Windows 8 Kernel Version 19041 MP Windows 10 Windows 8 ile ilgili bazı kodları kullandığı için böyle görünüyor yoksa Windows 10 2004 sürümünü kullandığını gösteriyor. Vanguard gibi arka planda çalışan uygulamaları görmek için lm komutunu kullanmanız lazım. Şimdi arkadaşın koduna bakalım.
En aşağıya doğru inerseniz Unloaded Modules yani yüklenmemiş modüllerin olduğunu görüyoruz. Burada Kaspersky'ın dosyaları gözüküyor klids.sys ve klpnpflt.sys bunları görünce soruna sebep olabileceğini düşünüp güncellemesini güncelse kaldırmasını söylüyoruz. Vanguard Vgk.sys olarak Battleye Bedaisy.sys olarak gözükür.
!sysinfo komutu ile sistem bilgilerini öğrenebilirsiniz. Bios'un güncel olup olmadığını mesela onu da anakartın sitesine bakarak.
Kod:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
THREAD_STUCK_IN_DEVICE_DRIVER_M (100000ea)
The device driver is spinning in an infinite loop, most likely waiting for
hardware to become idle. This usually indicates problem with the hardware
itself or with the device driver programming the hardware incorrectly.
If the kernel debugger is connected and running when watchdog detects a
timeout condition then DbgBreakPoint() will be called instead of KeBugCheckEx()
and detailed message including bugcheck arguments will be printed to the
debugger. This way we can identify an offending thread, set breakpoints in it,
and hit go to return to the spinning code to debug it further. Because
KeBugCheckEx() is not called the .bugcheck directive will not return bugcheck
information in this case. The arguments are already printed out to the kernel
debugger. You can also retrieve them from a global variable via
"dd watchdog!g_WdBugCheckData l5" (use dq on NT64).
On MP machines it is possible to hit a timeout when the spinning thread is
interrupted by hardware interrupt and ISR or DPC routine is running at the time
of the bugcheck (this is because the timeout's work item can be delivered and
handled on the second CPU and the same time). If this is the case you will have
to look deeper at the offending thread's stack (e.g. using dds) to determine
spinning code which caused the timeout to occur.
Arguments:
Arg1: ffff928f40890080, Pointer to a stuck thread object. Do .thread then kb on it to find
the hung location.
Arg2: 0000000000000000, Pointer to a DEFERRED_WATCHDOG object.
Arg3: 0000000000000000, Pointer to offending driver name.
Arg4: 0000000000000000, Number of times "intercepted" bugcheck 0xEA was hit (see notes).
Debugging Details:
------------------
FAULTING_THREAD: ffff928f40890080
DEFAULT_BUCKET_ID: GRAPHICS_DRIVER_FAULT
CUSTOMER_CRASH_COUNT: 1
BUGCHECK_STR: 0xEA
PROCESS_NAME: RadeonSoftware
CURRENT_IRQL: 0
ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) x86fre
LAST_CONTROL_TRANSFER: from fffff80773d526ad to fffff807657f3ea0
STACK_TEXT:
fffff20e`d68c9798 fffff807`73d526ad : 00000000`000000ea ffff928f`40890080 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx
fffff20e`d68c97a0 fffff807`73d5278e : fffff20e`d68c9880 fffff807`73d26aeb fffff20e`d68c9880 fffff807`79262ddc : dxgkrnl!TdrTimedOperationBugcheckOnTimeout+0x45
fffff20e`d68c9810 fffff807`7912dae0 : 0000000c`ba48ccae fffff807`79262ddc 00000000`00000000 ffff928f`39a4f000 : dxgkrnl!TdrTimedOperationDelay+0xce
fffff20e`d68c9850 0000000c`ba48ccae : fffff807`79262ddc 00000000`00000000 ffff928f`39a4f000 00000000`00989680 : amdkmdag+0x6dae0
fffff20e`d68c9858 fffff807`79262ddc : 00000000`00000000 ffff928f`39a4f000 00000000`00989680 00000000`00000001 : 0x0000000c`ba48ccae
fffff20e`d68c9860 00000000`00000000 : ffff928f`39a4f000 00000000`00989680 00000000`00000001 00000000`00000028 : amdkmdag+0x1a2ddc
STACK_COMMAND: .thread 0xffff928f40890080 ; kb
CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
fffff807657963ae-fffff807657963b1 4 bytes - nt!MiFreeUltraMapping+32
[ a0 7d fb f6:80 3b 77 ee ]
4 errors : !nt (fffff807657963ae-fffff807657963b1)
FOLLOWUP_IP:
dxgkrnl!TdrTimedOperationBugcheckOnTimeout+45
fffff807`73d526ad cc int 3
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: dxgkrnl!TdrTimedOperationBugcheckOnTimeout+45
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: dxgkrnl
IMAGE_NAME: dxgkrnl.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 0
IMAGE_VERSION: 10.0.19041.508
FAILURE_BUCKET_ID: 0xEA_IMAGE_dxgkrnl.sys
BUCKET_ID: 0xEA_IMAGE_dxgkrnl.sys
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0xea_image_dxgkrnl.sys
FAILURE_ID_HASH: {ea458ad2-d5ab-aa6c-7a11-54653c70dfb8}
Followup: MachineOwner
---------
3: kd> lm
start end module name
ffffb32c`3ec00000 ffffb32c`3eee2000 win32kbase (deferred)
ffffb32c`3eef0000 ffffb32c`3f2a6000 win32kfull (deferred)
ffffb32c`3f2b0000 ffffb32c`3f2f8000 cdd (deferred)
ffffb32c`3f8d0000 ffffb32c`3f96a000 win32k T (no symbols)
fffff807`62f90000 fffff807`62fb8000 mcupdate_AuthenticAMD (deferred)
fffff807`62fc0000 fffff807`62fc6000 hal (deferred)
fffff807`62fd0000 fffff807`62fdb000 kd (deferred)
fffff807`62fe0000 fffff807`63007000 tm (deferred)
fffff807`63010000 fffff807`63079000 CLFS (deferred)
fffff807`63080000 fffff807`6309a000 PSHED (deferred)
fffff807`630a0000 fffff807`630ab000 BOOTVID (deferred)
fffff807`630b0000 fffff807`631c3000 clipsp (deferred)
fffff807`631d0000 fffff807`6323f000 FLTMGR (deferred)
fffff807`63240000 fffff807`63269000 ksecdd (deferred)
fffff807`63270000 fffff807`632d2000 msrpc (deferred)
fffff807`632e0000 fffff807`632ee000 cmimcext (deferred)
fffff807`632f0000 fffff807`63301000 werkernel (deferred)
fffff807`63310000 fffff807`6331c000 ntosext (deferred)
fffff807`63320000 fffff807`63333000 WDFLDR (deferred)
fffff807`63340000 fffff807`6334f000 SleepStudyHelper (deferred)
fffff807`63350000 fffff807`63361000 WppRecorder (deferred)
fffff807`63370000 fffff807`6338a000 SgrmAgent (deferred)
fffff807`644c0000 fffff807`6467f000 EasyAntiCheat (deferred)
fffff807`64680000 fffff807`646cb000 klupd_klif_klark (deferred)
fffff807`65400000 fffff807`66446000 nt (pdb symbols) C:\Program Files\Windows Kits\8.1\Debuggers\x86\sym\ntkrnlmp.pdb\641F55C592201DCC4F59FACC72EA54DA1\ntkrnlmp.pdb
fffff807`68800000 fffff807`688e3000 CI (deferred)
fffff807`688f0000 fffff807`689a7000 cng (deferred)
fffff807`689b0000 fffff807`68a81000 Wdf01000 (deferred)
fffff807`68a90000 fffff807`68ab6000 acpiex (deferred)
fffff807`68ac0000 fffff807`68b0b000 mssecflt (deferred)
fffff807`68b10000 fffff807`68bdc000 ACPI (deferred)
fffff807`68be0000 fffff807`68bec000 WMILIB (deferred)
fffff807`68c00000 fffff807`68c6b000 intelpep (deferred)
fffff807`68c70000 fffff807`68c87000 WindowsTrustedRT (deferred)
fffff807`68c90000 fffff807`68c9b000 IntelTA (deferred)
fffff807`68ca0000 fffff807`68cab000 WindowsTrustedRTProxy (deferred)
fffff807`68cb0000 fffff807`68cc4000 pcw (deferred)
fffff807`68cd0000 fffff807`68d0e000 klupd_klif_arkmon (deferred)
fffff807`68d10000 fffff807`68d1b000 msisadrv (deferred)
fffff807`68d20000 fffff807`68d98000 pci (deferred)
fffff807`68da0000 fffff807`68db5000 vdrvroot (deferred)
fffff807`68dc0000 fffff807`68dfb000 cm_km (deferred)
fffff807`68e00000 fffff807`68e2f000 pdc (deferred)
fffff807`68e30000 fffff807`68e49000 CEA (deferred)
fffff807`68e50000 fffff807`68e81000 partmgr (deferred)
fffff807`68e90000 fffff807`68f3a000 spaceport (deferred)
fffff807`68f40000 fffff807`68f59000 volmgr (deferred)
fffff807`68f60000 fffff807`68fc3000 volmgrx (deferred)
fffff807`68fd0000 fffff807`68fe1000 klbackupdisk (deferred)
fffff807`68ff0000 fffff807`68ffe000 amd_xata (deferred)
fffff807`69000000 fffff807`6901e000 mountmgr (deferred)
fffff807`69020000 fffff807`69052000 storahci (deferred)
fffff807`69060000 fffff807`69110000 storport (deferred)
fffff807`69120000 fffff807`69139000 amd_sata (deferred)
fffff807`69140000 fffff807`6915c000 EhStorClass (deferred)
fffff807`69160000 fffff807`6917a000 fileinfo (deferred)
fffff807`69180000 fffff807`691c0000 Wof (deferred)
fffff807`691d0000 fffff807`691dd000 Fs_Rec (deferred)
fffff807`691e0000 fffff807`6934f000 ndis (deferred)
fffff807`69350000 fffff807`693e8000 NETIO (deferred)
fffff807`693f0000 fffff807`693fb000 volume (deferred)
fffff807`69400000 fffff807`696d9000 Ntfs (deferred)
fffff807`696e0000 fffff807`69712000 ksecpkg (deferred)
fffff807`69720000 fffff807`69742000 amdpsp (deferred)
fffff807`69750000 fffff807`69a3c000 tcpip (deferred)
fffff807`69a40000 fffff807`69abf000 fwpkclnt (deferred)
fffff807`69ac0000 fffff807`69af0000 wfplwfs (deferred)
fffff807`69b00000 fffff807`69bc9000 fvevol (deferred)
fffff807`69bd0000 fffff807`69c3d000 volsnap (deferred)
fffff807`69c40000 fffff807`69c90000 rdyboost (deferred)
fffff807`69ca0000 fffff807`69cc6000 mup (deferred)
fffff807`69cd0000 fffff807`69cea000 klupd_klif_klbg (deferred)
fffff807`69cf0000 fffff807`69d02000 iorate (deferred)
fffff807`69d30000 fffff807`69d4c000 disk (deferred)
fffff807`69d50000 fffff807`69dbc000 CLASSPNP (deferred)
fffff807`72280000 fffff807`722b0000 cdrom (deferred)
fffff807`722c0000 fffff807`722e0000 klbackupflt (deferred)
fffff807`722f0000 fffff807`7233a000 klflt (deferred)
fffff807`72340000 fffff807`72355000 filecrypt (deferred)
fffff807`72360000 fffff807`7236e000 tbs (deferred)
fffff807`72370000 fffff807`724d2000 klhk (deferred)
fffff807`724e0000 fffff807`725d4000 klif (deferred)
fffff807`725e0000 fffff807`72656000 ks (deferred)
fffff807`72660000 fffff807`726fe000 klgse (deferred)
fffff807`72700000 fffff807`7270b000 klpd (deferred)
fffff807`72710000 fffff807`7271a000 Null (deferred)
fffff807`72720000 fffff807`7272a000 Beep (deferred)
fffff807`72730000 fffff807`72757000 AgileVpn (deferred)
fffff807`72760000 fffff807`72781000 rasl2tp (deferred)
fffff807`72790000 fffff807`727b1000 raspptp (deferred)
fffff807`727c0000 fffff807`727dc000 raspppoe (deferred)
fffff807`727e0000 fffff807`7281a000 ndiswan (deferred)
fffff807`72820000 fffff807`72836000 klupd_klif_kimul (deferred)
fffff807`72840000 fffff807`72873000 klupd_klif_mark (deferred)
fffff807`72880000 fffff807`72893000 condrv (deferred)
fffff807`72980000 fffff807`7299e000 crashdmp (deferred)
fffff807`72e00000 fffff807`72e5c000 netbt (deferred)
fffff807`72e60000 fffff807`72e73000 afunix (deferred)
fffff807`72e80000 fffff807`72f23000 afd (deferred)
fffff807`72f30000 fffff807`72f61000 klwtp (deferred)
fffff807`72f70000 fffff807`72f7b000 klim6 (deferred)
fffff807`72f80000 fffff807`72f9a000 vwififlt (deferred)
fffff807`72fa0000 fffff807`72fcb000 pacer (deferred)
fffff807`72fd0000 fffff807`72fe4000 ndiscap (deferred)
fffff807`72ff0000 fffff807`73004000 netbios (deferred)
fffff807`73010000 fffff807`730b1000 Vid (deferred)
fffff807`730c0000 fffff807`730e1000 winhvr (deferred)
fffff807`730f0000 fffff807`7316b000 rdbss (deferred)
fffff807`73170000 fffff807`73204000 csc (deferred)
fffff807`73210000 fffff807`73222000 nsiproxy (deferred)
fffff807`73230000 fffff807`7323e000 npsvctrig (deferred)
fffff807`73240000 fffff807`73250000 mssmbios (deferred)
fffff807`73260000 fffff807`73298000 kneps (deferred)
fffff807`732a0000 fffff807`732d8000 klids (deferred)
fffff807`732e0000 fffff807`732f4000 kldisk (deferred)
fffff807`73300000 fffff807`7330a000 HWiNFO64A (deferred)
fffff807`73310000 fffff807`7331a000 gpuenergydrv (deferred)
fffff807`73320000 fffff807`7334c000 dfsc (deferred)
fffff807`73350000 fffff807`7336d000 NDProxy (deferred)
fffff807`73370000 fffff807`733dc000 fastfat (deferred)
fffff807`733e0000 fffff807`733f7000 bam (deferred)
fffff807`73400000 fffff807`7344e000 ahcache (deferred)
fffff807`73450000 fffff807`7345e000 amdxe (deferred)
fffff807`73460000 fffff807`7347a000 amdfendr (deferred)
fffff807`73480000 fffff807`7348d000 kltap (deferred)
fffff807`73490000 fffff807`734a2000 CompositeBus (deferred)
fffff807`734b0000 fffff807`734bd000 kdnic (deferred)
fffff807`734c0000 fffff807`734d5000 umbus (deferred)
fffff807`734e0000 fffff807`73578000 USBXHCI (deferred)
fffff807`73580000 fffff807`735c4000 ucx01000 (deferred)
fffff807`735d0000 fffff807`736eb000 rt640x64 (deferred)
fffff807`736f0000 fffff807`7370b000 rspndr (deferred)
fffff807`73710000 fffff807`7372d000 wanarp (deferred)
fffff807`73730000 fffff807`73786000 msquic (deferred)
fffff807`73790000 fffff807`73916000 HTTP (deferred)
fffff807`73920000 fffff807`73945000 bowser (deferred)
fffff807`73950000 fffff807`7396a000 mpsdrv (deferred)
fffff807`73970000 fffff807`73a03000 mrxsmb (deferred)
fffff807`73a10000 fffff807`73a55000 mrxsmb20 (deferred)
fffff807`73a60000 fffff807`73ab2000 srvnet (deferred)
fffff807`73ac0000 fffff807`73ad4000 mmcss (deferred)
fffff807`73ae0000 fffff807`73b07000 Ndu (deferred)
fffff807`73b10000 fffff807`73be6000 peauth (deferred)
fffff807`73bf0000 fffff807`73c05000 tcpipreg (deferred)
fffff807`73c10000 fffff807`73cd7000 srv2 (deferred)
fffff807`73ce0000 fffff807`73cfc000 rassstp (deferred)
fffff807`73d10000 fffff807`740b4000 dxgkrnl (pdb symbols) C:\Program Files\Windows Kits\8.1\Debuggers\x86\sym\dxgkrnl.pdb\4FC03B83FD3DD31CEB6DBBDC19634ADA1\dxgkrnl.pdb
fffff807`740c0000 fffff807`740d8000 watchdog (deferred)
fffff807`740e0000 fffff807`740f6000 BasicDisplay (deferred)
fffff807`74100000 fffff807`74111000 BasicRender (deferred)
fffff807`74120000 fffff807`7413c000 Npfs (deferred)
fffff807`74140000 fffff807`74151000 Msfs (deferred)
fffff807`74160000 fffff807`7417b000 CimFS (deferred)
fffff807`74180000 fffff807`74198000 klwfp (deferred)
fffff807`741a0000 fffff807`741c2000 tdx (deferred)
fffff807`741d0000 fffff807`741e0000 TDI (deferred)
fffff807`78800000 fffff807`78866000 portcls (deferred)
fffff807`78870000 fffff807`78891000 drmk (deferred)
fffff807`788a0000 fffff807`788bc000 serial (deferred)
fffff807`788c0000 fffff807`788cf000 serenum (deferred)
fffff807`788d0000 fffff807`788dd000 amdgpio2 (deferred)
fffff807`788e0000 fffff807`78912000 msgpioclx (deferred)
fffff807`78920000 fffff807`7895b000 amdppm (deferred)
fffff807`78960000 fffff807`7896c000 wmiacpi (deferred)
fffff807`78970000 fffff807`7897a000 amdgpio3 (deferred)
fffff807`78980000 fffff807`7898e000 UEFI (deferred)
fffff807`78990000 fffff807`7899d000 NdisVirtualBus (deferred)
fffff807`789a0000 fffff807`789ac000 swenum (deferred)
fffff807`789b0000 fffff807`789be000 rdpbus (deferred)
fffff807`789c0000 fffff807`78a63000 UsbHub3 (deferred)
fffff807`78a70000 fffff807`78a7e000 USBD (deferred)
fffff807`78a80000 fffff807`78aef000 HdAudio (deferred)
fffff807`78af0000 fffff807`78aff000 ksthunk (deferred)
fffff807`78b00000 fffff807`78b0f000 ndistapi (deferred)
fffff807`78b10000 fffff807`78b2d000 AtihdWT6 (deferred)
fffff807`78b40000 fffff807`78b52000 hidusb (deferred)
fffff807`78b60000 fffff807`78b9f000 HIDCLASS (deferred)
fffff807`78ba0000 fffff807`78bb3000 HIDPARSE (deferred)
fffff807`78bc0000 fffff807`78bd0000 mouhid (deferred)
fffff807`78be0000 fffff807`78bee000 klmouflt (deferred)
fffff807`78bf0000 fffff807`78c03000 mouclass (deferred)
fffff807`78c10000 fffff807`78c43000 usbccgp (deferred)
fffff807`78c50000 fffff807`78c61000 kbdhid (deferred)
fffff807`78c70000 fffff807`78c82000 klkbdflt (deferred)
fffff807`78c90000 fffff807`78ca4000 kbdclass (deferred)
fffff807`78cb0000 fffff807`78d4a000 CMUAC (deferred)
fffff807`78d70000 fffff807`78d7e000 dump_diskdump (deferred)
fffff807`78dc0000 fffff807`78df2000 dump_storahci (deferred)
fffff807`78e20000 fffff807`78e3d000 dump_dumpfve (deferred)
fffff807`78e40000 fffff807`78f21000 dxgmms2 (deferred)
fffff807`78f30000 fffff807`78f4b000 monitor (deferred)
fffff807`78f50000 fffff807`78f79000 luafv (deferred)
fffff807`78f80000 fffff807`78fb6000 wcifs (deferred)
fffff807`78fc0000 fffff807`79040000 cldflt (deferred)
fffff807`79050000 fffff807`7906a000 storqosflt (deferred)
fffff807`79070000 fffff807`79097000 bindflt (deferred)
fffff807`790a0000 fffff807`790b8000 mslldp (deferred)
fffff807`790c0000 fffff807`7d5a1000 amdkmdag T (no symbols)
fffff807`7d5b0000 fffff807`7d5d5000 HDAudBus (deferred)
fffff807`7d5e0000 fffff807`7d5f8000 lltdio (deferred)
Unloaded modules:
fffff807`732a0000 fffff807`732d9000 klids.sys
fffff807`729b0000 fffff807`729bf000 dump_storpor
fffff807`72200000 fffff807`72233000 dump_storahc
fffff807`72260000 fffff807`7227e000 dump_dumpfve
fffff807`78d50000 fffff807`78d5b000 klpnpflt.sys
fffff807`78b30000 fffff807`78b3b000 klpnpflt.sys
fffff807`78b00000 fffff807`78b0b000 klpnpflt.sys
fffff807`73350000 fffff807`7336c000 dam.sys
fffff807`68bf0000 fffff807`68bfe000 klelam.sys
fffff807`69d10000 fffff807`69d21000 hwpolicy.sys!sysinfo komutu ile sistem bilgilerini öğrenebilirsiniz. Bios'un güncel olup olmadığını mesela onu da anakartın sitesine bakarak.
