Цитата avi81:
файл C:\windows\gdrv.sys как содержащий в себе потенциальную угрозу. »
|
Можете почитать по
ссылке.
Один "BSOD" конечно не показатель.
В стеке драйвер "DirectX":
Скрытый текст
Код:
> k
# Child-SP RetAddr Call Site
00 ffff8182`2a948218 fffff805`52c11729 nt!KeBugCheckEx
01 ffff8182`2a948220 fffff805`52c11c90 nt!KiBugCheckDispatch+0x69
02 ffff8182`2a948360 fffff805`52c0fc5d nt!KiFastFailDispatch+0xd0
03 ffff8182`2a948540 fffff805`52a92a40 nt!KiRaiseSecurityCheckFailure+0x31d
04 ffff8182`2a9486d0 fffff805`6ac981cb nt!RtlAvlRemoveNode+0x3e0
05 ffff8182`2a948720 fffff805`6ac97b4f dxgmms2!CVirtualAddressAllocator::FreeVadVirtualAddressRangeInternal+0x8b
06 ffff8182`2a9487a0 fffff805`6ac98565 dxgmms2!CVirtualAddressAllocator::RemoveVaRangeFromVad+0xdf
07 ffff8182`2a9487f0 fffff805`6ac975cd dxgmms2!CVirtualAddressAllocator::FreeAllocMappedVaRangeList+0xa1
08 ffff8182`2a948880 fffff805`6acbd622 dxgmms2!VIDMM_GLOBAL::ProcessSystemCommand+0x11d
09 ffff8182`2a948a00 fffff805`6acc71c9 dxgmms2!VIDMM_WORKER_THREAD::Run+0x1462
0a ffff8182`2a948be0 fffff805`52b078e5 dxgmms2!VidMmWorkerThreadProc+0x9
0b ffff8182`2a948c10 fffff805`52c06368 nt!PspSystemThreadStartup+0x55
0c ffff8182`2a948c60 00000000`00000000 nt!KiStartSystemThread+0x28
Причём не первой свежести:
Скрытый текст
Код:
> lmvm dxgmms2
Browse full module list
start end module name
fffff805`6ac30000 fffff805`6ad11000 dxgmms2 # (pdb symbols) C:\symbols\dxgmms2.pdb\DF213BA42CFB38E7B8B7F21CA20778771\dxgmms2.pdb
Loaded symbol image file: dxgmms2.sys
Mapped memory image file: C:\ProgramData\dbg\sym\dxgmms2.sys\51F5D02Ee1000\dxgmms2.sys
Image path: \SystemRoot\System32\drivers\dxgmms2.sys
Image name: dxgmms2.sys
Browse all global symbols functions data
Timestamp: Mon Jul 29 07:15:10 2013 (51F5D02E)
CheckSum: 000E4CAC
ImageSize: 000E1000
File version: 10.0.19041.3745
Product version: 10.0.19041.3745
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: dxgmms2.sys
OriginalFilename: dxgmms2.sys
ProductVersion: 10.0.19041.3745
FileVersion: 10.0.19041.3745 (WinBuild.160101.0800)
FileDescription: DirectX Graphics MMS
LegalCopyright: © Microsoft Corporation. All rights reserved.
У Меня в системе такой:
Скрытый текст
Код:
> Get-ChildItem "C:\Windows\System32\drivers\dxgmms2.sys" | Format-List -Property *
PSPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\drivers\dxgmms2.sys
PSParentPath : Microsoft.PowerShell.Core\FileSystem::C:\Windows\System32\drivers
PSChildName : dxgmms2.sys
PSDrive : C
PSProvider : Microsoft.PowerShell.Core\FileSystem
PSIsContainer : False
Mode : -a----
VersionInfo : File: C:\Windows\System32\drivers\dxgmms2.sys
InternalName: dxgmms2.sys
OriginalFilename: dxgmms2.sys
FileVersion: 10.0.19041.3758 (WinBuild.160101.0800)
FileDescription: DirectX Graphics MMS
Product: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.3758
Debug: False
Patched: False
PreRelease: False
PrivateBuild: False
SpecialBuild: False
Language: Английский (США)
BaseName : dxgmms2
Target : {C:\Windows\WinSxS\amd64_microsoft-windows-lddmcore_31bf3856ad364e35_10.0.19041.3758_none_2057327a98e7bb93\dxgmms2.sys}
LinkType : HardLink
Name : dxgmms2.sys
Length : 902632
DirectoryName : C:\Windows\System32\drivers
Directory : C:\Windows\System32\drivers
IsReadOnly : False
Exists : True
FullName : C:\Windows\System32\drivers\dxgmms2.sys
Extension : .sys
CreationTime : 04.12.2023 16:44:49
CreationTimeUtc : 04.12.2023 11:44:49
LastAccessTime : 21.12.2023 12:22:08
LastAccessTimeUtc : 21.12.2023 7:22:08
LastWriteTime : 04.12.2023 16:44:49
LastWriteTimeUtc : 04.12.2023 11:44:49
Attributes : Archive