Jump to content
REVY

driver verifier bsod

Recommended Posts

followed a guide on MBAM about verifying files and decided i'd do it. 24hours later it would bsod and days after it would randomly and infrequently bsod with the same driver verifier problem.

 

· OS - Windows 10 
·  x64 
· What was original installed OS on system? Win10
· full retail version
· Age of system (hardware) 1-4 yrs
· Age of OS installation - 3 yrs

· CPU - i5-6600k
· Video Card - rx480 4gig
· MotherBoard -  asrock z77 extreme 4
· Power Supply - silverstone st1000
· System Manufacturer - self built


 Desktop

 

 

SysnativeFileCollectionApp.zip

PERFMON.zip

032118-10046-01.zip

032118-9859-01.zip

Share this post


Link to post
Share on other sites

Were you experiencing problems before running Driver Verifier?  If os, what kind?

First, please disable Driver Verifier.  To do so, open up verifier.exe and select "Delete existing settings", then click on Finish.
Reboot for the changes to take effect.

Then,
Driver Verifier blames BigNox VM VirtualBox
Please uninstall it and see if that stops the BSOD's
 

Then,
Your UEFI/BIOS (version P7.20) dates from 2016.  Please check at the manufacturer's website to see if there are any UEFI/BIOS updates available for your system.  This is just in case there has been a more recent update.
FYI - W8 and W10 communicate more with the UEFI/BIOS than previous versions of Windows, so it's important to ensure that the UEFI/BIOS is kept up to date (and that outdated UEFI/BIOS' may be the cause of some compatibility issues).
 

Although you appear to have a reasonable number of Windows Update hotfixes for this version of your OS, please double check for any new Windows Updates.  It only takes one update to cause a problem, so it's essential that you have all of them.  The actual number is not important.  Rather it's important that you checked manually, installed any available updates, and didn't experience any errors when checking or updating.

You have 6 hard drives.  What is the make/model/wattage and age of your Power Supply?
The purpose of this question is to get you to evaluate your PSU.
- PSU's tend to get less efficient with age
- adding components over time may decrease the ability of the PSU to support the entire system (Maybe remove some stuff to see if that helps?)
- while you can measure the output of a PSU with a multimeter, the readings may change dramatically when the PSU is put under load.  PSU testing instructions (by dc3) here:  https://www.bleepingcomputer.com/forums/t/654994/pc-is-crashingfreezing-up-multiple-times-daily/page-2#entry4341756
- there's a free PSU test in the OCCT program at http://www.ocbase.com/

You have an unknown USB device in Device Manager.
Unplug ALL USB devices and see if you can identify which one it is (by plugging them back in one-by-one and checking Device Manager)

Please update these older drivers.  Links are provided in order to assist you with looking up the source of the drivers.  
If unable to find an update, please uninstall the program that is responsible for that driver.  

DO NOT manually delete/rename the driver as it may make the system unbootable!!!:


HWiNFO64A.SYS               Tue Mar 31 05:51:32 2015 (551A6E24)
HWiNFO32 Kernel Driver http://www.hwinfo.com/download32.html
http://www.carrona.org/drivers/driver.php?id=HWiNFO64A.SYS
 
amdkmpfd.sys                Mon May 25 16:25:23 2015 (55638533)
AMD PCI Root Bus Lower Filter http://support.amd.com/us/gpudownload/Pages/index.aspx
http://www.carrona.org/drivers/driver.php?id=amdkmpfd.sys
 
lgcoretemp.sys              Tue Jun  9 12:52:10 2015 (557719BA)
Logitech Gaming Software driver http://support.logitech.com/en_gb/software/lgs
http://www.carrona.org/drivers/driver.php?id=lgcoretemp.sys
 
SeLow_x64.sys               Sun Oct 18 07:12:14 2015 (56237E8E)
SoftEther VPN Driver https://www.softether.org/5-download
http://www.carrona.org/drivers/driver.php?id=SeLow_x64.sys
 
 


Analysis:
The following is for information purposes only.
The following information contains the relevant information from the blue screen analysis:
]**************************Wed Mar 21 14:29:40.823 2018 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\032118-10046-01.dmp]
Windows 10 Kernel Version 16299 MP (4 procs) Free x64
Built by: 16299.15.amd64fre.rs3_release.170928-1534
System Uptime:0 days 2:03:13.475
*** WARNING: Unable to verify timestamp for YSDrv.sys
*** ERROR: Module load completed but symbols could not be loaded for YSDrv.sys
Probably caused by :YSDrv.sys ( YSDrv+139cf )
BugCheck C4, {1003, ffff920fa8ec2fc8, ffff920fa3568fc8, ffffbf8e17191010}
BugCheck Info: DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
Arguments:
Arg1: 0000000000001003, Releasing two locks in reverse order of their acquire.
Arg2: ffff920fa8ec2fc8, First lock address.
Arg3: ffff920fa3568fc8, Second lock address.
Arg4: ffffbf8e17191010, Verifier internal data.
BUGCHECK_STR:  0xc4_1003
PROCESS_NAME:  NoxVMHandle.exe
FAILURE_BUCKET_ID: 0xc4_1003_VRF_YSDrv!unknown_function
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Wed Mar 21 03:18:49.196 2018 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\032118-9859-01.dmp]
Windows 10 Kernel Version 16299 MP (4 procs) Free x64
Built by: 16299.15.amd64fre.rs3_release.170928-1534
System Uptime:0 days 1:49:40.600
*** WARNING: Unable to verify timestamp for YSDrv.sys
*** ERROR: Module load completed but symbols could not be loaded for YSDrv.sys
Probably caused by :YSDrv.sys ( YSDrv+139cf )
BugCheck C4, {1003, ffffca04cf98efc8, ffffca04c6152fc8, ffffa0061b9a35b0}
BugCheck Info: DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
Arguments:
Arg1: 0000000000001003, Releasing two locks in reverse order of their acquire.
Arg2: ffffca04cf98efc8, First lock address.
Arg3: ffffca04c6152fc8, Second lock address.
Arg4: ffffa0061b9a35b0, Verifier internal data.
BUGCHECK_STR:  0xc4_1003
PROCESS_NAME:  NoxVMHandle.exe
FAILURE_BUCKET_ID: 0xc4_1003_VRF_YSDrv!unknown_function
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
 


3rd Party Drivers:
The following is for information purposes only.
My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box:
**************************Wed Mar 21 14:29:40.823 2018 (UTC - 4:00)**************************
MpKsld2b142e1.sys           Mon Feb 27 20:54:41 1989 (2409FBE1)
intelppm.sys                Thu Sep 22 06:43:11 2011 (4E7B113F)
HWiNFO64A.SYS               Tue Mar 31 05:51:32 2015 (551A6E24)
amdkmpfd.sys                Mon May 25 16:25:23 2015 (55638533)
lgcoretemp.sys              Tue Jun  9 12:52:10 2015 (557719BA)
SeLow_x64.sys               Sun Oct 18 07:12:14 2015 (56237E8E)
VBoxUSBMon.sys              Fri May 27 22:18:36 2016 (5748FFFC)
ETDSMBus.sys                Wed Jun  1 05:18:43 2016 (574EA873)
LGVirHid.sys                Mon Jun 13 14:47:03 2016 (575EFFA7)
LGJoyXlCore.sys             Mon Jun 13 14:47:06 2016 (575EFFAA)
LGBusEnum.sys               Mon Jun 13 14:47:08 2016 (575EFFAC)
cmudaxp.sys                 Tue Jun 21 05:57:05 2016 (57690F71)
vmkbd.sys                   Thu Aug 18 01:50:55 2016 (57B54CBF)
mbae64.sys                  Wed Jan 11 12:08:00 2017 (58766670)
YSDrv.sys                   Sat Jan 21 01:41:13 2017 (58830289)
YSR0.sys                    Mon Jan 23 02:06:05 2017 (5885AB5D)
ICCWDT.sys                  Thu May  4 07:42:54 2017 (590B13BE)
e1d65x64.sys                Mon Sep 25 08:45:31 2017 (59C8FA6B)
asmtxhci.sys                Sat Nov  4 05:19:10 2017 (59FD860E)
asmthub3.sys                Sat Nov  4 05:19:18 2017 (59FD8616)
AtihdWT6.sys                Thu Nov 16 00:12:15 2017 (5A0D1E2F)
iaStorA.sys                 Thu Nov 16 08:23:22 2017 (5A0D914A)
TeeDriverW8x64.sys          Sun Nov 19 06:39:59 2017 (5A116D8F)
mbam.sys                    Thu Dec  7 12:35:31 2017 (5A297BE3)
MbamChameleon.sys           Thu Dec 21 12:39:17 2017 (5A3BF1C5)
mbamswissarmy.sys           Fri Dec 22 12:33:47 2017 (5A3D41FB)
atikmpag.sys                Wed Jan 31 18:12:27 2018 (5A724D5B)
atikmdag.sys                Wed Jan 31 18:36:34 2018 (5A725302)
farflt.sys                  Thu Feb  8 12:51:34 2018 (5A7C8E26)
mwac.sys                    Thu Mar  1 12:25:14 2018 (5A98377A)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Wed Mar 21 03:18:49.196 2018 (UTC - 4:00)**************************
MpKsl306caa89.sys           Mon Feb 27 20:54:41 1989 (2409FBE1)


MpKsld2b142e1.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=HWiNFO64A.SYS
http://www.carrona.org/drivers/driver.php?id=amdkmpfd.sys
http://www.carrona.org/drivers/driver.php?id=lgcoretemp.sys
http://www.carrona.org/drivers/driver.php?id=SeLow_x64.sys
http://www.carrona.org/drivers/driver.php?id=VBoxUSBMon.sys
http://www.carrona.org/drivers/driver.php?id=ETDSMBus.sys
http://www.carrona.org/drivers/driver.php?id=LGVirHid.sys
http://www.carrona.org/drivers/driver.php?id=LGJoyXlCore.sys
http://www.carrona.org/drivers/driver.php?id=LGBusEnum.sys
http://www.carrona.org/drivers/driver.php?id=cmudaxp.sys
http://www.carrona.org/drivers/driver.php?id=vmkbd.sys
http://www.carrona.org/drivers/driver.php?id=mbae64.sys
YSDrv.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
YSR0.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=ICCWDT.sys
http://www.carrona.org/drivers/driver.php?id=e1d65x64.sys
http://www.carrona.org/drivers/driver.php?id=asmtxhci.sys
http://www.carrona.org/drivers/driver.php?id=asmthub3.sys
http://www.carrona.org/drivers/driver.php?id=AtihdWT6.sys
http://www.carrona.org/drivers/driver.php?id=iaStorA.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverW8x64.sys
http://www.carrona.org/drivers/driver.php?id=mbam.sys
http://www.carrona.org/drivers/driver.php?id=MbamChameleon.sys
http://www.carrona.org/drivers/driver.php?id=mbamswissarmy.sys
http://www.carrona.org/drivers/driver.php?id=atikmpag.sys
http://www.carrona.org/drivers/driver.php?id=atikmdag.sys
http://www.carrona.org/drivers/driver.php?id=farflt.sys
http://www.carrona.org/drivers/driver.php?id=mwac.sys
MpKsl306caa89.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.

 

Share this post


Link to post
Share on other sites

i ran a verifier cmd because i had a reappearing trojan RAT. after that i had bsod randomly although it doesnt happen often. the trojan was removed after i had help here in these forums; so this bsod was a result of my initial attempt to get rid of the ttrojan. there is no verifier.exe file to uninstall; nor did i download any verifier program.

 

my PSU is a silverstone ST1000 discontinued version- about 9 years old. 

 

Share this post


Link to post
Share on other sites

Press the Windows key and the R at the same time.

This will open the Run dialog

Type "verifier.exe" (without the quotes) and press Enter

This will open the Driver Verifier settings page.

Select "Delete existing settings" and then click on "Finish" in the lower right corner of that Window

Reboot for the changes to take effect

If you have deleted verifier.exe, then you've damaged the OS.  In that case, I'd consider doing a clean install to fix any damage that the trojan (or you) may have caused.

Edited by usasma

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.