Windbg'yi yükleyip Minidump'ı analiz ettim ortaya böyle bir şey çıktı. Hiçbir şey anlamadım, yardımcı olursanız sevinirim.
Rich (BB code):
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 000000000000001d, An RTL_BALANCED_NODE RBTree entry has been corrupted.
Arg2: ffff8289a27be930, Address of the trap frame for the exception that caused the BugCheck
Arg3: ffff8289a27be888, Address of the exception record for the exception that caused the BugCheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 2453
Key : Analysis.Elapsed.mSec
Value: 8044
Key : Analysis.IO.Other.Mb
Value: 15
Key : Analysis.IO.Read.Mb
Value: 1
Key : Analysis.IO.Write.Mb
Value: 24
Key : Analysis.Init.CPU.mSec
Value: 1812
Key : Analysis.Init.Elapsed.mSec
Value: 242982
Key : Analysis.Memory.CommitPeak.Mb
Value: 92
Key : Analysis.Version.DbgEng
Value: 10.0.27725.1000
Key : Analysis.Version.Description
Value: 10.2408.27.01 amd64fre
Key : Analysis.Version.Ext
Value: 1.2408.27.1
Key : Bugcheck.Code.LegacyAPI
Value: 0x139
Key : Bugcheck.Code.TargetModel
Value: 0x139
Key : Dump.Attributes.AsUlong
Value: 21008
Key : Dump.Attributes.DiagDataWrittenToHeader
Value: 1
Key : Dump.Attributes.ErrorCode
Value: 0
Key : Dump.Attributes.KernelGeneratedTriageDump
Value: 1
Key : Dump.Attributes.LastLine
Value: Dump completed successfully.
Key : Dump.Attributes.ProgressPercentage
Value: 0
Key : FailFast.Name
Value: INVALID_BALANCED_TREE
Key : FailFast.Type
Value: 29
Key : Failure.Bucket
Value: 0x139_1d_INVALID_BALANCED_TREE_nt!KiFastFailDispatch
Key : Failure.Hash
Value: {67ec97ad-ad0b-071e-ab87-6dc661e22d1b}
BUGCHECK_CODE: 139
BUGCHECK_P1: 1d
BUGCHECK_P2: ffff8289a27be930
BUGCHECK_P3: ffff8289a27be888
BUGCHECK_P4: 0
FILE_IN_CAB: 020225-9312-01.dmp
DUMP_FILE_ATTRIBUTES: 0x21008
Kernel Generated Triage Dump
FAULTING_THREAD: ffffb90b487ca0c0
TRAP_FRAME: ffff8289a27be930 -- (.trap 0xffff8289a27be930)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=000000000000001d
rdx=ffffb90b48f145b8 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8047c281503 rsp=ffff8289a27beac0 rbp=0000000000000008
r8=0000000000000000 r9=ffffb90b48c20b98 r10=ffffb90b3b40fb88
r11=ffffb90b161002d0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz ac pe cy
nt!RtlRbRemoveNode+0x133:
fffff804`7c281503 cd29 int 29h
Resetting default scope
EXCEPTION_RECORD: ffff8289a27be888 -- (.exr 0xffff8289a27be888)
ExceptionAddress: fffff8047c281503 (nt!RtlRbRemoveNode+0x0000000000000133)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 000000000000001d
Subcode: 0x1d FAST_FAIL_INVALID_BALANCED_TREE
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: javaw.exe
ERROR_CODE: (NTSTATUS) 0xc0000409 - Sistem, bu uygulamada y n tabanl bir arabelle in ta t n alg lad . Bu ta ma, k t niyetli bir kullan c n n bu uygulaman n denetimini ele ge irmesine olanak verebilir.
EXCEPTION_CODE_STR: c0000409
EXCEPTION_PARAMETER1: 000000000000001d
EXCEPTION_STR: 0xc0000409
STACK_TEXT:
ffff8289`a27be608 fffff804`7c68dce9 : 00000000`00000139 00000000`0000001d ffff8289`a27be930 ffff8289`a27be888 : nt!KeBugCheckEx
ffff8289`a27be610 fffff804`7c68e2f2 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
ffff8289`a27be750 fffff804`7c68bf28 : 00000000`00040246 fffff804`7c214bba 00000000`00000000 fffff804`7c837a88 : nt!KiFastFailDispatch+0xb2
ffff8289`a27be930 fffff804`7c281503 : 00000000`00000045 ffffb90b`3aec9000 00000000`00000350 00000000`00000036 : nt!KiRaiseSecurityCheckFailure+0x368
ffff8289`a27beac0 fffff804`7c27e33a : 00000000`00000000 00000000`00000000 00000000`00000350 ffffb90b`161002c0 : nt!RtlRbRemoveNode+0x133
ffff8289`a27beaf0 fffff804`7c27f326 : 0000000f`00000000 00000000`00000000 00000000`00000000 fffff804`00000036 : nt!RtlpHpVsChunkSplit+0x4a
ffff8289`a27beba0 fffff804`7c404517 : ffffb90b`000360d0 00000000`00000350 00000000`00000000 00000150`00000000 : nt!RtlpHpVsContextAllocateInternal+0x3f6
ffff8289`a27bec20 fffff804`7c2092ad : 00000000`00000000 ffff8289`a27bed59 00000000`00000048 00000002`00000001 : nt!RtlpHpVsContextMultiAlloc+0x77
ffff8289`a27bec90 fffff804`7c208492 : 00000000`00000000 00000000`00000001 00000000`70664d46 00000000`00000000 : nt!ExAllocateHeapPool+0xdad
ffff8289`a27bedc0 fffff804`7cb37189 : 00000000`00000048 ffffb90b`461dd310 00000000`00000000 fffff804`7c276499 : nt!ExpAllocatePoolWithTagFromNode+0x52
ffff8289`a27bee00 fffff804`7cb370b7 : 00000000`00000000 00000000`00000604 ffffb90b`41616c00 ffffb90b`487d5010 : nt!ExAllocatePool2+0x99
ffff8289`a27beeb0 fffff804`0dd4e510 : ffffb90b`3e5805c0 ffffb90b`487d5010 00000000`00000000 ffffb90b`3e530ba0 : nt!ExAllocatePoolWithTag+0xa7
ffff8289`a27beef0 fffff804`0dd51d9e : ffffb90b`461dd010 ffffb90b`3e530ba0 00000000`00000000 ffff8289`a27bf0e1 : FLTMGR!IoPerfInitializeEntityData+0x1a0
ffff8289`a27bef20 fffff804`0dd51295 : 00000000`00000000 ffffffff`80004044 ffffb90b`3e530ba0 ffff8289`a27bf0b0 : FLTMGR!FltpInitInstance+0x71e
ffff8289`a27bf050 fffff804`0dd50f53 : ffffa68a`dde10540 ffffb90b`487d5010 00000000`00000000 00000000`0000001a : FLTMGR!FltpCreateInstanceFromName+0x1f5
ffff8289`a27bf130 fffff804`0dd50c7e : ffffb90b`00000016 ffffb90b`3e530ba0 00000000`000003e7 ffffffff`80004044 : FLTMGR!FltpEnumerateRegistryInstances+0x153
ffff8289`a27bf1e0 fffff804`0dd486ae : ffffb90b`48ddfce0 ffffb90b`3c089440 ffffb90b`487d5000 00000000`00000000 : FLTMGR!FltpDoFilterNotificationForNewVolume+0x15e
ffff8289`a27bf2a0 fffff804`7c2f79fe : ffffb90b`1c90d000 00000000`00000000 00000000`00000000 00000000`00000000 : FLTMGR!FltpCreate+0x42e
ffff8289`a27bf350 fffff804`7c9c962a : fffff804`7c9c8325 ffff8289`a27bf630 00000000`00000000 00000000`00000001 : nt!IofCallDriver+0xbe
ffff8289`a27bf390 fffff804`7c86a45d : fffff804`7c9c83c0 fffff804`7c9c83c0 00000000`00000000 ffff8289`a27bf778 : nt!IopParseDevice+0x126a
ffff8289`a27bf530 fffff804`7c8682b1 : ffffb90b`3a812001 ffff8289`a27bf778 ffffb90b`00000040 ffffb90b`16723670 : nt!ObpLookupObjectName+0xe8d
ffff8289`a27bf6f0 fffff804`7c966f92 : 00000000`00000000 ffffb90b`16723670 00000000`00000001 00000000`00000000 : nt!ObOpenObjectByNameEx+0x201
ffff8289`a27bf840 fffff804`7c966c09 : 0000005c`a7e2c800 ffffe281`c0100080 0000005c`a7e2c838 0000005c`a7e2c808 : nt!IopCreateFile+0x37a
ffff8289`a27bf920 fffff804`7c68d355 : ffffb90b`48cbb330 fffff804`7c978b6f 00000000`00000000 00000000`00000000 : nt!NtCreateFile+0x79
ffff8289`a27bf9b0 00007ff9`655401c4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x25
0000005c`a7e2c678 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`655401c4
SYMBOL_NAME: nt!KiFastFailDispatch+b2
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
IMAGE_VERSION: 10.0.26100.2894
STACK_COMMAND: .process /r /p 0xffffb90b45f7e080; .thread 0xffffb90b487ca0c0 ; kb
BUCKET_ID_FUNC_OFFSET: b2
FAILURE_BUCKET_ID: 0x139_1d_INVALID_BALANCED_TREE_nt!KiFastFailDispatch
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {67ec97ad-ad0b-071e-ab87-6dc661e22d1b}
