provided]
  Total Width                   64 bits
  Data Width                    64 bits
  Size                          1024MB
  Form Factor                   09h - DIMM
  Device Set                    [None]
  Device Locator                A3
  Bank Locator                  Bank6/7
  Memory Type                   13h - Specification Reserved
  Type Detail                   0080h - Synchronous
  Speed                         533MHz
  Manufacturer                  None
  Serial Number                      
  Asset Tag Number                  
  Part Number                   None
[Memory Array Mapped Address (Type 19) - Length 15 - Handle 002dh]
  Starting Address              00000000h
  Ending Address                003fffffh
  Memory Array Handle           0028h
  Partition Width               01
[Memory Device Mapped Address (Type 20) - Length 19 - Handle 002eh]
  Starting Address              00000000h
  Ending Address                000fffffh
  Memory Device Handle          0029h
  Mem Array Mapped Adr Handle   002dh
  Partition Row Position        01
  Interleave Position           [None]
  Interleave Data Depth         [None]
[Memory Device Mapped Address (Type 20) - Length 19 - Handle 002fh]
  Starting Address              00100000h
  Ending Address                001fffffh
  Memory Device Handle          002ah
  Mem Array Mapped Adr Handle   002dh
  Partition Row Position        01
  Interleave Position           [None]
  Interleave Data Depth         [None]
[Memory Device Mapped Address (Type 20) - Length 19 - Handle 0030h]
  Starting Address              00200000h
  Ending Address                002fffffh
  Memory Device Handle          002bh
  Mem Array Mapped Adr Handle   002dh
  Partition Row Position        01
  Interleave Position           [None]
  Interleave Data Depth         [None]
[Memory Device Mapped Address (Type 20) - Length 19 - Handle 0031h]
  Starting Address              00300000h
  Ending Address                003fffffh
  Memory Device Handle          002ch
  Mem Array Mapped Adr Handle   002dh
  Partition Row Position        01
  Interleave Position           [None]
  Interleave Data Depth         [None]
[OEM Strings (Type 11) - Length 5 - Handle 0033h]
  Number of Strings             16
   1                            bid=54NAemMPC1,54NAemMPC1;ARDY;C_GC;DLED;IS.N60d;KBDRV;MDVD_STD;
   2                            MSENC;MSMON_STD;PROD_MSWORKS;QUIF_NUE;RP_STD;SDMED_PLS;SFCHK;WD_
   3                            SE;##
   4                                                                                            
   5                                                                                            
   6                                                                                            
   7                                                                                            
   8                                                                                            
   9                                                                                            
  10                                                                                            
  11                                                                                            
  12                                                                                            
  13                                                                                            
  14                                                                                            
  15                                                                                            
  16                                                                                            
start    end        module name
8a6a1000 8a6cd000   1394ohci 1394ohci.sys Tue Jul 14 01: 51: 59 2009 (4A5BC89F)
bb653000 bb69ad00   1C2863933 1C2863933.sys Fri Apr 18 11: 28: 30 2014 (5350F03E)
bb69b000 bb6bde80   1C5E3747C 1C5E3747C.sys Wed Jun 11 12: 00: 23 2014 (539828B7)
84ab6000 84afe000   ACPI     ACPI.sys     Tue Jul 14 01: 11: 11 2009 (4A5BBF0F)
89458000 894b2000   afd      afd.sys      Tue Jul 14 01: 12: 34 2009 (4A5BBF62)
8a70e000 8a720000   AgileVpn AgileVpn.sys Tue Jul 14 01: 55: 00 2009 (4A5BC954)
84a23000 84a2c000   amdxata  amdxata.sys  Tue May 19 19: 57: 35 2009 (4A12F30F)
84be2000 84beb000   atapi    atapi.sys    Tue Jul 14 01: 11: 15 2009 (4A5BBF13)
84a00000 84a23000   ataport  ataport.SYS  Tue Jul 14 01: 11: 18 2009 (4A5BBF16)
8c084000 8c09c000   AtihdW73 AtihdW73.sys Thu Feb 23 13: 29: 48 2012 (4F46313C)
8b820000 8bc74000   atikmdag atikmdag.sys Fri Apr 24 12: 50: 20 2009 (49F1996C)
8cba7000 8cbc5000   avgntflt avgntflt.sys Wed Apr 30 18: 33: 30 2014 (536125DA)
8a64a000 8a66e000   avipbb   avipbb.sys   Thu Mar 20 08: 45: 01 2014 (532A9C7D)
8a63e000 8a64a000   avkmgr   avkmgr.sys   Mon Sep 16 13: 13: 08 2013 (5236E7C4)
8c827000 8c829680   awealloc awealloc.sys Thu Jun 13 23: 01: 15 2013 (51BA331B)
8c0e4000 8c138900   bdfsfltr bdfsfltr.sys Wed Mar 23 14: 49: 13 2011 (4D89FA59)
84df9000 84e00000   Beep     Beep.SYS     Tue Jul 14 01: 45: 00 2009 (4A5BC6FC)
8a630000 8a63e000   blbdrive blbdrive.sys Tue Jul 14 01: 23: 04 2009 (4A5BC1D8)
848a3000 848ab000   BOOTVID  BOOTVID.dll  Tue Jul 14 03: 04: 34 2009 (4A5BD9A2)
8f590000 8f5ae000   cdd      cdd.dll      Tue Jul 14 03: 04: 18 2009 (4A5BD992)
8a600000 8a616000   cdfs     cdfs.sys     Tue Jul 14 01: 11: 14 2009 (4A5BBF12)
84c08000 84c27000   cdrom    cdrom.sys    Sat Nov 20 09: 38: 09 2010 (4CE788F1)
848ed000 84998000   CI       CI.dll       Tue Jul 14 03: 09: 28 2009 (4A5BDAC8)
84dab000 84dd0000   CLASSPNP CLASSPNP.SYS Tue Jul 14 01: 11: 20 2009 (4A5BBF18)
848ab000 848ed000   CLFS     CLFS.SYS     Tue Jul 14 01: 11: 10 2009 (4A5BBF0E)
84e37000 84e94000   cng      cng.sys      Tue Jul 14 01: 32: 55 2009 (4A5BC427)
8a701000 8a70e000   CompositeBus CompositeBus.sys Tue Jul 14 01: 45: 26 2009 (4A5BC716)
8cb12000 8cb1f000   crashdmp crashdmp.sys Tue Jul 14 01: 45: 50 2009 (4A5BC72E)
89400000 89418000   dfsc     dfsc.sys     Tue Jul 14 01: 14: 16 2009 (4A5BBFC8)
895ef000 895fb000   discache discache.sys Tue Jul 14 01: 24: 04 2009 (4A5BC214)
84fe6000 84ff7000   disk     disk.sys     Tue Jul 14 01: 11: 28 2009 (4A5BBF20)
8c0cb000 8c0e4000   drmk     drmk.sys     Tue Jul 14 02: 36: 05 2009 (4A5BD2F5)
8cb2a000 8cb33000   dump_atapi dump_atapi.sys Tue Jul 14 01: 11: 15 2009 (4A5BBF13)
8cb1f000 8cb2a000   dump_ataport dump_ataport.sys Tue Jul 14 01: 11: 16 2009 (4A5BBF14)
8cb33000 8cb44000   dump_dumpfve dump_dumpfve.sys Tue Jul 14 01: 12: 47 2009 (4A5BBF6F)
8cb44000 8cb4e000   Dxapi    Dxapi.sys    Tue Jul 14 01: 25: 25 2009 (4A5BC265)
8bc74000 8bd2b000   dxgkrnl  dxgkrnl.sys  Tue Jul 14 01: 26: 15 2009 (4A5BC297)
8bd2b000 8bd64000   dxgmms1  dxgmms1.sys  Tue Jul 14 01: 25: 25 2009 (4A5BC265)
8a6cd000 8a6f3e00   e100b325 e100b325.sys Fri Nov 16 19: 53: 32 2007 (473DE72C)
84beb000 84bfc000   fileinfo fileinfo.sys Tue Jul 14 01: 21: 51 2009 (4A5BC18F)
84998000 849cc000   fltmgr   fltmgr.sys   Tue Jul 14 01: 11: 13 2009 (4A5BBF11)
84ea2000 84eab000   Fs_Rec   Fs_Rec.sys   Tue Jul 14 01: 11: 14 2009 (4A5BBF12)
84c27000 84c36000   FsDepends FsDepends.sys Tue Jul 14 01: 15: 38 2009 (4A5BC01A)
84e00000 84e32000   fvevol   fvevol.sys   Tue Jul 14 01: 13: 01 2009 (4A5BBF7D)
8517c000 851ad000   fwpkclnt fwpkclnt.sys Tue Jul 14 01: 12: 03 2009 (4A5BBF43)
81a13000 81a4a000   hal      halmacpi.dll Tue Jul 14 01: 11: 03 2009 (4A5BBF07)
8bd64000 8bd83000   HDAudBus HDAudBus.sys Tue Jul 14 01: 50: 55 2009 (4A5BC85F)
8cb72000 8cb85000   HIDCLASS HIDCLASS.SYS Sat Nov 20 10: 59: 37 2010 (4CE79C09)
8cb85000 8cb8b480   HIDPARSE HIDPARSE.SYS Tue Jul 14 01: 50: 59 2009 (4A5BC863)
8cb67000 8cb72000   hidusb   hidusb.sys   Sat Nov 20 10: 59: 38 2010 (4CE79C0A)
84fde000 84fe6000   hwpolicy hwpolicy.sys Tue Jul 14 01: 11: 01 2009 (4A5BBF05)
8b800000 8b818000   i8042prt i8042prt.sys Tue Jul 14 01: 11: 23 2009 (4A5BBF1B)
8c000000 8c01e000   idmwfp   idmwfp.sys   Mon Jun 09 00: 40: 46 2014 (5394E66E)
8c82a000 8c830c80   imdisk   imdisk.sys   Thu Jun 13 23: 01: 11 2013 (51BA3317)
84bb0000 84bb7000   intelide intelide.sys Tue Jul 14 01: 11: 19 2009 (4A5BBF17)
8a68f000 8a6a1000   intelppm intelppm.sys Tue Jul 14 01: 11: 03 2009 (4A5BBF07)
8a7ab000 8a7b8000   kbdclass kbdclass.sys Tue Jul 14 01: 11: 15 2009 (4A5BBF13)
8cbc5000 8cbd1000   kbdhid   kbdhid.sys   Sat Nov 20 10: 50: 10 2010 (4CE799D2)
81926000 8192e000   kdcom    kdcom.dll    Tue Jul 14 03: 08: 58 2009 (4A5BDAAA)
8a7b8000 8a7ec000   ks       ks.sys       Tue Jul 14 01: 45: 13 2009 (4A5BC709)
84d98000 84dab000   ksecdd   ksecdd.sys   Tue Jul 14 01: 11: 56 2009 (4A5BBF3C)
84fa0000 84fc5000   ksecpkg  ksecpkg.sys  Tue Jul 14 01: 34: 00 2009 (4A5BC468)
8c817000 8c827000   lltdio   lltdio.sys   Tue Jul 14 01: 53: 18 2009 (4A5BC8EE)
8cb8c000 8cba7000   luafv    luafv.sys    Tue Jul 14 01: 15: 44 2009 (4A5BC020)
8481a000 84892000   mcupdate mcupdate.dll Tue Jul 14 03: 06: 41 2009 (4A5BDA21)
8a6f4000 8a701000   mouclass mouclass.sys Tue Jul 14 01: 11: 15 2009 (4A5BBF13)
84bcc000 84be2000   mountmgr mountmgr.sys Tue Jul 14 01: 11: 27 2009 (4A5BBF1F)
8c139000 8c14b000   mpsdrv   mpsdrv.sys   Tue Jul 14 01: 52: 52 2009 (4A5BC8D4)
8941d000 89428000   Msfs     Msfs.SYS     Tue Jul 14 01: 11: 26 2009 (4A5BBF1E)
84b07000 84b0f000   msisadrv msisadrv.sys Tue Jul 14 01: 11: 09 2009 (4A5BBF0D)
84d6d000 84d98000   msrpc    msrpc.sys    Tue Jul 14 01: 11: 59 2009 (4A5BBF3F)
895ce000 895d8000   mssmbios mssmbios.sys Tue Jul 14 01: 19: 25 2009 (4A5BC0FD)
84fce000 84fde000   mup      mup.sys      Tue Jul 14 01: 14: 14 2009 (4A5BBFC6)
84eab000 84f62000   ndis     ndis.sys     Tue Jul 14 01: 12: 24 2009 (4A5BBF58)
8a738000 8a743000   ndistapi ndistapi.sys Tue Jul 14 01: 54: 24 2009 (4A5BC930)
8a743000 8a765000   ndiswan  ndiswan.sys  Tue Jul 14 01: 54: 34 2009 (4A5BC93A)
8c073000 8c084000   NDProxy  NDProxy.SYS  Tue Jul 14 01: 54: 27 2009 (4A5BC933)
8950a000 89518000   netbios  netbios.sys  Tue Jul 14 01: 53: 54 2009 (4A5BC912)
894b2000 894e4000   netbt    netbt.sys    Tue Jul 14 01: 12: 18 2009 (4A5BBF52)
84f62000 84fa0000   NETIO    NETIO.SYS    Tue Jul 14 01: 12: 35 2009 (4A5BBF63)
89428000 89436000   Npfs     Npfs.SYS     Tue Jul 14 01: 11: 31 2009 (4A5BBF23)
895c4000 895ce000   nsiproxy nsiproxy.sys Tue Jul 14 01: 12: 08 2009 (4A5BBF48)
81a4a000 81e5c000   nt       ntkrpamp.exe Sat Apr 09 05: 49: 39 2011 (4D9FD753)
84c3e000 84d6d000   Ntfs     Ntfs.sys     Tue Jul 14 01: 12: 05 2009 (4A5BBF45)
84c36000 84c3d000   Null     Null.SYS     Tue Jul 14 01: 11: 12 2009 (4A5BBF10)
84fc5000 84fce000   NVAMACPI NVAMACPI.sys Wed Nov 25 02: 33: 42 2009 (4B0C8976)
894eb000 8950a000   pacer    pacer.sys    Tue Jul 14 01: 53: 58 2009 (4A5BC916)
8bde8000 8be00000   parport  parport.sys  Tue Jul 14 01: 45: 34 2009 (4A5BC71E)
84b44000 84b55000   partmgr  partmgr.sys  Tue Jul 14 01: 11: 35 2009 (4A5BBF27)
84b0f000 84b39000   pci      pci.sys      Tue Jul 14 01: 11: 16 2009 (4A5BBF14)
84bc5000 84bcc000   pciide   pciide.sys   Tue Jul 14 01: 11: 19 2009 (4A5BBF17)
84bb7000 84bc5000   PCIIDEX  PCIIDEX.SYS  Tue Jul 14 01: 11: 15 2009 (4A5BBF13)
84e94000 84ea2000   pcw      pcw.sys      Tue Jul 14 01: 11: 10 2009 (4A5BBF0E)
8c14b000 8c1e2000   peauth   peauth.sys   Tue Jul 14 02: 35: 44 2009 (4A5BD2E0)
8c09c000 8c0cb000   portcls  portcls.sys  Tue Jul 14 01: 51: 00 2009 (4A5BC864)
84892000 848a3000   PSHED    PSHED.dll    Tue Jul 14 03: 09: 36 2009 (4A5BDAD0)
8a720000 8a738000   rasl2tp  rasl2tp.sys  Tue Jul 14 01: 54: 33 2009 (4A5BC939)
8a765000 8a77d000   raspppoe raspppoe.sys Tue Jul 14 01: 54: 53 2009 (4A5BC94D)
8a77d000 8a794000   raspptp  raspptp.sys  Tue Jul 14 01: 54: 47 2009 (4A5BC947)
8a794000 8a7ab000   rassstp  rassstp.sys  Tue Jul 14 01: 54: 57 2009 (4A5BC951)
89583000 895c4000   rdbss    rdbss.sys    Tue Jul 14 01: 14: 26 2009 (4A5BBFD2)
84c00000 84c08000   RDPCDD   RDPCDD.sys   Tue Jul 14 02: 01: 40 2009 (4A5BCAE4)
84a2c000 84a34000   rdpencdd rdpencdd.sys Tue Jul 14 02: 01: 39 2009 (4A5BCAE3)
8480d000 84815000   rdprefmp rdprefmp.sys Tue Jul 14 02: 01: 41 2009 (4A5BCAE5)
85005000 85032000   rdyboost rdyboost.sys Tue Jul 14 01: 22: 02 2009 (4A5BC19A)
8cbeb000 8cbfe000   rspndr   rspndr.sys   Tue Jul 14 01: 53: 20 2009 (4A5BC8F0)
8c834000 8cb11700   RTKVHDA  RTKVHDA.sys  Fri Feb 14 12: 49: 59 2014 (52FE02E7)
8c1e2000 8c1ec000   secdrv   secdrv.SYS   Wed Sep 13 15: 18: 32 2006 (45080528)
85000000 85004280   speedfan speedfan.sys Sat Dec 29 21: 59: 33 2012 (50DF59B5)
851f5000 851fd000   spldr    spldr.sys    Mon May 11 18: 13: 47 2009 (4A084EBB)
8957d000 89582a00   ssmdrv   ssmdrv.sys   Tue May 05 12: 05: 18 2009 (4A000F5E)
8b818000 8b819380   swenum   swenum.sys   Tue Jul 14 01: 45: 08 2009 (4A5BC704)
85033000 8517c000   tcpip    tcpip.sys    Tue Jul 14 01: 13: 18 2009 (4A5BBF8E)
8c1ec000 8c1f9000   tcpipreg tcpipreg.sys Tue Jul 14 01: 54: 14 2009 (4A5BC926)
8944d000 89458000   TDI      TDI.SYS      Tue Jul 14 01: 12: 12 2009 (4A5BBF4C)
89436000 8944d000   tdx      tdx.sys      Tue Jul 14 01: 12: 10 2009 (4A5BBF4A)
8956d000 8957d000   termdd   termdd.sys   Tue Jul 14 02: 01: 35 2009 (4A5BCADF)
8f560000 8f569000   TSDDD    TSDDD.dll    Tue Jul 14 02: 01: 40 2009 (4A5BCAE4)
8a66e000 8a68f000   tunnel   tunnel.sys   Tue Jul 14 01: 54: 03 2009 (4A5BC91B)
bb613000 bb653000   udfs     udfs.sys     Tue Jul 14 01: 14: 09 2009 (4A5BBFC1)
8a7ec000 8a7fa000   umbus    umbus.sys    Sat Nov 20 11: 00: 23 2010 (4CE79C37)
8cb4e000 8cb65000   usbccgp  usbccgp.sys  Tue Jul 14 01: 51: 31 2009 (4A5BC883)
8cb65000 8cb66700   USBD     USBD.SYS     Tue Jul 14 01: 51: 05 2009 (4A5BC869)
8bdd9000 8bde8000   usbehci  usbehci.sys  Tue Jul 14 01: 51: 14 2009 (4A5BC872)
8c02f000 8c073000   usbhub   usbhub.sys   Tue Jul 14 01: 52: 06 2009 (4A5BC8A6)
8bd8e000 8bdd9000   USBPORT  USBPORT.SYS  Tue Jul 14 01: 51: 13 2009 (4A5BC871)
8c800000 8c817000   USBSTOR  USBSTOR.SYS  Tue Jul 14 01: 51: 19 2009 (4A5BC877)
8bd83000 8bd8e000   usbuhci  usbuhci.sys  Tue Jul 14 01: 51: 10 2009 (4A5BC86E)
89537000 8956d000   VBoxDrv  VBoxDrv.sys  Fri May 16 15: 25: 38 2014 (537611D2)
89518000 89537000   VBoxUSBMon VBoxUSBMon.sys Fri May 16 15: 24: 47 2014 (5376119F)
84b39000 84b44000   vdrvroot vdrvroot.sys Tue Jul 14 01: 46: 19 2009 (4A5BC74B)
849cc000 849d8000   vga      vga.sys      Tue Jul 14 01: 25: 50 2009 (4A5BC27E)
849d8000 849f9000   VIDEOPRT VIDEOPRT.SYS Tue Jul 14 01: 25: 49 2009 (4A5BC27D)
851ad000 851b5380   vmstorfl vmstorfl.sys Tue Jul 14 01: 28: 44 2009 (4A5BC32C)
84b55000 84b65000   volmgr   volmgr.sys   Tue Jul 14 01: 11: 25 2009 (4A5BBF1D)
84b65000 84bb0000   volmgrx  volmgrx.sys  Tue Jul 14 01: 11: 41 2009 (4A5BBF2D)
851b6000 851f5000   volsnap  volsnap.sys  Tue Jul 14 01: 11: 34 2009 (4A5BBF26)
84800000 8480d000   watchdog watchdog.sys Tue Jul 14 01: 24: 10 2009 (4A5BC21A)
84a37000 84aa8000   Wdf01000 Wdf01000.sys Tue Jul 14 01: 11: 36 2009 (4A5BBF28)
84aa8000 84ab6000   WDFLDR   WDFLDR.SYS   Tue Jul 14 01: 11: 25 2009 (4A5BBF1D)
894e4000 894eb000   wfplwf   wfplwf.sys   Tue Jul 14 01: 53: 51 2009 (4A5BC90F)
8f300000 8f54a000   win32k   win32k.sys   Tue Jul 14 01: 26: 26 2009 (4A5BC2A2)
84afe000 84b07000   WMILIB   WMILIB.SYS   Tue Jul 14 01: 11: 22 2009 (4A5BBF1A)
8cbd1000 8cbeb000   WudfPf   WudfPf.sys   Tue Jul 14 01: 50: 13 2009 (4A5BC835)

Unloaded modules:  
895d8000 895ef000   ISODrive.sys
    Timestamp:  unavailable (00000000)
    Checksum:   00000000
    ImageSize:   00017000
bb6be000 bb6c4000   SEDriverVist
    Timestamp:  unavailable (00000000)
    Checksum:   00000000
    ImageSize:   00006000
84dd0000 84ddd000   crashdmp.sys
    Timestamp:  unavailable (00000000)
    Checksum:   00000000
    ImageSize:   0000D000
84ddd000 84de8000   dump_ataport
    Timestamp:  unavailable (00000000)
    Checksum:   00000000
    ImageSize:   0000B000
84ff7000 85000000   dump_atapi.s
    Timestamp:  unavailable (00000000)
    Checksum:   00000000
    ImageSize:   00009000
84de8000 84df9000   dump_dumpfve
    Timestamp:  unavailable (00000000)
    Checksum:   00000000
    ImageSize:   00011000
84c00000 84c08000   viaide.sys
    Timestamp:  unavailable (00000000)
    Checksum:   00000000
    ImageSize:   00008000
quit:



RE: DRIVER_VERIFIER_DETECTED_VIOLATION - pawlacco - 18.09.2014 10:29

Nie mam zadnefgo programu chroniacego na stale. Czasem odpalam avire, a tak to wersje portable.
Z ta weryfikacja zrobilem tak, ze w ogole ja wylaczylem.

Co do tych podejrzenych, to nie ma ich na dysku, ani w rejestrze nic. Amba fatima bylo i nima.
Thx