Grafikerdem
Hectopat
- Katılım
- 25 Ocak 2018
- Mesajlar
- 9
Daha fazla
- Cinsiyet
- Erkek
Merhaba, minidump dosyam aşağıdaki linkteki gibidir. Analiz etmeye çalıştım fakat bir sonuca ulaşamadım. Yardım edebilir misiniz?
Minidump Dosyası
Minidump Dosyası
Kod:
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: fffff80323e67770, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff80323e676c8, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
*** WARNING: Unable to verify checksum for win32k.sys
KEY_VALUES_STRING: 1
Key : Analysis.CPU.Sec
Value: 6
Key : Analysis.DebugAnalysisProvider.CPP
Value: Create: 8007007e on DESKTOP-P82L28V
Key : Analysis.DebugData
Value: CreateObject
Key : Analysis.DebugModel
Value: CreateObject
Key : Analysis.Elapsed.Sec
Value: 18
Key : Analysis.Memory.CommitPeak.Mb
Value: 71
Key : Analysis.System
Value: CreateObject
BUGCHECK_CODE: 139
BUGCHECK_P1: 3
BUGCHECK_P2: fffff80323e67770
BUGCHECK_P3: fffff80323e676c8
BUGCHECK_P4: 0
TRAP_FRAME: fffff80323e67770 -- (.trap 0xfffff80323e67770)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffff80323e67970 rbx=0000000000000000 rcx=0000000000000003
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8033a7e44ec rsp=fffff80323e67908 rbp=fffff80323e67980
r8=ffffe082ca3dabd8 r9=fffff80323e67a80 r10=fffff80320427da0
r11=ffff847ac6200000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz ac po cy
mouclass!MouseClassDequeueRead+0x50:
fffff803`3a7e44ec cd29 int 29h
Resetting default scope
EXCEPTION_RECORD: fffff80323e676c8 -- (.exr 0xfffff80323e676c8)
ExceptionAddress: fffff8033a7e44ec (mouclass!MouseClassDequeueRead+0x0000000000000050)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: System
ERROR_CODE: (NTSTATUS) 0xc0000409 - Sistem, bu uygulamada y n tabanl bir arabelle in ta t n alg lad . Bu ta ma, k t niyetli bir kullan c n n bu uygulaman n denetimini ele ge irmesine olanak verebilir.
EXCEPTION_CODE_STR: c0000409
EXCEPTION_PARAMETER1: 0000000000000003
EXCEPTION_STR: 0xc0000409
STACK_TEXT:
fffff803`23e67448 fffff803`205d30e9 : 00000000`00000139 00000000`00000003 fffff803`23e67770 fffff803`23e676c8 : nt!KeBugCheckEx
fffff803`23e67450 fffff803`205d3510 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffff803`23e67590 fffff803`205d18a5 : 00000000`000000ff 00000000`00000002 fffff803`000d9734 00000000`00000000 : nt!KiFastFailDispatch+0xd0
fffff803`23e67770 fffff803`3a7e44ec : fffff803`3a7e4c74 ffffe082`ca3dab40 fffff803`3a7b8b3c 00001f7d`37b64438 : nt!KiRaiseSecurityCheckFailure+0x325
fffff803`23e67908 fffff803`3a7e4c74 : ffffe082`ca3dab40 fffff803`3a7b8b3c 00001f7d`37b64438 fffff803`3a7b89c0 : mouclass!MouseClassDequeueRead+0x50
fffff803`23e67910 fffff803`3a7d1402 : ffffe082`ca3d8e10 ffffe082`ca3d8cc0 ffffe082`ca3faccc fffff803`23e67a80 : mouclass!MouseClassServiceCallback+0xa4
fffff803`23e679b0 ffffe082`ca3d8e10 : ffffe082`ca3d8cc0 ffffe082`ca3faccc fffff803`23e67a80 00000000`00000000 : klmouflt+0x1402
fffff803`23e679b8 ffffe082`ca3d8cc0 : ffffe082`ca3faccc fffff803`23e67a80 00000000`00000000 ffff847a`c6200000 : 0xffffe082`ca3d8e10
fffff803`23e679c0 ffffe082`ca3faccc : fffff803`23e67a80 00000000`00000000 ffff847a`c6200000 fffff803`3a7b36c9 : 0xffffe082`ca3d8cc0
fffff803`23e679c8 fffff803`23e67a80 : 00000000`00000000 ffff847a`c6200000 fffff803`3a7b36c9 fffff803`3a7b205d : 0xffffe082`ca3faccc
fffff803`23e679d0 00000000`00000000 : ffff847a`c6200000 fffff803`3a7b36c9 fffff803`3a7b205d ffffe082`ca3faca0 : 0xfffff803`23e67a80
SYMBOL_NAME: mouclass!MouseClassDequeueRead+50
MODULE_NAME: mouclass
IMAGE_NAME: mouclass.sys
IMAGE_VERSION: 10.0.18362.1216
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: 50
FAILURE_BUCKET_ID: 0x139_3_CORRUPT_LIST_ENTRY_mouclass!MouseClassDequeueRead
OS_VERSION: 10.0.18362.1
BUILDLAB_STR: 19h1_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {6b5843fa-650f-1f9f-d95b-388440977a32}
Followup: MachineOwner
---------
Son düzenleyen: Moderatör: