Evet, yapmışsınız. O hâlde analiz sonuçlarına geçelim.
1) aşağıdaki LAN ve Wi-Fi sürücülerini indirip kurun.
2) Vanguard'ı kaldırın. Vanguard'ı kaldırdıktan sonra tekrar kurabilirsiniz.
3) ESET'e gelen güncelleme varsa yapın.
4) acaba USB aygıtları olarak sisteme neler bağlı? USB Hub bağlı mı acaba sisteme? Cihaza bağlı tüm USB aygıtlarını belirtirseniz bir çıkarımda bulunabilirim.
[CODE title="Dökümler"]*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption.
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 000000000000001e, Type of memory safety violation.
Arg2: ffff9d8ae606f4e0, Address of the trap frame for the exception that caused the BugCheck.
Arg3: ffff9d8ae606f438, Address of the exception record for the exception that caused the BugCheck.
Arg4: 0000000000000000, Reserved.
Debugging Details:
------------------
*** WARNING: Unable to verify checksum for win32k.sys
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 7781.
Key : Analysis.DebugAnalysisManager
Value: Create.
Key : Analysis.Elapsed.mSec
Value: 18769.
Key : Analysis.Init.CPU.mSec
Value: 828.
Key : Analysis.Init.Elapsed.mSec
Value: 2759.
Key : Analysis.Memory.CommitPeak.Mb
Value: 85.
Key : FailFast.Name
Value: INVALID_NEXT_THREAD.
Key : FailFast.Type
Value: 30.
Key : WER.OS.Branch
Value: vb_release.
Key : WER.OS.Timestamp
Value: 2019-12-06T14:06:00Z
Key : WER.OS.Version
Value: 10.0.19041.1
FILE_IN_CAB: 022222-7812-01.dmp
BUGCHECK_CODE: 139.
BUGCHECK_P1: 1e.
BUGCHECK_P2: ffff9d8ae606f4e0.
BUGCHECK_P3: ffff9d8ae606f438.
BUGCHECK_P4: 0
IMAGE_NAME: ntkrnlmp.exe
MODULE_NAME: ntkrnlmp.
FAULTING_MODULE: fffff8040bc00000 nt.
TRAP_FRAME: ffff9d8ae606f4e0 -- (.trap 0xffff9d8ae606f4e0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000001000 rbx=0000000000000000 rcx=000000000000001e
rdx=0000000000000002 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8040c03cd55 rsp=ffff9d8ae606f670 rbp=00000001e8adce00
r8=c00000000000000f r9=00000000000000ff r10=00000000000000ff
r11=ffff8d81db9d2180 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na po cy.
nt!KiDeferredReadySingleThread+0x1b5915:
fffff804`0c03cd55 cd29 int 29h.
Resetting default scope.
EXCEPTION_RECORD: ffff9d8ae606f438 -- (.exr 0xffff9d8ae606f438)
ExceptionAddress: fffff8040c03cd55 (nt!KiDeferredReadySingleThread+0x00000000001b5915)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001.
NumberParameters: 1
Parameter[0]: 000000000000001e.
Subcode: 0x1e FAST_FAIL_INVALID_NEXT_THREAD
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: System.
ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
EXCEPTION_CODE_STR: c0000409.
EXCEPTION_PARAMETER1: 000000000000001e.
EXCEPTION_STR: 0xc0000409.
STACK_TEXT:
ffff9d8a`e606f1b8 fffff804`0c009369 : 00000000`00000139 00000000`0000001e ffff9d8a`e606f4e0 ffff9d8a`e606f438 : nt!KeBugCheckEx
ffff9d8a`e606f1c0 fffff804`0c009790 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
ffff9d8a`e606f300 fffff804`0c007b23 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiFastFailDispatch+0xd0
ffff9d8a`e606f4e0 fffff804`0c03cd55 : 00000000`00000000 00000000`0001fe09 ffff8d81`db9d2180 fffff804`0be191e0 : nt!KiRaiseSecurityCheckFailure+0x323
ffff9d8a`e606f670 fffff804`0be8142d : 00000000`00000000 00000000`00000000 00000000`00000000 ffff8d81`db9d2180 : nt!KiDeferredReadySingleThread+0x1b5915
ffff9d8a`e606f860 fffff804`0be80b7b : ffffae8e`6b64f080 00000000`00000000 ffffae8e`6b64f1f0 00000000`00000000 : nt!KiReadyThread+0x4d
ffff9d8a`e606f890 fffff804`0be8189d : fffff804`10e15250 00000000`00000008 ffff8d81`db9d2180 ffffae8e`00000002 : nt!KiProcessThreadWaitList+0xcb
ffff9d8a`e606f8e0 fffff804`0be99acd : 00000000`00000000 00000000`00000000 00000000`00140001 00000000`0001301a : nt!KiProcessExpiredTimerList+0x31d
ffff9d8a`e606f9d0 fffff804`0bffaf1e : ffffffff`00000000 ffff8d81`db9d2180 ffff8d81`db9dd240 ffffae8e`6ba21080 : nt!KiRetireDpcList+0x5dd
ffff9d8a`e606fc60 00000000`00000000 : ffff9d8a`e6070000 ffff9d8a`e606a000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x9e
IMAGE_VERSION: 10.0.19041.1526
STACK_COMMAND: .cxr; .ecxr ; kb.
FAILURE_BUCKET_ID: 0x139_1e_INVALID_NEXT_THREAD_IMAGE_ntkrnlmp.exe
OS_VERSION: 10.0.19041.1
BUILDLAB_STR: vb_release.
OSPLATFORM_TYPE: x64.
OSNAME: Windows 10.
FAILURE_ID_HASH: {64929928-a824-2134-285e-71128496d311}
Followup: MachineOwner.
---------
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common BugCheck. Usually the exception address pinpoints.
the driver/function that caused the problem. Always note this address.
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled.
Arg2: fffff8070c0195cb, The address that the exception occurred at.
Arg3: 0000000000000000, Parameter 0 of the exception.
Arg4: ffffffffffffffff, Parameter 1 of the exception.
Debugging Details:
------------------
*** WARNING: Unable to verify checksum for win32k.sys
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 7531.
Key : Analysis.DebugAnalysisManager
Value: Create.
Key : Analysis.Elapsed.mSec
Value: 14918.
Key : Analysis.Init.CPU.mSec
Value: 765.
Key : Analysis.Init.Elapsed.mSec
Value: 2886.
Key : Analysis.Memory.CommitPeak.Mb
Value: 81.
Key : WER.OS.Branch
Value: vb_release.
Key : WER.OS.Timestamp
Value: 2019-12-06T14:06:00Z
Key : WER.OS.Version
Value: 10.0.19041.1
FILE_IN_CAB: 022222-15031-01.dmp
BUGCHECK_CODE: 1e.
BUGCHECK_P1: ffffffffc0000005.
BUGCHECK_P2: fffff8070c0195cb.
BUGCHECK_P3: 0
BUGCHECK_P4: ffffffffffffffff.
READ_ADDRESS: fffff8070cafb390: Unable to get MiVisibleState.
Unable to get NonPagedPoolStart.
Unable to get NonPagedPoolEnd.
Unable to get PagedPoolStart.
Unable to get PagedPoolEnd.
unable to get nt!MmSpecialPagesInUse
ffffffffffffffff.
EXCEPTION_PARAMETER2: ffffffffffffffff.
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: System.
TRAP_FRAME: 4d8d483c55894024 -- (.trap 0x4d8d483c55894024)
Unable to read trap frame at 4d8d483c`55894024
STACK_TEXT:
ffff9180`acb6a158 fffff807`0c2f5aae : 00000000`0000001e ffffffff`c0000005 fffff807`0c0195cb 00000000`00000000 : nt!KeBugCheckEx
ffff9180`acb6a160 fffff807`0c200272 : fffff807`0c2f5a8c 00000000`00000000 00000000`00000000 00000000`00000000 : nt!HvlpVtlCallExceptionHandler+0x22
ffff9180`acb6a1a0 fffff807`0c0e6f87 : ffff9180`acb6a710 00000000`00000000 ffff8406`08837c60 fffff807`0c1faed4 : nt!RtlpExecuteHandlerForException+0x12
ffff9180`acb6a1d0 fffff807`0c0e5b86 : ffff8406`088373c8 ffff9180`acb6ae20 ffff8406`088373c8 fffdf780`00000008 : nt!RtlDispatchException+0x297
ffff9180`acb6a8f0 fffff807`0c1f8242 : 00000006`b9c68b41 448d4c34`244c8966 4d8d483c`55894024 e8384589`d58b4940 : nt!KiDispatchException+0x186
ffff9180`acb6afb0 fffff807`0c1f8210 : fffff807`0c2094a5 ffff4497`71a8b358 00000000`00000000 00000000`00000000 : nt!KxExceptionDispatchOnExceptionStack+0x12
ffff8406`08837288 fffff807`0c2094a5 : ffff4497`71a8b358 00000000`00000000 00000000`00000000 fffff807`0ca20e00 : nt!KiExceptionDispatchOnExceptionStackContinue
ffff8406`08837290 fffff807`0c2051e0 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0x125
ffff8406`08837470 fffff807`0c0195cb : 00000000`00000000 fffff807`0ca23a70 fffff807`0ca23a70 00000000`00000002 : nt!KiGeneralProtectionFault+0x320
ffff8406`08837600 fffff807`0c0191e0 : 00000000`00000000 00000000`00000000 00000000`00063976 ffff8406`08837b20 : nt!KiCheckForTimerExpiration+0x3b
ffff8406`08837690 fffff807`0c018a06 : 00000000`0124a56e 00000000`00000001 00000000`00000000 0000000e`d7353a8b : nt!KeAccumulateTicks+0x30
ffff8406`088376f0 fffff807`0c017104 : 00000000`00000000 00001f80`00000000 00000000`00000003 00000000`00000002 : nt!PpmIdleExecuteTransition+0x1786
ffff8406`08837af0 fffff807`0c1faed4 : ffffffff`00000000 ffff9180`acb55240 ffffbe04`992f1080 00000000`0000038c : nt!PoIdle+0x374
ffff8406`08837c60 00000000`00000000 : ffff8406`08838000 ffff8406`08832000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x54
SYMBOL_NAME: nt!KiCheckForTimerExpiration+3b
MODULE_NAME: nt.
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.19041.1526
STACK_COMMAND: .cxr; .ecxr ; kb.
BUCKET_ID_FUNC_OFFSET: 3b.
FAILURE_BUCKET_ID: 0x1E_c0000005_R_nt!KiCheckForTimerExpiration
OS_VERSION: 10.0.19041.1
BUILDLAB_STR: vb_release.
OSPLATFORM_TYPE: x64.
OSNAME: Windows 10.
FAILURE_ID_HASH: {28c22fb4-7a8b-21a4-a1db-20935ea4541f}
Followup: MachineOwner.
---------
USB\VID_18F8&PID_1286[/CODE]