"KERNEL_SECURITY_CHECK_FAILURE" mavi ekran hatası

Grafikerdem · 9 Kasım 2019

Merhaba, minidump dosyam aşağıdaki linkteki gibidir. Analiz etmeye çalıştım fakat bir sonuca ulaşamadım. Yardım edebilir misiniz?

Minidump Dosyası

Kod:

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure.  The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: fffff80323e67770, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff80323e676c8, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved

Debugging Details:
------------------

*** WARNING: Unable to verify checksum for win32k.sys

KEY_VALUES_STRING: 1

    Key  : Analysis.CPU.Sec
    Value: 6

    Key  : Analysis.DebugAnalysisProvider.CPP
    Value: Create: 8007007e on DESKTOP-P82L28V

    Key  : Analysis.DebugData
    Value: CreateObject

    Key  : Analysis.DebugModel
    Value: CreateObject

    Key  : Analysis.Elapsed.Sec
    Value: 18

    Key  : Analysis.Memory.CommitPeak.Mb
    Value: 71

    Key  : Analysis.System
    Value: CreateObject


BUGCHECK_CODE:  139

BUGCHECK_P1: 3

BUGCHECK_P2: fffff80323e67770

BUGCHECK_P3: fffff80323e676c8

BUGCHECK_P4: 0

TRAP_FRAME:  fffff80323e67770 -- (.trap 0xfffff80323e67770)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffff80323e67970 rbx=0000000000000000 rcx=0000000000000003
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8033a7e44ec rsp=fffff80323e67908 rbp=fffff80323e67980
r8=ffffe082ca3dabd8  r9=fffff80323e67a80 r10=fffff80320427da0
r11=ffff847ac6200000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz ac po cy
mouclass!MouseClassDequeueRead+0x50:
fffff803`3a7e44ec cd29            int     29h
Resetting default scope

EXCEPTION_RECORD:  fffff80323e676c8 -- (.exr 0xfffff80323e676c8)
ExceptionAddress: fffff8033a7e44ec (mouclass!MouseClassDequeueRead+0x0000000000000050)
   ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
  ExceptionFlags: 00000001
NumberParameters: 1
   Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY

CUSTOMER_CRASH_COUNT:  1

PROCESS_NAME:  System

ERROR_CODE: (NTSTATUS) 0xc0000409 - Sistem, bu uygulamada y   n tabanl  bir arabelle in ta t   n  alg lad . Bu ta ma, k t  niyetli bir kullan c n n bu uygulaman n denetimini ele ge irmesine olanak verebilir.

EXCEPTION_CODE_STR:  c0000409

EXCEPTION_PARAMETER1:  0000000000000003

EXCEPTION_STR:  0xc0000409

STACK_TEXT:
fffff803`23e67448 fffff803`205d30e9 : 00000000`00000139 00000000`00000003 fffff803`23e67770 fffff803`23e676c8 : nt!KeBugCheckEx
fffff803`23e67450 fffff803`205d3510 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffff803`23e67590 fffff803`205d18a5 : 00000000`000000ff 00000000`00000002 fffff803`000d9734 00000000`00000000 : nt!KiFastFailDispatch+0xd0
fffff803`23e67770 fffff803`3a7e44ec : fffff803`3a7e4c74 ffffe082`ca3dab40 fffff803`3a7b8b3c 00001f7d`37b64438 : nt!KiRaiseSecurityCheckFailure+0x325
fffff803`23e67908 fffff803`3a7e4c74 : ffffe082`ca3dab40 fffff803`3a7b8b3c 00001f7d`37b64438 fffff803`3a7b89c0 : mouclass!MouseClassDequeueRead+0x50
fffff803`23e67910 fffff803`3a7d1402 : ffffe082`ca3d8e10 ffffe082`ca3d8cc0 ffffe082`ca3faccc fffff803`23e67a80 : mouclass!MouseClassServiceCallback+0xa4
fffff803`23e679b0 ffffe082`ca3d8e10 : ffffe082`ca3d8cc0 ffffe082`ca3faccc fffff803`23e67a80 00000000`00000000 : klmouflt+0x1402
fffff803`23e679b8 ffffe082`ca3d8cc0 : ffffe082`ca3faccc fffff803`23e67a80 00000000`00000000 ffff847a`c6200000 : 0xffffe082`ca3d8e10
fffff803`23e679c0 ffffe082`ca3faccc : fffff803`23e67a80 00000000`00000000 ffff847a`c6200000 fffff803`3a7b36c9 : 0xffffe082`ca3d8cc0
fffff803`23e679c8 fffff803`23e67a80 : 00000000`00000000 ffff847a`c6200000 fffff803`3a7b36c9 fffff803`3a7b205d : 0xffffe082`ca3faccc
fffff803`23e679d0 00000000`00000000 : ffff847a`c6200000 fffff803`3a7b36c9 fffff803`3a7b205d ffffe082`ca3faca0 : 0xfffff803`23e67a80


SYMBOL_NAME:  mouclass!MouseClassDequeueRead+50

MODULE_NAME: mouclass

IMAGE_NAME:  mouclass.sys

IMAGE_VERSION:  10.0.18362.1216

STACK_COMMAND:  .thread ; .cxr ; kb

BUCKET_ID_FUNC_OFFSET:  50

FAILURE_BUCKET_ID:  0x139_3_CORRUPT_LIST_ENTRY_mouclass!MouseClassDequeueRead

OS_VERSION:  10.0.18362.1

BUILDLAB_STR:  19h1_release

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

FAILURE_ID_HASH:  {6b5843fa-650f-1f9f-d95b-388440977a32}

Followup:     MachineOwner
---------

MayCrasH · 15 Kasım 2019

Grafikerdem dedi:

Tekrar Merhaba, 5 günün ardından Kaspersky yazılımı ile Logitech yazılımını kaldırdım. Sürücüyü güvenli modda kaldırıp, son sürümüne güncelledim. Temiz kurulum yaptım. Ancak tekrar mavi ekran hatası ile karşılaştım. Analiz aşağıdaki gibidir. Bütün çalışmalarım, çizimlerim mahvoluyor ne yapmam gerekli? @claus @Shadow Ryzen

Kod:

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure.  The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: fffff80558e677f0, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff80558e67748, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved

Debugging Details:
------------------

*** WARNING: Unable to verify checksum for win32k.sys

KEY_VALUES_STRING: 1

    Key  : Analysis.CPU.Sec
    Value: 5

    Key  : Analysis.DebugAnalysisProvider.CPP
    Value: Create: 8007007e on DESKTOP-P82L28V

    Key  : Analysis.DebugData
    Value: CreateObject

    Key  : Analysis.DebugModel
    Value: CreateObject

    Key  : Analysis.Elapsed.Sec
    Value: 8

    Key  : Analysis.Memory.CommitPeak.Mb
    Value: 80

    Key  : Analysis.System
    Value: CreateObject


BUGCHECK_CODE:  139

BUGCHECK_P1: 3

BUGCHECK_P2: fffff80558e677f0

BUGCHECK_P3: fffff80558e67748

BUGCHECK_P4: 0

TRAP_FRAME:  fffff80558e677f0 -- (.trap 0xfffff80558e677f0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffff80558e679f0 rbx=0000000000000000 rcx=0000000000000003
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8056c5044ec rsp=fffff80558e67988 rbp=fffff80558e67a00
r8=ffffb20f1a344da8  r9=fffff80558e67a80 r10=fffff80554627de0
r11=ffff907c3b200000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz ac pe cy
mouclass!MouseClassDequeueRead+0x50:
fffff805`6c5044ec cd29            int     29h
Resetting default scope

EXCEPTION_RECORD:  fffff80558e67748 -- (.exr 0xfffff80558e67748)
ExceptionAddress: fffff8056c5044ec (mouclass!MouseClassDequeueRead+0x0000000000000050)
   ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
  ExceptionFlags: 00000001
NumberParameters: 1
   Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY

CUSTOMER_CRASH_COUNT:  1

PROCESS_NAME:  System

ERROR_CODE: (NTSTATUS) 0xc0000409 - Sistem, bu uygulamada y   n tabanl  bir arabelle in ta t   n  alg lad . Bu ta ma, k t  niyetli bir kullan c n n bu uygulaman n denetimini ele ge irmesine olanak verebilir.

EXCEPTION_CODE_STR:  c0000409

EXCEPTION_PARAMETER1:  0000000000000003

EXCEPTION_STR:  0xc0000409

STACK_TEXT:
fffff805`58e674c8 fffff805`547d32e9 : 00000000`00000139 00000000`00000003 fffff805`58e677f0 fffff805`58e67748 : nt!KeBugCheckEx
fffff805`58e674d0 fffff805`547d3710 : ffffb20f`00000136 ffffb20f`16dff750 fffff805`6c9faa60 fffff805`6b28daa9 : nt!KiBugCheckDispatch+0x69
fffff805`58e67610 fffff805`547d1aa5 : fffff805`550bae70 fffff805`550b7848 00000000`00000000 00000000`00000000 : nt!KiFastFailDispatch+0xd0
fffff805`58e677f0 fffff805`6c5044ec : fffff805`6c504c74 ffffb20f`1a344d10 fffff805`6c4e3706 00004df0`e5cbc7e8 : nt!KiRaiseSecurityCheckFailure+0x325
fffff805`58e67988 fffff805`6c504c74 : ffffb20f`1a344d10 fffff805`6c4e3706 00004df0`e5cbc7e8 ffffb20f`00000c1b : mouclass!MouseClassDequeueRead+0x50
fffff805`58e67990 fffff805`6c4e123c : 00000000`00000002 ffffb20f`1a33eee8 ffffb20f`1a342354 fffff805`58e67a80 : mouclass!MouseClassServiceCallback+0xa4
fffff805`58e67a30 00000000`00000002 : ffffb20f`1a33eee8 ffffb20f`1a342354 fffff805`58e67a80 00004df0`e5cbdfd8 : LMouFilt+0x123c
fffff805`58e67a38 ffffb20f`1a33eee8 : ffffb20f`1a342354 fffff805`58e67a80 00004df0`e5cbdfd8 ffffb20f`1a342310 : 0x2
fffff805`58e67a40 ffffb20f`1a342354 : fffff805`58e67a80 00004df0`e5cbdfd8 ffffb20f`1a342310 00000000`00989680 : 0xffffb20f`1a33eee8
fffff805`58e67a48 fffff805`58e67a80 : 00004df0`e5cbdfd8 ffffb20f`1a342310 00000000`00989680 00000007`ee9d6164 : 0xffffb20f`1a342354
fffff805`58e67a50 00004df0`e5cbdfd8 : ffffb20f`1a342310 00000000`00989680 00000007`ee9d6164 ffffb20f`00000001 : 0xfffff805`58e67a80
fffff805`58e67a58 ffffb20f`1a342310 : 00000000`00989680 00000007`ee9d6164 ffffb20f`00000001 0000004f`5225cdf1 : 0x00004df0`e5cbdfd8
fffff805`58e67a60 00000000`00989680 : 00000007`ee9d6164 ffffb20f`00000001 0000004f`5225cdf1 0000ffff`00000000 : 0xffffb20f`1a342310
fffff805`58e67a68 00000007`ee9d6164 : ffffb20f`00000001 0000004f`5225cdf1 0000ffff`00000000 fffff805`6c4ed168 : 0x989680
fffff805`58e67a70 ffffb20f`00000001 : 0000004f`5225cdf1 0000ffff`00000000 fffff805`6c4ed168 fffff805`6c4e1100 : 0x00000007`ee9d6164
fffff805`58e67a78 0000004f`5225cdf1 : 0000ffff`00000000 fffff805`6c4ed168 fffff805`6c4e1100 ffffb20f`1a33ed70 : 0xffffb20f`00000001
fffff805`58e67a80 0000ffff`00000000 : fffff805`6c4ed168 fffff805`6c4e1100 ffffb20f`1a33ed70 ffffb20f`184b5490 : 0x0000004f`5225cdf1
fffff805`58e67a88 fffff805`6c4ed168 : fffff805`6c4e1100 ffffb20f`1a33ed70 ffffb20f`184b5490 fffff805`6c4c3abc : 0x0000ffff`00000000
fffff805`58e67a90 fffff805`6c4e1100 : ffffb20f`1a33ed70 ffffb20f`184b5490 fffff805`6c4c3abc ffffb20f`183b9da0 : LMouFilt+0xd168
fffff805`58e67a98 ffffb20f`1a33ed70 : ffffb20f`184b5490 fffff805`6c4c3abc ffffb20f`183b9da0 ffffb20f`1a33eee8 : LMouFilt+0x1100
fffff805`58e67aa0 ffffb20f`184b5490 : fffff805`6c4c3abc ffffb20f`183b9da0 ffffb20f`1a33eee8 ffffb20f`1a33eee8 : 0xffffb20f`1a33ed70
fffff805`58e67aa8 fffff805`6c4c3abc : ffffb20f`183b9da0 ffffb20f`1a33eee8 ffffb20f`1a33eee8 fffff805`58e67af0 : 0xffffb20f`184b5490
fffff805`58e67ab0 fffff805`546477d9 : 00000000`00000000 ffffb20f`1a0f0b00 fffff805`6c4ae001 00000000`00000000 : mouhid!MouHid_ReadComplete+0x75c
fffff805`58e67b50 fffff805`546476a7 : fffff805`6c4abeb9 fffff805`6c4abe00 00000000`00000001 00000000`00000001 : nt!IopfCompleteRequest+0x119
fffff805`58e67c60 fffff805`573383fd : 00000000`00000000 ffffb20f`1cadd040 00000000`00000002 fffff805`00000833 : nt!IofCompleteRequest+0x17
fffff805`58e67c90 fffff805`57335f3c : 00000000`00000002 00000000`00000000 ffffb20f`1a1d3010 00000000`00000000 : Wdf01000!FxRequest::CompleteInternal+0x22d [minkernel\wdf\framework\shared\core\fxrequest.cpp @ 869]
fffff805`58e67d20 fffff805`6c4ae485 : ffffb20f`1cadd040 ffffb20f`1cadd040 fffff805`6c4ae010 00000000`00000000 : Wdf01000!imp_WdfRequestCompleteWithInformation+0x9c [minkernel\wdf\framework\shared\core\fxrequestapi.cpp @ 571]
fffff805`58e67d80 ffffb20f`1cadd040 : ffffb20f`1cadd040 fffff805`6c4ae010 00000000`00000000 fffff805`58e67dd0 : LHidFilt+0xe485
fffff805`58e67d88 ffffb20f`1cadd040 : fffff805`6c4ae010 00000000`00000000 fffff805`58e67dd0 00000000`00000000 : 0xffffb20f`1cadd040
fffff805`58e67d90 fffff805`6c4ae010 : 00000000`00000000 fffff805`58e67dd0 00000000`00000000 00000001`00000000 : 0xffffb20f`1cadd040
fffff805`58e67d98 00000000`00000000 : fffff805`58e67dd0 00000000`00000000 00000001`00000000 fffffff6`00000001 : LHidFilt+0xe010


SYMBOL_NAME:  mouclass!MouseClassDequeueRead+50

MODULE_NAME: mouclass

IMAGE_NAME:  mouclass.sys

IMAGE_VERSION:  10.0.18362.1216

STACK_COMMAND:  .thread ; .cxr ; kb

BUCKET_ID_FUNC_OFFSET:  50

FAILURE_BUCKET_ID:  0x139_3_CORRUPT_LIST_ENTRY_mouclass!MouseClassDequeueRead

OS_VERSION:  10.0.18362.1

BUILDLAB_STR:  19h1_release

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

FAILURE_ID_HASH:  {6b5843fa-650f-1f9f-d95b-388440977a32}

Followup:     MachineOwner
---------

Farklı bir fare ile denedin mi? Fare arızası da olabilir.

claus · 16 Kasım 2019

Analiz istemedim sizden. Yeni dosyaları gönderin.

Grafikerdem · 16 Kasım 2019

claus dedi:
Analiz istemedim sizden. Yeni dosyaları gönderin.

Merhaba, yeni dosyalar linkteki gibidir.

Minidump.rar

drive.google.com

claus · 16 Kasım 2019

Dediklerimi yapmadan nasıl çözüm bekliyorsun?

Grafikerdem · 16 Kasım 2019

claus dedi:
Dediklerimi yapmadan nasıl çözüm bekliyorsun?

Dediklerinizi uyguladım. Kaspersky'ı kaldırdım. Logitech araçlarını temizledim. Hatta mouse değiştirdim. Windows Bellek Tanılama aracı ile ram testi yaptım. 32 GB ECC bellek mevcut sistemimde. Hiçbir sorun veya benzeri bir şey ile karşılaşmadım. Tamamen alakasız ve birbirinden bağımsız zamanlarda mavi ekran hatası veriyor. Eğer bilgisine ihtiyaç duyarsanız aida ile donanım özelliklerini raporlayabilirim. Sizi boş yere yormak istemem. İlginiz için çok teşekkür ederim.

claus · 16 Kasım 2019

Ben Memtest yapın diyorum size. Windows aracı ile değil. Ayrıca yeni dosyalarda örnek olarak logitech araçları var görünüyor.

SwishTTT · 16 Kasım 2019

Macro yazılımı gibi duruyor bulup kaldırın.

"KERNEL_SECURITY_CHECK_FAILURE" mavi ekran hatası

Ayrıntılı düzenleme

Grafikerdem

Hectopat

MayCrasH

Zettapat

claus

Zettapat

Grafikerdem

Hectopat

Minidump.rar

claus

Zettapat

Grafikerdem

Hectopat

claus

Zettapat

SwishTTT

Hectopat

Benzer konular

Yeni konular

Yeni mesajlar

Gizliliğinize önem veriyoruz