Help
Hello,
Per Gringo's suggestion in my prev tread, i'm posting here now in hopes someone here can help me in fixing the corrupt files that are causing my BSOD issue.. the original infection was taken care of with the guidence of Gringo and the logs/reports are showing the infection(s) have been removed but i still cant get windows to boot up normal.
Below is a summory of the orig posts, Thanks for any help i can get on this..
What happened:
I had gotten the Vista Antivirus 2012 malware on my computer 12/1 and followed misc steps on the internet to get rid of it, but when i boot up in normal mode i get BSOD after about 15 seconds or so as everytings loading up.. I came here and followed the guidence of cryptodan who confirmed the computer was still infected and then Gringo who helped me in removing the infection(s).
(i do recall when i first got the malware/virus i seen a black screen with alot of scrolling text on it that pretty much looked like it was going thru every file on the computer, so i did a hard boot to power off the system incase it was trying to spread)
Computer:
Gateway GT5411E - Vista Home Premium 32 bit w/sp2, Intel Pentium D 2.80 ghz, Nvidia Geforce 7900 gs, 2gb Ram, 250gb HD
Notes:
1. I'm able to boot into safe mode with no problems or safe mode with networking, but it is local only and wont allow anything to access the internet(update malwarebytes definitions, update antivirus definitions, cnn.com, etc)so anything i need on it i have to d/l on this one and transfer to that one using a flash drive.
2. I've also uninstalled the Avast antivirus and SuperAntiSpyware from that computer in an attempt to fix the SASKUTIL.SYS error(google search suggested avast/superantispyware might be cause) and have it isolated(physically unplugged from the internet/network) until fixed.
3. We ran the sfc.exe and it says it found corrupt files but was unable to fix some of them, attempting to repair using F8>advances boot options>repair computer resulted in it saying there was nothing to repair, and windows doesnt find any prev restore points so im not able to revert to a prev working point.
Below is bsod log created from BlueScreenView.
==================================================
Dump File : Mini010812-02.dmp
Crash Time : 1/8/2012 7:24:09 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0xc1cc0f00
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini010812-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini010812-01.dmp
Crash Time : 1/8/2012 6:58:24 AM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0x91277503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini010812-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini010512-01.dmp
Crash Time : 1/5/2012 3:40:53 AM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xa572a503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini010512-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini010312-02.dmp
Crash Time : 1/3/2012 1:40:12 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xa532d503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini010312-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini010312-01.dmp
Crash Time : 1/3/2012 12:19:22 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xa531e503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini010312-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini010212-02.dmp
Crash Time : 1/2/2012 11:47:23 AM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xa5337503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini010212-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini010212-01.dmp
Crash Time : 1/2/2012 11:39:44 AM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xa532d503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini010212-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini122711-01.dmp
Crash Time : 12/27/2011 5:15:03 AM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xa5312503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini122711-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini122111-02.dmp
Crash Time : 12/21/2011 9:40:51 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xa4f12503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini122111-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini122111-01.dmp
Crash Time : 12/21/2011 2:45:28 AM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xa572d503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini122111-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini121911-01.dmp
Crash Time : 12/19/2011 1:44:35 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xa5744503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini121911-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini121111-02.dmp
Crash Time : 12/11/2011 10:53:14 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0x8ef86503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini121111-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini121111-01.dmp
Crash Time : 12/11/2011 7:59:42 PM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x899e6820
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini121111-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120811-06.dmp
Crash Time : 12/8/2011 3:25:09 PM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x88f88390
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120811-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120811-05.dmp
Crash Time : 12/8/2011 3:12:42 PM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x8ad91d48
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120811-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120811-04.dmp
Crash Time : 12/8/2011 12:46:28 PM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x88eba030
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120811-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120811-03.dmp
Crash Time : 12/8/2011 10:26:54 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x88f31498
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120811-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120811-02.dmp
Crash Time : 12/8/2011 10:22:56 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x88f49bb8
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120811-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120811-01.dmp
Crash Time : 12/8/2011 9:12:56 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x88f69578
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120811-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120411-06.dmp
Crash Time : 12/4/2011 9:55:40 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x898e65f8
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120411-06.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120411-05.dmp
Crash Time : 12/4/2011 9:44:04 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x899d7690
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120411-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120411-04.dmp
Crash Time : 12/4/2011 8:19:39 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x899d6530
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120411-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120411-03.dmp
Crash Time : 12/4/2011 8:03:43 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x89864d58
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120411-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120411-02.dmp
Crash Time : 12/4/2011 7:18:09 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x8adf2380
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120411-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120411-01.dmp
Crash Time : 12/4/2011 7:01:45 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x898aeb40
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120411-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120311-01.dmp
Crash Time : 12/3/2011 7:29:09 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x899ce3a0
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120311-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120211-03.dmp
Crash Time : 12/2/2011 2:04:11 PM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x89a21030
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120211-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120211-02.dmp
Crash Time : 12/2/2011 9:27:23 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x89a104c0
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120211-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120211-01.dmp
Crash Time : 12/2/2011 6:50:56 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x89962e60
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120211-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini120111-05.dmp
Crash Time : 12/1/2011 5:45:46 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0x93ae7af8
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini120111-05.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 154,952
==================================================
==================================================
Dump File : Mini120111-04.dmp
Crash Time : 12/1/2011 5:24:39 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x8308dd03
Caused By Driver : hal.dll
Caused By Address : hal.dll+7023
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
Crash Address : ntoskrnl.exe+5acc9
Stack Address 1 : ntoskrnl.exe+41d03
Stack Address 2 : ntoskrnl.exe+27ec7
Stack Address 3 : raspptp.sys+cc84
Computer Name :
Full Path : C:\Windows\Minidump\Mini120111-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 154,952
==================================================
==================================================
Dump File : Mini120111-03.dmp
Crash Time : 12/1/2011 4:52:24 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x8304fd03
Caused By Driver : hal.dll
Caused By Address : hal.dll+7023
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
Crash Address : ntoskrnl.exe+5acc9
Stack Address 1 : ntoskrnl.exe+41d03
Stack Address 2 : ntoskrnl.exe+27ec7
Stack Address 3 : raspptp.sys+cc84
Computer Name :
Full Path : C:\Windows\Minidump\Mini120111-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 154,952
==================================================
==================================================
Dump File : Mini120111-02.dmp
Crash Time : 12/1/2011 4:32:40 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x83041d03
Caused By Driver : hal.dll
Caused By Address : hal.dll+5023
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
Crash Address : ntoskrnl.exe+5acc9
Stack Address 1 : ntoskrnl.exe+41d03
Stack Address 2 : ntoskrnl.exe+27ec7
Stack Address 3 : raspptp.sys+cc84
Computer Name :
Full Path : C:\Windows\Minidump\Mini120111-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 154,952
==================================================
==================================================
Dump File : Mini120111-01.dmp
Crash Time : 12/1/2011 4:22:36 AM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x83074d03
Caused By Driver : hal.dll
Caused By Address : hal.dll+23
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
Crash Address : ntoskrnl.exe+5acc9
Stack Address 1 : ntoskrnl.exe+41d03
Stack Address 2 : ntoskrnl.exe+27ec7
Stack Address 3 : raspptp.sys+cc84
Computer Name :
Full Path : C:\Windows\Minidump\Mini120111-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 154,952
==================================================
BSOD - Corrupt files from infection (clean now) can only boot into safe mode
Back to top
#2
- Member
-
- Group: Members
- Posts: 96
- Joined: 08-December 11
Posted 11 January 2012 - 11:54 PM
Ok, after further scanning thru the cbs.log the only 2 entries that contained either repairing or corrupted was..
POQ 65 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\2da1c36b53cacc01b71b000094018c03._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\8d02c66b53cacc01b81b000094018c03.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:204{102}]"\SystemRoot\WinSxS\Temp\PendingRenames\ed63c86b53cacc01b91b000094018c03.$$_inf_3f581daba4c8c835.cdf-ms", Destination = [l:116{58}]"\SystemRoot\WinSxS\FileMaps\$$_inf_3f581daba4c8c835.cdf-ms"
3: Move File: Source = [l:232{116}]"\SystemRoot\WinSxS\Temp\PendingRenames\4dc5ca6b53cacc01ba1b000094018c03.$$_inf_.net_clr_data_0864fda87da3c851.cdf-ms", Destination = [l:144{72}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_clr_data_0864fda87da3c851.cdf-ms"
4: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\ad26cd6b53cacc01bb1b000094018c03.$$_inf_.net_clr_data_0409_9334f23ff02764ac.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_clr_data_0409_9334f23ff02764ac.cdf-ms"
5: Move File: Source = [l:244{122}]"\SystemRoot\WinSxS\Temp\PendingRenames\0d88cf6b53cacc01bc1b000094018c03.$$_inf_.net_clr_networking_d061836896f4f29d.cdf-ms", Destination = [l:156{78}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_clr_networking_d061836896f4f29d.cdf-ms"
6: Move File: Source = [l:254{127}]"\SystemRoot\WinSxS\Temp\PendingRenames\6de9d16b53cacc01bd1b000094018c03.$$_inf_.net_clr_networking_0409_417ab2a4909264b0.cdf-ms", Destination = [l:166{83}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_clr_networking_0409_417ab2a4909264b0.cdf-ms"
7: Move File: Source = [l:264{132}]"\SystemRoot\WinSxS\Temp\PendingRenames\6de9d16b53cacc01be1b000094018c03.$$_inf_.net_data_provider_for_oracle_07838adde9419766.cdf-ms", Destination = [l:176{88}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_data_provider_for_oracle_07838add
2012-01-03 14:08:20, Info CSI e9419766.cdf-ms"
8: Move File: Source = [l:274{137}]"\SystemRoot\WinSxS\Temp\PendingRenames\6de9d16b53cacc01bf1b000094018c03.$$_inf_.net_data_provider_for_oracle_0409_1ac885a6f00b112b.cdf-ms", Destination = [l:186{93}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_data_provider_for_oracle_0409_1ac885a6f00b112b.cdf-ms"
9: Move File: Source = [l:270{135}]"\SystemRoot\WinSxS\Temp\PendingRenames\6de9d16b53cacc01c01b000094018c03.$$_inf_.net_data_provider_for_sqlserver_7cfd5f3e72497ce1.cdf-ms", Destination = [l:182{91}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_data_provider_for_sqlserver_7cfd5f3e72497ce1.cdf-ms"
10: Move File: Source = [l:280{140}]"\SystemRoot\WinSxS\Temp\PendingRenames\6de9d16b53cacc01c11b000094018c03.$$_inf_.net_data_provider_for_sqlserver_0409_22ef188981b08c78.cdf-ms", Destination = [l:192{96}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_data_provider_for_sqlserver_0409_22ef188981b08c78.cdf-ms"
11: Move File: Source = [l:232{116}]"\SystemRoot\WinSxS\Temp\PendingRenames\6de9d16b53cacc01c21b000094018c03.$$_inf_.netframework_266880c2626e99c6.cdf-ms", Destination = [l:144{72}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.netframework_266880c2626e99c6.cdf-ms"
12: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\2dacd66b53cacc01c31b000094018c03.$$_inf_.netframework_0409_fd6b70814927192f.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.netframework_0409_fd6b70814927192f.cdf-ms"
13: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\ad52196c53cacc01c41b000094018c03.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
14: Move File: Source = [l:238{119}]"\SystemRoot\WinSxS\Temp\PendingRenames\cd76206c53cacc01c51b000094018c03.$$_system32_networklist_029a48465a9cac56.cdf-ms", Destination = [l:150{75}]"\SystemRoot\WinSxS\FileMaps\$$_system32_networklist_029a48465a9cac56.cdf-ms"
15: Move File: Source = [l:250{125}]"\SystemRoot\WinSxS\Temp\PendingRenames
2012-01-03 14:08:20, Info CSI \cd76206c53cacc01c61b000094018c03.$$_system32_networklist_icons_2b49083c03963dec.cdf-ms", Destination = [l:162{81}]"\SystemRoot\WinSxS\FileMaps\$$_system32_networklist_icons_2b49083c03963dec.cdf-ms"
16: Move File: Source = [l:224{112}]"\SystemRoot\WinSxS\Temp\PendingRenames\2d046f6c53cacc01c71b000094018c03.$$_microsoft.net_3296b36dbe4c7fa3.cdf-ms", Destination = [l:136{68}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_3296b36dbe4c7fa3.cdf-ms"
17: Move File: Source = [l:244{122}]"\SystemRoot\WinSxS\Temp\PendingRenames\2d046f6c53cacc01c81b000094018c03.$$_microsoft.net_framework_83386eac0379231b.cdf-ms", Destination = [l:156{78}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_83386eac0379231b.cdf-ms"
18: Move File: Source = [l:266{133}]"\SystemRoot\WinSxS\Temp\PendingRenames\8d65716c53cacc01c91b000094018c03.$$_microsoft.net_framework_v2.0.50727_e9368840261e60ee.cdf-ms", Destination = [l:178{89}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_v2.0.50727_e9368840261e60ee.cdf-ms"
19: Move File: Source = [l:284{142}]"\SystemRoot\WinSxS\Temp\PendingRenames\8d65716c53cacc01ca1b000094018c03.$$_microsoft.net_framework_v2.0.50727_mui_0409_fbbb44c0c63bd26c.cdf-ms", Destination = [l:196{98}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_v2.0.50727_mui_0409_fbbb44c0c63bd26c.cdf-ms"
20: Move File: Source = [l:276{138}]"\SystemRoot\WinSxS\Temp\PendingRenames\8d65716c53cacc01cb1b000094018c03.$$_microsoft.net_framework_v2.0.50727_1033_7994eb100abd5435.cdf-ms", Destination = [l:188{94}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_v2.0.50727_1033_7994eb100abd5435.cdf-ms"
21: Move File: Source = [l:280{140}]"\SystemRoot\WinSxS\Temp\PendingRenames\edc6736c53cacc01cc1b000094018c03.$$_microsoft.net_framework_v2.0.50727_config_9a0d48f3c07d2a12.cdf-ms", Destination = [l:192{96}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_v2.0.50727_config_9a0d48f3c07d2a12.cdf-ms"
22: Move File: Source = [l:264{132}]"\SystemRoot\WinSxS\Temp\PendingRenames\edc6736c53cacc01cd1b
2012-01-03 14:08:20, Info CSI 000094018c03.$$_microsoft.net_framework_v1.0.3705_b19cf3207984c497.cdf-ms", Destination = [l:176{88}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_v1.0.3705_b19cf3207984c497.cdf-ms"
23: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\edc6736c53cacc01ce1b000094018c03.$$_inf_.net_clr_data_0000_9334e121f0277e71.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_clr_data_0000_9334e121f0277e71.cdf-ms"
24: Move File: Source = [l:254{127}]"\SystemRoot\WinSxS\Temp\PendingRenames\4d28766c53cacc01cf1b000094018c03.$$_inf_.net_clr_networking_0000_417aaafa90927065.cdf-ms", Destination = [l:166{83}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_clr_networking_0000_417aaafa90927065.cdf-ms"
25: Move File: Source = [l:274{137}]"\SystemRoot\WinSxS\Temp\PendingRenames\4d28766c53cacc01d01b000094018c03.$$_inf_.net_data_provider_for_oracle_0000_1ac87488f00b2af0.cdf-ms", Destination = [l:186{93}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_data_provider_for_oracle_0000_1ac87488f00b2af0.cdf-ms"
26: Move File: Source = [l:280{140}]"\SystemRoot\WinSxS\Temp\PendingRenames\4d28766c53cacc01d11b000094018c03.$$_inf_.net_data_provider_for_sqlserver_0000_22ef191981b08b2b.cdf-ms", Destination = [l:192{96}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_data_provider_for_sqlserver_0000_22ef191981b08b2b.cdf-ms"
27: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\ad89786c53cacc01d21b000094018c03.$$_inf_.netframework_0000_fd6b5f63492732f4.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.netframework_0000_fd6b5f63492732f4.cdf-ms"
28: Move File: Source = [l:232{116}]"\SystemRoot\WinSxS\Temp\PendingRenames\ad948b6c53cacc01d31b000094018c03.$$_system32_mui_0409_ecc96e0e9498d62e.cdf-ms", Destination = [l:144{72}]"\SystemRoot\WinSxS\FileMaps\$$_system32_mui_0409_ecc96e0e9498d62e.cdf-ms"
29: Move File: Source = [l:222{111}]"\SystemRoot\WinSxS\Temp\PendingRenames\0d2ded6c53cacc01d41b000094018c03.$$_system32_ias_0665534bd047d20d.cdf-ms", De
2012-01-03 14:08:20, Info CSI stination = [l:134{67}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ias_0665534bd047d20d.cdf-ms"
30: Set Key Value: Key = [l:168{84}]"\Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Sysprep\Generalize", Value = [l:76{38}]"{7625c7d5-515a-789b-719b-d787d2bde1cd}", Type = REG_SZ (1), Data = {l:126 b:43003a005c00570069006e0064006f00770073005c00530079007300740065006d00330032005c006e006c006d00730070007200650070002e0064006c006c002c004e006500740077006f0072006b004c006900730074004d0061006e0061006700650072005f00470065006e006500720061006c0069007a0065000000}
POQ 65 ends.
2012-01-03 14:08:20, Info CSI 00000159 [SR] Verify complete
2012-01-03 14:08:21, Info CSI 0000015a [SR] Verifying 100 (0x00000064) components
2012-01-03 14:08:21, Info CSI 0000015b [SR] Beginning Verify and Repair transaction
2012-01-03 14:08:34, Info CSI 0000015c [SR] Repairing corrupted file [ml:520{260},l:12{6}]"\??\C:"\[l:20{10}]"config.sys" from store
2012-01-03 14:08:34, Info CSI 0000015d Repair results created:
and
POQ 93 starts:
POQ 93 ends.
2012-01-03 14:12:06, Info CSI 000001d8 [SR] Verify complete
2012-01-03 14:12:06, Info CSI 000001d9 [SR] Repairing 1 components
2012-01-03 14:12:06, Info CSI 000001da [SR] Beginning Verify and Repair transaction
2012-01-03 14:12:07, Info CSI 000001db [SR] Repairing corrupted file [ml:520{260},l:12{6}]"\??\C:"\[l:20{10}]"config.sys" from store
2012-01-03 14:12:07, Info CSI 000001dc Repair results created
with the last entry on the log being..
POQ 94 ends.
2012-01-03 14:12:07, Info CSI 000001dd [SR] Repair complete
2012-01-03 14:12:07, Info CSI 000001de [SR] Committing transaction
2012-01-03 14:12:07, Info CSI 000001df Creating NT transaction (seq 1), objectname [6]"(null)"
2012-01-03 14:12:07, Info CSI 000001e0 Created NT transaction (seq 1) result 0x00000000, handle @0x1b8c
2012-01-03 14:12:07, Info CSI 000001e1@2012/1/3:20:12:07.268 CSI perf trace:
CSIPERF:TXCOMMIT;1192
2012-01-03 14:12:07, Info CSI 000001e2 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
2012-01-03 14:12:28, Info CBS Scavenge: Package store indicates there is no component to scavenge, skipping.
Note the "2012-01-03 14:12:07, Info CSI 000001e2 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired", could this be why the sfcdetails.txt was empty? im not understanding why the sfc.exe said their was corrupted filed found that it couldnt fix though.
Also after googling the "DRIVER_VERIFIER_DETECTED_VIOLATION" there was several mentions of turning off driver verifier, so i did that and on reboot it made it almost completely loaded before getting BSOD again and below is the BlueScreenView including that error.
==================================================
Dump File : Mini011112-01.dmp
Crash Time : 1/11/2012 10:26:23 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x83050d03
Caused By Driver : hal.dll
Caused By Address : hal.dll+6023
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
Crash Address : ntoskrnl.exe+5acc9
Stack Address 1 : ntoskrnl.exe+41d03
Stack Address 2 : ntoskrnl.exe+27ec7
Stack Address 3 : raspptp.sys+cc84
Computer Name :
Full Path : C:\Windows\Minidump\Mini011112-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 154,904
==================================================
==================================================
Dump File : Mini010812-02.dmp
Crash Time : 1/8/2012 7:24:09 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0xc1cc0f00
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini010812-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini010812-01.dmp
Crash Time : 1/8/2012 6:58:24 AM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0x91277503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini010812-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini010512-01.dmp
Crash Time : 1/5/2012 3:40:53 AM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xa572a503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini010512-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
POQ 65 starts:
0: Move File: Source = [l:192{96}]"\SystemRoot\WinSxS\Temp\PendingRenames\2da1c36b53cacc01b71b000094018c03._0000000000000000.cdf-ms", Destination = [l:104{52}]"\SystemRoot\WinSxS\FileMaps\_0000000000000000.cdf-ms"
1: Move File: Source = [l:162{81}]"\SystemRoot\WinSxS\Temp\PendingRenames\8d02c66b53cacc01b81b000094018c03.$$.cdf-ms", Destination = [l:74{37}]"\SystemRoot\WinSxS\FileMaps\$$.cdf-ms"
2: Move File: Source = [l:204{102}]"\SystemRoot\WinSxS\Temp\PendingRenames\ed63c86b53cacc01b91b000094018c03.$$_inf_3f581daba4c8c835.cdf-ms", Destination = [l:116{58}]"\SystemRoot\WinSxS\FileMaps\$$_inf_3f581daba4c8c835.cdf-ms"
3: Move File: Source = [l:232{116}]"\SystemRoot\WinSxS\Temp\PendingRenames\4dc5ca6b53cacc01ba1b000094018c03.$$_inf_.net_clr_data_0864fda87da3c851.cdf-ms", Destination = [l:144{72}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_clr_data_0864fda87da3c851.cdf-ms"
4: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\ad26cd6b53cacc01bb1b000094018c03.$$_inf_.net_clr_data_0409_9334f23ff02764ac.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_clr_data_0409_9334f23ff02764ac.cdf-ms"
5: Move File: Source = [l:244{122}]"\SystemRoot\WinSxS\Temp\PendingRenames\0d88cf6b53cacc01bc1b000094018c03.$$_inf_.net_clr_networking_d061836896f4f29d.cdf-ms", Destination = [l:156{78}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_clr_networking_d061836896f4f29d.cdf-ms"
6: Move File: Source = [l:254{127}]"\SystemRoot\WinSxS\Temp\PendingRenames\6de9d16b53cacc01bd1b000094018c03.$$_inf_.net_clr_networking_0409_417ab2a4909264b0.cdf-ms", Destination = [l:166{83}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_clr_networking_0409_417ab2a4909264b0.cdf-ms"
7: Move File: Source = [l:264{132}]"\SystemRoot\WinSxS\Temp\PendingRenames\6de9d16b53cacc01be1b000094018c03.$$_inf_.net_data_provider_for_oracle_07838adde9419766.cdf-ms", Destination = [l:176{88}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_data_provider_for_oracle_07838add
2012-01-03 14:08:20, Info CSI e9419766.cdf-ms"
8: Move File: Source = [l:274{137}]"\SystemRoot\WinSxS\Temp\PendingRenames\6de9d16b53cacc01bf1b000094018c03.$$_inf_.net_data_provider_for_oracle_0409_1ac885a6f00b112b.cdf-ms", Destination = [l:186{93}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_data_provider_for_oracle_0409_1ac885a6f00b112b.cdf-ms"
9: Move File: Source = [l:270{135}]"\SystemRoot\WinSxS\Temp\PendingRenames\6de9d16b53cacc01c01b000094018c03.$$_inf_.net_data_provider_for_sqlserver_7cfd5f3e72497ce1.cdf-ms", Destination = [l:182{91}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_data_provider_for_sqlserver_7cfd5f3e72497ce1.cdf-ms"
10: Move File: Source = [l:280{140}]"\SystemRoot\WinSxS\Temp\PendingRenames\6de9d16b53cacc01c11b000094018c03.$$_inf_.net_data_provider_for_sqlserver_0409_22ef188981b08c78.cdf-ms", Destination = [l:192{96}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_data_provider_for_sqlserver_0409_22ef188981b08c78.cdf-ms"
11: Move File: Source = [l:232{116}]"\SystemRoot\WinSxS\Temp\PendingRenames\6de9d16b53cacc01c21b000094018c03.$$_inf_.netframework_266880c2626e99c6.cdf-ms", Destination = [l:144{72}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.netframework_266880c2626e99c6.cdf-ms"
12: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\2dacd66b53cacc01c31b000094018c03.$$_inf_.netframework_0409_fd6b70814927192f.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.netframework_0409_fd6b70814927192f.cdf-ms"
13: Move File: Source = [l:214{107}]"\SystemRoot\WinSxS\Temp\PendingRenames\ad52196c53cacc01c41b000094018c03.$$_system32_21f9a9c4a2f8b514.cdf-ms", Destination = [l:126{63}]"\SystemRoot\WinSxS\FileMaps\$$_system32_21f9a9c4a2f8b514.cdf-ms"
14: Move File: Source = [l:238{119}]"\SystemRoot\WinSxS\Temp\PendingRenames\cd76206c53cacc01c51b000094018c03.$$_system32_networklist_029a48465a9cac56.cdf-ms", Destination = [l:150{75}]"\SystemRoot\WinSxS\FileMaps\$$_system32_networklist_029a48465a9cac56.cdf-ms"
15: Move File: Source = [l:250{125}]"\SystemRoot\WinSxS\Temp\PendingRenames
2012-01-03 14:08:20, Info CSI \cd76206c53cacc01c61b000094018c03.$$_system32_networklist_icons_2b49083c03963dec.cdf-ms", Destination = [l:162{81}]"\SystemRoot\WinSxS\FileMaps\$$_system32_networklist_icons_2b49083c03963dec.cdf-ms"
16: Move File: Source = [l:224{112}]"\SystemRoot\WinSxS\Temp\PendingRenames\2d046f6c53cacc01c71b000094018c03.$$_microsoft.net_3296b36dbe4c7fa3.cdf-ms", Destination = [l:136{68}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_3296b36dbe4c7fa3.cdf-ms"
17: Move File: Source = [l:244{122}]"\SystemRoot\WinSxS\Temp\PendingRenames\2d046f6c53cacc01c81b000094018c03.$$_microsoft.net_framework_83386eac0379231b.cdf-ms", Destination = [l:156{78}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_83386eac0379231b.cdf-ms"
18: Move File: Source = [l:266{133}]"\SystemRoot\WinSxS\Temp\PendingRenames\8d65716c53cacc01c91b000094018c03.$$_microsoft.net_framework_v2.0.50727_e9368840261e60ee.cdf-ms", Destination = [l:178{89}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_v2.0.50727_e9368840261e60ee.cdf-ms"
19: Move File: Source = [l:284{142}]"\SystemRoot\WinSxS\Temp\PendingRenames\8d65716c53cacc01ca1b000094018c03.$$_microsoft.net_framework_v2.0.50727_mui_0409_fbbb44c0c63bd26c.cdf-ms", Destination = [l:196{98}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_v2.0.50727_mui_0409_fbbb44c0c63bd26c.cdf-ms"
20: Move File: Source = [l:276{138}]"\SystemRoot\WinSxS\Temp\PendingRenames\8d65716c53cacc01cb1b000094018c03.$$_microsoft.net_framework_v2.0.50727_1033_7994eb100abd5435.cdf-ms", Destination = [l:188{94}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_v2.0.50727_1033_7994eb100abd5435.cdf-ms"
21: Move File: Source = [l:280{140}]"\SystemRoot\WinSxS\Temp\PendingRenames\edc6736c53cacc01cc1b000094018c03.$$_microsoft.net_framework_v2.0.50727_config_9a0d48f3c07d2a12.cdf-ms", Destination = [l:192{96}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_v2.0.50727_config_9a0d48f3c07d2a12.cdf-ms"
22: Move File: Source = [l:264{132}]"\SystemRoot\WinSxS\Temp\PendingRenames\edc6736c53cacc01cd1b
2012-01-03 14:08:20, Info CSI 000094018c03.$$_microsoft.net_framework_v1.0.3705_b19cf3207984c497.cdf-ms", Destination = [l:176{88}]"\SystemRoot\WinSxS\FileMaps\$$_microsoft.net_framework_v1.0.3705_b19cf3207984c497.cdf-ms"
23: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\edc6736c53cacc01ce1b000094018c03.$$_inf_.net_clr_data_0000_9334e121f0277e71.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_clr_data_0000_9334e121f0277e71.cdf-ms"
24: Move File: Source = [l:254{127}]"\SystemRoot\WinSxS\Temp\PendingRenames\4d28766c53cacc01cf1b000094018c03.$$_inf_.net_clr_networking_0000_417aaafa90927065.cdf-ms", Destination = [l:166{83}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_clr_networking_0000_417aaafa90927065.cdf-ms"
25: Move File: Source = [l:274{137}]"\SystemRoot\WinSxS\Temp\PendingRenames\4d28766c53cacc01d01b000094018c03.$$_inf_.net_data_provider_for_oracle_0000_1ac87488f00b2af0.cdf-ms", Destination = [l:186{93}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_data_provider_for_oracle_0000_1ac87488f00b2af0.cdf-ms"
26: Move File: Source = [l:280{140}]"\SystemRoot\WinSxS\Temp\PendingRenames\4d28766c53cacc01d11b000094018c03.$$_inf_.net_data_provider_for_sqlserver_0000_22ef191981b08b2b.cdf-ms", Destination = [l:192{96}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.net_data_provider_for_sqlserver_0000_22ef191981b08b2b.cdf-ms"
27: Move File: Source = [l:242{121}]"\SystemRoot\WinSxS\Temp\PendingRenames\ad89786c53cacc01d21b000094018c03.$$_inf_.netframework_0000_fd6b5f63492732f4.cdf-ms", Destination = [l:154{77}]"\SystemRoot\WinSxS\FileMaps\$$_inf_.netframework_0000_fd6b5f63492732f4.cdf-ms"
28: Move File: Source = [l:232{116}]"\SystemRoot\WinSxS\Temp\PendingRenames\ad948b6c53cacc01d31b000094018c03.$$_system32_mui_0409_ecc96e0e9498d62e.cdf-ms", Destination = [l:144{72}]"\SystemRoot\WinSxS\FileMaps\$$_system32_mui_0409_ecc96e0e9498d62e.cdf-ms"
29: Move File: Source = [l:222{111}]"\SystemRoot\WinSxS\Temp\PendingRenames\0d2ded6c53cacc01d41b000094018c03.$$_system32_ias_0665534bd047d20d.cdf-ms", De
2012-01-03 14:08:20, Info CSI stination = [l:134{67}]"\SystemRoot\WinSxS\FileMaps\$$_system32_ias_0665534bd047d20d.cdf-ms"
30: Set Key Value: Key = [l:168{84}]"\Registry\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Sysprep\Generalize", Value = [l:76{38}]"{7625c7d5-515a-789b-719b-d787d2bde1cd}", Type = REG_SZ (1), Data = {l:126 b:43003a005c00570069006e0064006f00770073005c00530079007300740065006d00330032005c006e006c006d00730070007200650070002e0064006c006c002c004e006500740077006f0072006b004c006900730074004d0061006e0061006700650072005f00470065006e006500720061006c0069007a0065000000}
POQ 65 ends.
2012-01-03 14:08:20, Info CSI 00000159 [SR] Verify complete
2012-01-03 14:08:21, Info CSI 0000015a [SR] Verifying 100 (0x00000064) components
2012-01-03 14:08:21, Info CSI 0000015b [SR] Beginning Verify and Repair transaction
2012-01-03 14:08:34, Info CSI 0000015c [SR] Repairing corrupted file [ml:520{260},l:12{6}]"\??\C:"\[l:20{10}]"config.sys" from store
2012-01-03 14:08:34, Info CSI 0000015d Repair results created:
and
POQ 93 starts:
POQ 93 ends.
2012-01-03 14:12:06, Info CSI 000001d8 [SR] Verify complete
2012-01-03 14:12:06, Info CSI 000001d9 [SR] Repairing 1 components
2012-01-03 14:12:06, Info CSI 000001da [SR] Beginning Verify and Repair transaction
2012-01-03 14:12:07, Info CSI 000001db [SR] Repairing corrupted file [ml:520{260},l:12{6}]"\??\C:"\[l:20{10}]"config.sys" from store
2012-01-03 14:12:07, Info CSI 000001dc Repair results created
with the last entry on the log being..
POQ 94 ends.
2012-01-03 14:12:07, Info CSI 000001dd [SR] Repair complete
2012-01-03 14:12:07, Info CSI 000001de [SR] Committing transaction
2012-01-03 14:12:07, Info CSI 000001df Creating NT transaction (seq 1), objectname [6]"(null)"
2012-01-03 14:12:07, Info CSI 000001e0 Created NT transaction (seq 1) result 0x00000000, handle @0x1b8c
2012-01-03 14:12:07, Info CSI 000001e1@2012/1/3:20:12:07.268 CSI perf trace:
CSIPERF:TXCOMMIT;1192
2012-01-03 14:12:07, Info CSI 000001e2 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
2012-01-03 14:12:28, Info CBS Scavenge: Package store indicates there is no component to scavenge, skipping.
Note the "2012-01-03 14:12:07, Info CSI 000001e2 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired", could this be why the sfcdetails.txt was empty? im not understanding why the sfc.exe said their was corrupted filed found that it couldnt fix though.
Also after googling the "DRIVER_VERIFIER_DETECTED_VIOLATION" there was several mentions of turning off driver verifier, so i did that and on reboot it made it almost completely loaded before getting BSOD again and below is the BlueScreenView including that error.
==================================================
Dump File : Mini011112-01.dmp
Crash Time : 1/11/2012 10:26:23 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x83050d03
Caused By Driver : hal.dll
Caused By Address : hal.dll+6023
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Processor : 32-bit
Crash Address : ntoskrnl.exe+5acc9
Stack Address 1 : ntoskrnl.exe+41d03
Stack Address 2 : ntoskrnl.exe+27ec7
Stack Address 3 : raspptp.sys+cc84
Computer Name :
Full Path : C:\Windows\Minidump\Mini011112-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 154,904
==================================================
==================================================
Dump File : Mini010812-02.dmp
Crash Time : 1/8/2012 7:24:09 AM
Bug Check String : DRIVER_VERIFIER_DETECTED_VIOLATION
Bug Check Code : 0x000000c4
Parameter 1 : 0x000000cb
Parameter 2 : 0xc1cc0f00
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : raspptp.sys
Caused By Address : raspptp.sys+cc84
File Description : Peer-to-Peer Tunneling Protocol
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.0.6001.18000 (longhorn_rtm.080118-1840)
Processor : 32-bit
Crash Address : ntoskrnl.exe+bb89f
Stack Address 1 : ntoskrnl.exe+2de565
Stack Address 2 : ntoskrnl.exe+2e3bdd
Stack Address 3 : ntoskrnl.exe+2e3a7a
Computer Name :
Full Path : C:\Windows\Minidump\Mini010812-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini010812-01.dmp
Crash Time : 1/8/2012 6:58:24 AM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0x91277503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini010812-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
==================================================
Dump File : Mini010512-01.dmp
Crash Time : 1/5/2012 3:40:53 AM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0xa572a503
Parameter 3 : 0x80699904
Parameter 4 : 0x80699600
Caused By Driver : SASKUTIL.SYS
Caused By Address : SASKUTIL.SYS+7503
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : SASKUTIL.SYS+7503
Stack Address 1 : SASKUTIL.SYS+1fcc
Stack Address 2 : ntoskrnl.exe+163b83
Stack Address 3 : ntoskrnl.exe+34e20c
Computer Name :
Full Path : C:\Windows\Minidump\Mini010512-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 131,072
==================================================
#4
- Member
-
- Group: Members
- Posts: 96
- Joined: 08-December 11
Posted 18 January 2012 - 11:10 AM
I have tried to replace the corrupt files by following the Guide Here, but am stuck on step 4.4 and cant get around it.. keeps giving me this error and the only other person to post there with the same problem didnt post if he fixed it or how he did it.
C:\Program Files\Windows AIK\Tools\x86>imagex /mount E:\Sources\install.wim 1 D:\Vista
ImageX Tool for Windows
Copyright © Microsoft Corp. 1981-2005. All rights reserved.
Mounting: [E:\Sources\install.wim, 1] ->
[D:\Vista]
Error mounting image:
The system cannot find the file specified.
C:\Program Files\Windows AIK\Tools\x86>
i have copies of the 3 corrupt files that i beleave are causing the problem copied and pasted into a folder on the desktop from another vista sp2 puter, but it wont allow me to just overwrite the files in question via copy and paste.. does anyone know of another method?
C:\Program Files\Windows AIK\Tools\x86>imagex /mount E:\Sources\install.wim 1 D:\Vista
ImageX Tool for Windows
Copyright © Microsoft Corp. 1981-2005. All rights reserved.
Mounting: [E:\Sources\install.wim, 1] ->
[D:\Vista]
Error mounting image:
The system cannot find the file specified.
C:\Program Files\Windows AIK\Tools\x86>
i have copies of the 3 corrupt files that i beleave are causing the problem copied and pasted into a folder on the desktop from another vista sp2 puter, but it wont allow me to just overwrite the files in question via copy and paste.. does anyone know of another method?
#5
- Forum Addict
-
- Group: Moderator
- Posts: 31,460
- Joined: 03-September 05
- Gender:Male
- Location:Killeen, TX
Posted 18 January 2012 - 12:59 PM
Hi 
.
I'm responding to your situation...only because no one else has and I beleive that a response of some sort is due. I've never run Vista and am not familiar with its idiosyncracies but I can state general ideas about your situation.
The primary tool available for dealing with file corruption that are Windows tools are:
a. Chkdsk /r, which can overcome some problems with system files.
b. The sfc /scannow command, which is the tool designed to overcome missing/damaged system files.
The only other Windows option is to do a repair install, an option which is only available in XP, not available in either Vista or Win 7.
I can't speak of options which might be available via linux or some other mechanism.
The guide which you posted from the Vista Forums website...seems well-written...but it may not have been used by anyone at this website and that might account for the lack of commentary regarding such. Inquiring here about something that originates elsewhere...implicitly carries that risk, IMO. So I am not surprised at the lack of response to your questions, regrettable though it may be.
I'm not sure that anyone can determine...exactly what files are damaged during or after malware removal. Windows efforts attempt to determine if Windows system files are damaged...but it does not address program files which might be damaged and, therefore, causing system problems. It doesn't address driver files which might be damaged...and driver files can certainly result in the symptoms indicated by your stated troubles.
In fact, the possible factors leading to system problems...can have so many varying causes...that I think it difficult to try to pin down sometimes. Perhaps that's why some suggest a clean install after serious malware situations.
You also seem to have excluded the possibility of hardware or file system problems...from your list of suspects. You've eliminated the malware possibility, but that's only one out of several possibilities.
Now that I've made alibis for the lack of response to your situation and overstated the obvious complexity of said situation...let's see if those familiar with Vista...can provide something in the way of commentary that will assist you.
As a non-Vista user, my solution would be simply to do a clean install, based on what I see as possibilities that cannot be easily resolved. But I'm lazy and I don't believe that humpty-dumpty can always be put together again and regain former functionality.
Here's hoping that you get more input from those more knowledgeable than I happen to be.
Louis
.I'm responding to your situation...only because no one else has and I beleive that a response of some sort is due. I've never run Vista and am not familiar with its idiosyncracies but I can state general ideas about your situation.
The primary tool available for dealing with file corruption that are Windows tools are:
a. Chkdsk /r, which can overcome some problems with system files.
b. The sfc /scannow command, which is the tool designed to overcome missing/damaged system files.
The only other Windows option is to do a repair install, an option which is only available in XP, not available in either Vista or Win 7.
I can't speak of options which might be available via linux or some other mechanism.
The guide which you posted from the Vista Forums website...seems well-written...but it may not have been used by anyone at this website and that might account for the lack of commentary regarding such. Inquiring here about something that originates elsewhere...implicitly carries that risk, IMO. So I am not surprised at the lack of response to your questions, regrettable though it may be.
I'm not sure that anyone can determine...exactly what files are damaged during or after malware removal. Windows efforts attempt to determine if Windows system files are damaged...but it does not address program files which might be damaged and, therefore, causing system problems. It doesn't address driver files which might be damaged...and driver files can certainly result in the symptoms indicated by your stated troubles.
In fact, the possible factors leading to system problems...can have so many varying causes...that I think it difficult to try to pin down sometimes. Perhaps that's why some suggest a clean install after serious malware situations.
You also seem to have excluded the possibility of hardware or file system problems...from your list of suspects. You've eliminated the malware possibility, but that's only one out of several possibilities.
Now that I've made alibis for the lack of response to your situation and overstated the obvious complexity of said situation...let's see if those familiar with Vista...can provide something in the way of commentary that will assist you.
As a non-Vista user, my solution would be simply to do a clean install, based on what I see as possibilities that cannot be easily resolved. But I'm lazy and I don't believe that humpty-dumpty can always be put together again and regain former functionality.
Here's hoping that you get more input from those more knowledgeable than I happen to be.
Louis
#6
- Member
-
- Group: Members
- Posts: 96
- Joined: 08-December 11
Posted 18 January 2012 - 01:23 PM
thank you for the responce.. yes, ive tried both those and saddly as you stated the repair install wont work either since i have sp2 installed.
am hoping someone knows of another workaround to replace what i beleave are the corrupt files to safe a complete reinstall(thinking about going to win 7 if thats the case).. this one in question was my general web surfing computer and would hate to lose all my passwords and everything that windows remmembers for me, not to mention my wide and daughters profile/partitions on there, lol
am hoping someone knows of another workaround to replace what i beleave are the corrupt files to safe a complete reinstall(thinking about going to win 7 if thats the case).. this one in question was my general web surfing computer and would hate to lose all my passwords and everything that windows remmembers for me, not to mention my wide and daughters profile/partitions on there, lol
#7
- Forum Addict
-
- Group: Moderator
- Posts: 31,460
- Joined: 03-September 05
- Gender:Male
- Location:Killeen, TX
Posted 18 January 2012 - 02:52 PM
Understood...that's why backups are important. Things go wrong all the time, it's nice to be prepared for those times.
In any case...I would start with the appropriate hard drive diagnostic...before I expended any time/energy on anything else. I like to know if the base of the system is worth any effort to overcome frustrations. I would do the long test to satisfy myself that the hard drive is good.
Louis
In any case...I would start with the appropriate hard drive diagnostic...before I expended any time/energy on anything else. I like to know if the base of the system is worth any effort to overcome frustrations. I would do the long test to satisfy myself that the hard drive is good.
Louis
#8
- Inquisitor
-
- Group: BC Advisor
- Posts: 4,713
- Joined: 15-July 09
- Gender:Male
- Location:Cowra NSW Australia
Posted 18 January 2012 - 03:47 PM
Please uninstall SuperAntiSpyware.
Let me know if you were able to successfully uninstall SuperAntiSpyware, and if doing so has made any difference to your BSOD problem.
Let me know if you were able to successfully uninstall SuperAntiSpyware, and if doing so has made any difference to your BSOD problem.
AustrAlien
Google is my friend. Make Google your friend too.
Google is my friend. Make Google your friend too.
#9
- Member
-
- Group: Members
- Posts: 96
- Joined: 08-December 11
Posted 18 January 2012 - 04:12 PM
hamluis, agreed and i have noone to kick but myself for not backing up since i know better 
.. am d/l the data lifeguard tool now and will run it just to be on the safe side.
AustrAlien, yes, ive already uninstalled the SuperAntiSpyware as posted above.. unfortunately it didnt resolve the BSOD, but it did change the error that it gave in BlueScreenView from..
DRIVER_VERIFIER_DETECTED_VIOLATION with errors raspptp.sys & ntoskrnl.exe before to IRQL_NOT_LESS_OR_EQUAL with errors hal.dll, raspptp.sys, & ntoskrnl.exe after the ininstall(also uninstalled the avast antivirus at the same time since google searchs suggested conflict with those 2 programs)..
.. am d/l the data lifeguard tool now and will run it just to be on the safe side.AustrAlien, yes, ive already uninstalled the SuperAntiSpyware as posted above.. unfortunately it didnt resolve the BSOD, but it did change the error that it gave in BlueScreenView from..
DRIVER_VERIFIER_DETECTED_VIOLATION with errors raspptp.sys & ntoskrnl.exe before to IRQL_NOT_LESS_OR_EQUAL with errors hal.dll, raspptp.sys, & ntoskrnl.exe after the ininstall(also uninstalled the avast antivirus at the same time since google searchs suggested conflict with those 2 programs)..
This post has been edited by dsk6320: 18 January 2012 - 04:12 PM
#10
- Inquisitor
-
- Group: BC Advisor
- Posts: 4,713
- Joined: 15-July 09
- Gender:Male
- Location:Cowra NSW Australia
Posted 18 January 2012 - 04:30 PM
Sorry about "missing" that bit of info ... but it's not surprising after reading your other topics!
Please zip up the 6 most recent minidumps and attach to your reply ...
Please zip up the minidumps and attach the resultant zip file to your next reply so I can have a closer look. There's a chance I might get some more useful info from them.
Please zip up the 6 most recent minidumps and attach to your reply ...
Please zip up the minidumps and attach the resultant zip file to your next reply so I can have a closer look. There's a chance I might get some more useful info from them.
- Navigate to C:\Windows\Minidump <<< folder
- Click on the first minidump file to select it.
- Hold down the <Shift> key, and click on the last minidump file to select all of the files.
- Release the <Shift> key.
- Now, right-click on any one of the selected files > Send to ... > Compressed (zipped) Folder.
The zip file will be located in the same place (the Minidump folder). - Attach the zip file to your next reply.
When you click on Add Reply, you will see the facility to attach a file just below the box where you type your message.
AustrAlien
Google is my friend. Make Google your friend too.
Google is my friend. Make Google your friend too.
#11
- Member
-
- Group: Members
- Posts: 96
- Joined: 08-December 11
Posted 18 January 2012 - 04:50 PM
great thanks.. data lifeguard looks to have about an hour or so to go on it before its finished, once its done i will zip the files and post them.
#12
- Inquisitor
-
- Group: BC Advisor
- Posts: 4,713
- Joined: 15-July 09
- Gender:Male
- Location:Cowra NSW Australia
Posted 18 January 2012 - 05:23 PM
Good: I will be away for awhile and I may not get a chance to look at them until this evening.
AustrAlien
Google is my friend. Make Google your friend too.
Google is my friend. Make Google your friend too.
#13
- Member
-
- Group: Members
- Posts: 96
- Joined: 08-December 11
Posted 18 January 2012 - 06:16 PM
ok, long/extended hard drive test completed and passed.. requested minidump zip's attatched.
Test Option: EXTENDED TEST
Model Number: WDC WD2500JS-00NCB1
Unit Serial Number: WD-WCANKD547013
Firmware Number: 10.02E02
Capacity: 250.06 GB
SMART Status: PASS
Test Result: PASS
Test Time: 16:55:09, January 18, 2012
Test Option: EXTENDED TEST
Model Number: WDC WD2500JS-00NCB1
Unit Serial Number: WD-WCANKD547013
Firmware Number: 10.02E02
Capacity: 250.06 GB
SMART Status: PASS
Test Result: PASS
Test Time: 16:55:09, January 18, 2012
Attached File(s)
-
Mini011812-01.zip (21.88K)
Number of downloads: 2 -
Mini011112-01.zip (20.92K)
Number of downloads: 2 -
Mini010812-02.zip (14.92K)
Number of downloads: 2 -
Mini010812-01.zip (18.93K)
Number of downloads: 2 -
Mini010512-01.zip (19.2K)
Number of downloads: 2 -
Mini010312-02.zip (19.11K)
Number of downloads: 2
#14
- Inquisitor
-
- Group: BC Advisor
- Posts: 4,713
- Joined: 15-July 09
- Gender:Male
- Location:Cowra NSW Australia
Posted 19 January 2012 - 06:07 AM
Please do the following to create a boot log of normal startup.
Re-name your existing ntbtlog.txt file (so that you don't include all the old logs again in what you will upload):
Create a new boot log of a normal startup.
=======================
BSOD BUGCHECK SUMMARY
........................................................
Loading Dump File [C:\CactusIsland\dsk6320_BC\Mini011812-01.dmp]
Built by: 6002.18484.x86fre.vistasp2_gdr.110617-0336
Debug session time: Wed Jan 18 22:41:13.857 2012 (UTC + 11:00)
System Uptime: 0 days 0:02:24.857
Probably caused by : raspptp.sys ( raspptp!FreeSockContextCommon+33 )
IRQL_NOT_LESS_OR_EQUAL (a)
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: System
FAILURE_BUCKET_ID: 0xA_raspptp!FreeSockContextCommon+33
Bugcheck code 0000000A
Arguments 00000000 00000002 00000001 8305fd03
CPUID: "Intel® Pentium® D CPU 2.80GHz"
MaxSpeed: 2800
CurrentSpeed: 2794
........................................................
Loading Dump File [C:\CactusIsland\dsk6320_BC\Mini011112-01.dmp]
Built by: 6002.18484.x86fre.vistasp2_gdr.110617-0336
Debug session time: Thu Jan 12 15:25:14.840 2012 (UTC + 11:00)
System Uptime: 0 days 0:02:35.839
Probably caused by : raspptp.sys ( raspptp!FreeSockContextCommon+33 )
IRQL_NOT_LESS_OR_EQUAL (a)
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: System
FAILURE_BUCKET_ID: 0xA_raspptp!FreeSockContextCommon+33
Bugcheck code 0000000A
Arguments 00000000 00000002 00000001 83050d03
CPUID: "Intel® Pentium® D CPU 2.80GHz"
MaxSpeed: 2800
CurrentSpeed: 2794
........................................................
Loading Dump File [C:\CactusIsland\dsk6320_BC\Mini010812-02.dmp]
Built by: 6002.18484.x86fre.vistasp2_gdr.110617-0336
Debug session time: Mon Jan 9 00:22:58.999 2012 (UTC + 11:00)
System Uptime: 0 days 0:02:47.013
Probably caused by : raspptp.sys ( raspptp!FreeSockContextCommon+33 )
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
BUGCHECK_STR: 0xc4_cb
DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP
PROCESS_NAME: System
FAILURE_BUCKET_ID: 0xc4_cb_VRF_raspptp!FreeSockContextCommon+33
Bugcheck code 000000C4
Arguments 000000cb c1cc0f00 00000000 00000000
........................................................
Loading Dump File [C:\CactusIsland\dsk6320_BC\Mini010812-01.dmp]
Built by: 6002.18484.x86fre.vistasp2_gdr.110617-0336
Debug session time: Sun Jan 8 23:57:21.106 2012 (UTC + 11:00)
System Uptime: 0 days 0:00:12.074
Unable to load image \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS, Win32 error 0n2
*** WARNING: Unable to verify timestamp for SASKUTIL.SYS
*** ERROR: Module load completed but symbols could not be loaded for SASKUTIL.SYS
Probably caused by : SASKUTIL.SYS ( SASKUTIL+7503 )
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP
PROCESS_NAME: System
BUGCHECK_STR: 0x7E
FAILURE_BUCKET_ID: 0x7E_VRF_SASKUTIL+7503
Bugcheck code 1000007E
Arguments c0000005 91277503 80699904 80699600
........................................................
Loading Dump File [C:\CactusIsland\dsk6320_BC\Mini010512-01.dmp]
Built by: 6002.18484.x86fre.vistasp2_gdr.110617-0336
Debug session time: Thu Jan 5 20:39:48.357 2012 (UTC + 11:00)
System Uptime: 0 days 0:01:10.340
Unable to load image \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS, Win32 error 0n2
*** WARNING: Unable to verify timestamp for SASKUTIL.SYS
*** ERROR: Module load completed but symbols could not be loaded for SASKUTIL.SYS
Probably caused by : memory_corruption
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
DEFAULT_BUCKET_ID: CODE_CORRUPTION
PROCESS_NAME: System
BUGCHECK_STR: 0x7E
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
Bugcheck code 1000007E
Arguments c0000005 a572a503 80699904 80699600
........................................................
Loading Dump File [C:\CactusIsland\dsk6320_BC\Mini010312-02.dmp]
Built by: 6002.18484.x86fre.vistasp2_gdr.110617-0336
Debug session time: Wed Jan 4 06:39:05.248 2012 (UTC + 11:00)
System Uptime: 0 days 0:01:10.215
Unable to load image \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS, Win32 error 0n2
*** WARNING: Unable to verify timestamp for SASKUTIL.SYS
*** ERROR: Module load completed but symbols could not be loaded for SASKUTIL.SYS
Probably caused by : memory_corruption
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
DEFAULT_BUCKET_ID: CODE_CORRUPTION
PROCESS_NAME: System
BUGCHECK_STR: 0x7E
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
Bugcheck code 1000007E
Arguments c0000005 a532d503 80699904 80699600
........................................................
Re-name your existing ntbtlog.txt file (so that you don't include all the old logs again in what you will upload):- Navigate to C:\WINDOWS\ntbtlog.txt
- Re-name the file ntbtlog.txt to ntbtlogOLD.txt
(A new ntbtlog.txt file will be created on the next startup.)
Create a new boot log of a normal startup.- Re-start the computer, tapping F8 to get to the Advanced Boot Options menu.
- Choose Enable Boot Logging and press <ENTER>
Allow your computer to attempt to start normally, and it is expected that your system will crash. - After the crash and re-start, load Windows in Safe Mode.
- Navigate to C:\WINDOWS\ntbtlog.txt
- Right-click on the ntbtlog.txt file > Send to ... > Compressed (zipped) Folder.
The zip file will be located in the same place (the Windows folder). - Attach the zip file to your next reply.
When you click on Add Reply, you will see the facility to attach a file just below the box where you type your message.
=======================
BSOD BUGCHECK SUMMARY
........................................................
Loading Dump File [C:\CactusIsland\dsk6320_BC\Mini011812-01.dmp]
Built by: 6002.18484.x86fre.vistasp2_gdr.110617-0336
Debug session time: Wed Jan 18 22:41:13.857 2012 (UTC + 11:00)
System Uptime: 0 days 0:02:24.857
Probably caused by : raspptp.sys ( raspptp!FreeSockContextCommon+33 )
IRQL_NOT_LESS_OR_EQUAL (a)
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: System
FAILURE_BUCKET_ID: 0xA_raspptp!FreeSockContextCommon+33
Bugcheck code 0000000A
Arguments 00000000 00000002 00000001 8305fd03
CPUID: "Intel® Pentium® D CPU 2.80GHz"
MaxSpeed: 2800
CurrentSpeed: 2794
........................................................
Loading Dump File [C:\CactusIsland\dsk6320_BC\Mini011112-01.dmp]
Built by: 6002.18484.x86fre.vistasp2_gdr.110617-0336
Debug session time: Thu Jan 12 15:25:14.840 2012 (UTC + 11:00)
System Uptime: 0 days 0:02:35.839
Probably caused by : raspptp.sys ( raspptp!FreeSockContextCommon+33 )
IRQL_NOT_LESS_OR_EQUAL (a)
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: System
FAILURE_BUCKET_ID: 0xA_raspptp!FreeSockContextCommon+33
Bugcheck code 0000000A
Arguments 00000000 00000002 00000001 83050d03
CPUID: "Intel® Pentium® D CPU 2.80GHz"
MaxSpeed: 2800
CurrentSpeed: 2794
........................................................
Loading Dump File [C:\CactusIsland\dsk6320_BC\Mini010812-02.dmp]
Built by: 6002.18484.x86fre.vistasp2_gdr.110617-0336
Debug session time: Mon Jan 9 00:22:58.999 2012 (UTC + 11:00)
System Uptime: 0 days 0:02:47.013
Probably caused by : raspptp.sys ( raspptp!FreeSockContextCommon+33 )
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
BUGCHECK_STR: 0xc4_cb
DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP
PROCESS_NAME: System
FAILURE_BUCKET_ID: 0xc4_cb_VRF_raspptp!FreeSockContextCommon+33
Bugcheck code 000000C4
Arguments 000000cb c1cc0f00 00000000 00000000
........................................................
Loading Dump File [C:\CactusIsland\dsk6320_BC\Mini010812-01.dmp]
Built by: 6002.18484.x86fre.vistasp2_gdr.110617-0336
Debug session time: Sun Jan 8 23:57:21.106 2012 (UTC + 11:00)
System Uptime: 0 days 0:00:12.074
Unable to load image \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS, Win32 error 0n2
*** WARNING: Unable to verify timestamp for SASKUTIL.SYS
*** ERROR: Module load completed but symbols could not be loaded for SASKUTIL.SYS
Probably caused by : SASKUTIL.SYS ( SASKUTIL+7503 )
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP
PROCESS_NAME: System
BUGCHECK_STR: 0x7E
FAILURE_BUCKET_ID: 0x7E_VRF_SASKUTIL+7503
Bugcheck code 1000007E
Arguments c0000005 91277503 80699904 80699600
........................................................
Loading Dump File [C:\CactusIsland\dsk6320_BC\Mini010512-01.dmp]
Built by: 6002.18484.x86fre.vistasp2_gdr.110617-0336
Debug session time: Thu Jan 5 20:39:48.357 2012 (UTC + 11:00)
System Uptime: 0 days 0:01:10.340
Unable to load image \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS, Win32 error 0n2
*** WARNING: Unable to verify timestamp for SASKUTIL.SYS
*** ERROR: Module load completed but symbols could not be loaded for SASKUTIL.SYS
Probably caused by : memory_corruption
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
DEFAULT_BUCKET_ID: CODE_CORRUPTION
PROCESS_NAME: System
BUGCHECK_STR: 0x7E
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
Bugcheck code 1000007E
Arguments c0000005 a572a503 80699904 80699600
........................................................
Loading Dump File [C:\CactusIsland\dsk6320_BC\Mini010312-02.dmp]
Built by: 6002.18484.x86fre.vistasp2_gdr.110617-0336
Debug session time: Wed Jan 4 06:39:05.248 2012 (UTC + 11:00)
System Uptime: 0 days 0:01:10.215
Unable to load image \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS, Win32 error 0n2
*** WARNING: Unable to verify timestamp for SASKUTIL.SYS
*** ERROR: Module load completed but symbols could not be loaded for SASKUTIL.SYS
Probably caused by : memory_corruption
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
DEFAULT_BUCKET_ID: CODE_CORRUPTION
PROCESS_NAME: System
BUGCHECK_STR: 0x7E
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
Bugcheck code 1000007E
Arguments c0000005 a532d503 80699904 80699600
........................................................
This post has been edited by AustrAlien: 19 January 2012 - 06:15 AM
AustrAlien
Google is my friend. Make Google your friend too.
Google is my friend. Make Google your friend too.
#15
- Member
-
- Group: Members
- Posts: 96
- Joined: 08-December 11
Posted 19 January 2012 - 07:23 AM
Good Morning, well.. morning here, lol
here is the zip you requested..
here is the zip you requested..
Attached File(s)
-
ntbtlog.zip (3.06K)
Number of downloads: 4
