Bu konu çözüldü olarak işaretlenmiştir. Çözülmediğini düşünüyorsanız konuyu rapor edebilirsiniz.
Hielah

Hielah

Uzman
Katılım
9 Ağustos 2024
Mesajlar
167
Çözümler
4
Beğeniler
111
Az önce BF5 indirdim, ayarları yaptım. Yaptıktan sonra oyundan çıkınca mavi ekran hatası aldım.

Dosya


Sistem:

R5 7500F.
MSI MB PRO A620M-E.
Gıgabyte 7700XT.
Team-Force 2x8 6000MHz RAM.
MSI MPG A650W PSU.
 
Çözüm
bicy
Kod: 
ATTEMPTED_WRITE_TO_READONLY_MEMORY (be)
An attempt was made to write to readonly memory.  The guilty driver is on the
stack trace (and is typically the current instruction pointer).
When possible, the guilty driver's name (Unicode string) is printed on
the BugCheck screen and saved in KiBugCheckDriver.
Arguments:
Arg1: ffffd8fc0f615000, Virtual address for the attempted write.
Arg2: 8a00000004100121, PTE contents.
Arg3: ffffde0b0de6eba0, (reserved)
Arg4: 000000000000000b, (reserved)

Bir şey, ReadOnly bir bellek bölgesine erişmeye çalışıyor. Bu tipik olarak imkansız bir erişimdir çünkü bu bellek bölgesi 3.taraf sürücüler için ayrılan bir alanda değildir. İlk değer pte adresimizi veriyor.

6: kd> !pte ffffd8fc0f615000
VA ffffd8fc0f615000
PXE at FFFFF67B3D9ECD88 PPE at FFFFF67B3D9B1F80 PDE at FFFFF67B363F03D8 PTE at FFFFF66C7E07B0A8
contains 0A0000000083D863 contains 0A0000043A2D6863 contains 1A0000043A278863 contains 8A00000004100121 / 2.parametre değeri
pfn 83d ---DA--KWEV pfn 43a2d6 ---DA--KWEV pfn 43a278 ---DA--KWEV pfn 4100 -G--A--KR-V
Genişletmek için tıkla...
Küçültmek için tıkla...

Kod: 
6: kd> k
 # Child-SP          RetAddr               Call Site
00 ffffde0b`0de6e8f8 fffff806`22e45667     nt!KeBugCheckEx
01 ffffde0b`0de6e900 fffff806`22c39790     nt!MiSystemFault+0x1cd107
02 ffffde0b`0de6ea00 fffff806`22e0e46d     nt!MmAccessFault+0x400 < Geçersiz erişim!
03 ffffde0b`0de6eba0 fffff806`22e145f0     nt!KiPageFault+0x36d < Çökme
04 ffffde0b`0de6ed38 fffff806`22cbc6d8     nt!memset+0x30
05 ffffde0b`0de6ed40 fffff806`232d3537     nt!RtlClearBitsEx+0x98 < Belirtilen bellek aralığını temizle
06 ffffde0b`0de6ed70 fffff806`232d34bc     nt!MiMarkRetpolineBits+0x63
07 ffffde0b`0de6eda0 fffff806`23212ec8     nt!MiMarkKernelImageRetpolineBits+0x34 ???
08 ffffde0b`0de6edd0 fffff806`23161361     nt!MiUnloadSystemImage+0x15e000 <
09 ffffde0b`0de6ef70 fffff806`2316128e     nt!MmUnloadSystemImage+0x41 < Sistem imajını sil. Memory manager
0a ffffde0b`0de6efa0 fffff806`2302d970     nt!IopDeleteDriver+0x4e
0b ffffde0b`0de6eff0 fffff806`22c5ac67     nt!ObpRemoveObjectRoutine+0x80
0c ffffde0b`0de6f050 fffff806`22e20b7a     nt!ObfDereferenceObjectWithTag+0xc7
0d ffffde0b`0de6f090 fffff806`22c49a32     nt!IopCompleteUnloadOrDelete+0x21da0a < İlgili objenin kaldırıldığını bildir
0e ffffde0b`0de6f150 fffff806`2302a2c0     nt!IopDecrementDeviceObjectRef+0x162 < Device Object referansını düşür. Objenin kullanılmadığını bildir
0f ffffde0b`0de6f1b0 fffff806`2302d970     nt!IopDeleteFile+0x210 < Dosyayı kaldır
10 ffffde0b`0de6f230 fffff806`22c5ac67     nt!ObpRemoveObjectRoutine+0x80 < Objeyi Kaldır
11 ffffde0b`0de6f290 fffff806`230331d9     nt!ObfDereferenceObjectWithTag+0xc7 < Objeyi 0'a ayarla
12 ffffde0b`0de6f2d0 fffff806`2302df1c     nt!ObCloseHandleTableEntry+0x6c9 < NtClose tarafından çağırılan ve handle tablo girişini kapatır
13 ffffde0b`0de6f410 fffff806`22e12b0b     nt!NtClose+0xec < İlgili objenin handle'ını kapat
14 ffffde0b`0de6f480 00007fff`c6f8d744     nt!KiSystemServiceExitPico+0x41f
15 0000007b`15bfe528 00000000`00000000     0x00007fff`c6f8d744 < Kullanıcı modundan gelen bir çağrı

Yığıta bakılırsa bir sürücünün birden fazla kez kaldırıldığını, yani aynı işlemlerin 2.kez çağrılması sonrası oluşan bellek leak'inin geçersiz bellek erişimine yol açtığını düşünüyorum. Daha doğrusu readonly bir bellek bölgesine erişim olduğunu görüyoruz. Kaldırılan sürücü nedir?

Bunu nt!IopDeleteDriver fonksiyonu ile beraber tutulanan sürücü nesnesinden bulabiliriz.

07 ffffde0b0de6efa0 nt!IopDeleteDriver+8x
Parameter[0] = ffffb30468fdf530 < Sürücü nesnesi.
Parameter[1] = (unknown)
Parameter[2] = (unknown)
Parameter[3] = (unknown)
Genişletmek için tıkla...
Küçültmek için tıkla...

6: kd> !drvobj ffffb30468fdf530
Driver object (ffffb30468fdf530) is for:
\FileSystem\EAAntiCheat

Driver Extension List: (id , addr)
Genişletmek için tıkla...
Küçültmek için tıkla...

Kaldırılmaya çalışırken sorun yaratan sürücünün apaçık EAC sürücüsü olduğu ortada. Sorun da bundan dolayı çıkıyor...

Kod: 
6: kd> lmvmEAAntiCheat
Browse full module list
start             end                 module name
fffff80a`7e4f0000 fffff80a`80491000   eaanticheat T (no symbols)          
    Loaded symbol image file: eaanticheat.sys
    Image path: \SystemRoot\system32\drivers\eaanticheat.sys
    Image name: eaanticheat.sys
    Browse all global symbols  functions  data
    Timestamp:        Fri Sep  6 05:24:14 2024 (66DA67CE)
    CheckSum:         01FE3103
    ImageSize:        01FA1000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
    Information from resource tables:

Sürücüsü güncel galiba.? Emin değilim. Durum tekrar ederse kaldırmanızı tavsiye ederim.
Tarihe göre sırala Puana göre sırala
Xbox kontrolcüyle oynamıyorsan bağlantısını kesmeni öneririm. Ayrıca sanırsam kulaklığın ASUS ROG FUSION II 500 ve yapmış olduğun bir ayar da etki ediyor olabilir. Hata devam ederse Armoury Crate yazılımını kapayıp oyuna girmeyi deneyebilirsin. Net çözüm Xbox kontrolcü gibi görünüyor olsa da söylememde fayda var kulaklık mevzusunu da.

Ek olarak EasyAnti Cheat'i de kaldırıp kurmayı deneyebilirsin.

Kod: 
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

ATTEMPTED_WRITE_TO_READONLY_MEMORY (be)
An attempt was made to write to readonly memory.  The guilty driver is on the
stack trace (and is typically the current instruction pointer).
When possible, the guilty driver's name (Unicode string) is printed on
the BugCheck screen and saved in KiBugCheckDriver.
Arguments:
Arg1: ffffd8fc0f615000, Virtual address for the attempted write.
Arg2: 8a00000004100121, PTE contents.
Arg3: ffffde0b0de6eba0, (reserved)
Arg4: 000000000000000b, (reserved)

Debugging Details:
------------------


KEY_VALUES_STRING: 1

    Key  : Analysis.CPU.mSec
    Value: 3468

    Key  : Analysis.Elapsed.mSec
    Value: 19800

    Key  : Analysis.IO.Other.Mb
    Value: 0

    Key  : Analysis.IO.Read.Mb
    Value: 0

    Key  : Analysis.IO.Write.Mb
    Value: 0

    Key  : Analysis.Init.CPU.mSec
    Value: 312

    Key  : Analysis.Init.Elapsed.mSec
    Value: 2725

    Key  : Analysis.Memory.CommitPeak.Mb
    Value: 82

    Key  : Analysis.Version.DbgEng
    Value: 10.0.27704.1001

    Key  : Analysis.Version.Description
    Value: 10.2408.27.01 amd64fre

    Key  : Analysis.Version.Ext
    Value: 1.2408.27.1

    Key  : Bugcheck.Code.LegacyAPI
    Value: 0xbe

    Key  : Bugcheck.Code.TargetModel
    Value: 0xbe

    Key  : Failure.Bucket
    Value: AV_nt!MiSystemFault

    Key  : Failure.Hash
    Value: {d80c40a2-5000-439f-696b-1bd8abb14be3}

    Key  : WER.OS.Branch
    Value: vb_release

    Key  : WER.OS.Version
    Value: 10.0.19041.1


BUGCHECK_CODE:  be

BUGCHECK_P1: ffffd8fc0f615000

BUGCHECK_P2: 8a00000004100121

BUGCHECK_P3: ffffde0b0de6eba0

BUGCHECK_P4: b

FILE_IN_CAB:  100724-11156-01.dmp

FAULTING_THREAD:  ffffb3046d298080

BLACKBOXBSD: 1 (!blackboxbsd)


BLACKBOXNTFS: 1 (!blackboxntfs)


BLACKBOXPNP: 1 (!blackboxpnp)


BLACKBOXWINLOGON: 1

CUSTOMER_CRASH_COUNT:  1

PROCESS_NAME:  EAAntiCheat.GameService.exe

TRAP_FRAME:  ffffde0b0de6eba0 -- (.trap 0xffffde0b0de6eba0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffd8fc0f614fca rbx=0000000000000000 rcx=ffffd8fc0f615002
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80622e145f0 rsp=ffffde0b0de6ed38 rbp=ffffde0b0de6eed0
 r8=000000000000003f  r9=0000000000000038 r10=ffffd8fc0f615008
r11=00000000780a8049 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz ac pe nc
nt!memset+0x30:
fffff806`22e145f0 4a895408f8      mov     qword ptr [rax+r9-8],rdx ds:ffffd8fc`0f614ffa=????????????????
Resetting default scope

STACK_TEXT: 
ffffde0b`0de6e8f8 fffff806`22e45667     : 00000000`000000be ffffd8fc`0f615000 8a000000`04100121 ffffde0b`0de6eba0 : nt!KeBugCheckEx
ffffde0b`0de6e900 fffff806`22c39790     : 00000000`00000005 00000000`00000003 ffffde0b`0de6ec20 00000000`00000000 : nt!MiSystemFault+0x1cd107
ffffde0b`0de6ea00 fffff806`22e0e46d     : ffffffff`ffffffff 00000000`00000001 ffffc900`4b640180 fffff806`22ca3d05 : nt!MmAccessFault+0x400
ffffde0b`0de6eba0 fffff806`22e145f0     : fffff806`22cbc6d8 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x36d
ffffde0b`0de6ed38 fffff806`22cbc6d8     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!memset+0x30
ffffde0b`0de6ed40 fffff806`232d3537     : 00000000`000001fb 00000000`780a804a 00000000`780a7e4f 00000000`0000000f : nt!RtlClearBitsEx+0x98
ffffde0b`0de6ed70 fffff806`232d34bc     : ffffb304`6de24a20 00000000`00000001 00000000`00000000 00000000`00001fa1 : nt!MiMarkRetpolineBits+0x63
ffffde0b`0de6eda0 fffff806`23212ec8     : ffffb304`6de24a20 ffffb304`6de24a20 ffffde0b`0de6eed0 00000000`00000001 : nt!MiMarkKernelImageRetpolineBits+0x34
ffffde0b`0de6edd0 fffff806`23161361     : 00000000`00000000 fffff806`ffffffff ffff98ff`00000001 ffffe307`1b690cc0 : nt!MiUnloadSystemImage+0x15e000
ffffde0b`0de6ef70 fffff806`2316128e     : ffffb304`68fdf500 ffffde0b`0de6f110 00000000`00000000 ffffb304`68fdf530 : nt!MmUnloadSystemImage+0x41
ffffde0b`0de6efa0 fffff806`2302d970     : ffffb304`68fdf500 ffffde0b`0de6f110 fffff806`23725400 ffffde0b`0de6f010 : nt!IopDeleteDriver+0x4e
ffffde0b`0de6eff0 fffff806`22c5ac67     : 00000000`00000000 00000000`00000000 ffffde0b`0de6f110 ffffb304`68fdf530 : nt!ObpRemoveObjectRoutine+0x80
ffffde0b`0de6f050 fffff806`22e20b7a     : 00000000`00000000 ffffb304`68fdf530 369634f3`00000000 ffffde0b`0de6ef00 : nt!ObfDereferenceObjectWithTag+0xc7
ffffde0b`0de6f090 fffff806`22c49a32     : ffffb304`52ffcf00 ffffb304`6a8ab000 ffffc900`4b4e4910 fffff806`22c4ad55 : nt!IopCompleteUnloadOrDelete+0x21da0a
ffffde0b`0de6f150 fffff806`2302a2c0     : ffffb304`78355610 00000000`00000000 00000000`00000000 fffff806`22c52a59 : nt!IopDecrementDeviceObjectRef+0x162
ffffde0b`0de6f1b0 fffff806`2302d970     : ffffb304`52ffcf00 00000000`00000001 ffffb304`783555e0 ffffb304`675ef740 : nt!IopDeleteFile+0x210
ffffde0b`0de6f230 fffff806`22c5ac67     : 00000000`00000000 00000000`00000000 ffffde0b`0de6f3b9 ffffb304`78355610 : nt!ObpRemoveObjectRoutine+0x80
ffffde0b`0de6f290 fffff806`230331d9     : ffffb304`783555e0 00000000`00000000 ffffe306`00000000 ffffb304`783555e0 : nt!ObfDereferenceObjectWithTag+0xc7
ffffde0b`0de6f2d0 fffff806`2302df1c     : 00000000`00000688 ffff98ff`95c9e15e ffffb304`6d298080 fffff806`22e12ae6 : nt!ObCloseHandleTableEntry+0x6c9
ffffde0b`0de6f410 fffff806`22e12b0b     : ffffb304`6d298000 000001bb`8da00000 ffffde0b`0de6f500 ffffffff`fe363c80 : nt!NtClose+0xec
ffffde0b`0de6f480 00007fff`c6f8d744     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExitPico+0x41f
0000007b`15bfe528 00000000`00000000     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`c6f8d744


SYMBOL_NAME:  nt!MiSystemFault+1cd107

MODULE_NAME: nt

IMAGE_VERSION:  10.0.19041.4894

STACK_COMMAND:  .process /r /p 0xffffb3046a3ee080; .thread 0xffffb3046d298080 ; kb

IMAGE_NAME:  ntkrnlmp.exe

BUCKET_ID_FUNC_OFFSET:  1cd107

FAILURE_BUCKET_ID:  AV_nt!MiSystemFault

OS_VERSION:  10.0.19041.1

BUILDLAB_STR:  vb_release

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

FAILURE_ID_HASH:  {d80c40a2-5000-439f-696b-1bd8abb14be3}

Followup:     MachineOwner
---------

    PnpActivityId      : {00000000-0000-0000-0000-000000000000}
    PnpActivityTime    : 133727946613053254
    PnpEventInformation: 3
    PnpEventInProgress : 0
    PnpProblemCode     : 24
    PnpVetoType        : 0
    DeviceId           : USB\VID_0B05&PID_196E\6&419c674&0&1
    VetoString         :

start             end                 module name
fffff31a`e3c00000 fffff31a`e3ecc000   win32kbase   (deferred)             
fffff31a`e41c0000 fffff31a`e425b000   win32k     (deferred)             
fffff31a`e4650000 fffff31a`e4a01000   win32kfull   (deferred)             
fffff31a`e4a60000 fffff31a`e4aa9000   cdd        (deferred)             
fffff806`21740000 fffff806`21768000   mcupdate_AuthenticAMD   (deferred)             
fffff806`21770000 fffff806`21776000   hal        (deferred)             
fffff806`21780000 fffff806`2178b000   kd         (deferred)             
fffff806`21790000 fffff806`217b8000   tm         (deferred)             
fffff806`217c0000 fffff806`2182e000   CLFS       (deferred)             
fffff806`21830000 fffff806`2184a000   PSHED      (deferred)             
fffff806`21850000 fffff806`2185b000   BOOTVID    (deferred)             
fffff806`21860000 fffff806`21978000   clipsp     (deferred)             
fffff806`21980000 fffff806`219ee000   FLTMGR     (deferred)             
fffff806`219f0000 fffff806`21a19000   ksecdd     (deferred)             
fffff806`21a20000 fffff806`21a83000   msrpc      (deferred)             
fffff806`21a90000 fffff806`21a9e000   cmimcext   (deferred)             
fffff806`21aa0000 fffff806`21ab1000   werkernel   (deferred)             
fffff806`21ac0000 fffff806`21acc000   ntosext    (deferred)             
fffff806`21ad0000 fffff806`21ae3000   WDFLDR     (deferred)             
fffff806`21af0000 fffff806`21aff000   SleepStudyHelper   (deferred)             
fffff806`21b00000 fffff806`21b11000   WppRecorder   (deferred)             
fffff806`21b20000 fffff806`21b2d000   msseccore   (deferred)             
fffff806`21b30000 fffff806`21b3c000   WMILIB     (deferred)             
fffff806`22a00000 fffff806`23a46000   nt         (pdb symbols)          C:\ProgramData\Dbg\sym\ntkrnlmp.pdb\9F65CD18C2F36F88B2D0CE8A7BFE2BB71\ntkrnlmp.pdb
fffff806`27000000 fffff806`270ec000   CI         (deferred)             
fffff806`270f0000 fffff806`271ab000   cng        (deferred)             
fffff806`271b0000 fffff806`27281000   Wdf01000   (deferred)             
fffff806`27290000 fffff806`272b6000   acpiex     (deferred)             
fffff806`272c0000 fffff806`272da000   SgrmAgent   (deferred)             
fffff806`272e0000 fffff806`273ac000   ACPI       (deferred)             
fffff806`273b0000 fffff806`273bb000   msisadrv   (deferred)             
fffff806`273d0000 fffff806`273e7000   WindowsTrustedRT   (deferred)             
fffff806`273f0000 fffff806`273fb000   IntelTA    (deferred)             
fffff806`27400000 fffff806`27478000   pci        (deferred)             
fffff806`27480000 fffff806`274c5000   tpm        (deferred)             
fffff806`274d0000 fffff806`2753b000   intelpep   (deferred)             
fffff806`27540000 fffff806`2754b000   WindowsTrustedRTProxy   (deferred)             
fffff806`27550000 fffff806`27564000   pcw        (deferred)             
fffff806`27570000 fffff806`27585000   vdrvroot   (deferred)             
fffff806`27590000 fffff806`275a9000   amdkmpfd   (deferred)             
fffff806`275b0000 fffff806`275e0000   pdc        (deferred)             
fffff806`275f0000 fffff806`27609000   CEA        (deferred)             
fffff806`27610000 fffff806`27641000   partmgr    (deferred)             
fffff806`27650000 fffff806`276fb000   spaceport   (deferred)             
fffff806`27700000 fffff806`27719000   volmgr     (deferred)             
fffff806`27720000 fffff806`27783000   volmgrx    (deferred)             
fffff806`27790000 fffff806`277ae000   mountmgr   (deferred)             
fffff806`277b0000 fffff806`277e2000   storahci   (deferred)             
fffff806`277f0000 fffff806`278a5000   storport   (deferred)             
fffff806`278b0000 fffff806`278cc000   EhStorClass   (deferred)             
fffff806`278d0000 fffff806`278ea000   fileinfo   (deferred)             
fffff806`278f0000 fffff806`27930000   Wof        (deferred)             
fffff806`27940000 fffff806`279d6000   WdFilter   (deferred)             
fffff806`279e0000 fffff806`27cb7000   Ntfs       (deferred)             
fffff806`27cc0000 fffff806`27ccd000   Fs_Rec     (deferred)             
fffff806`27cd0000 fffff806`27e40000   ndis       (deferred)             
fffff806`27e50000 fffff806`27eec000   NETIO      (deferred)             
fffff806`27ef0000 fffff806`27f22000   ksecpkg    (deferred)             
fffff806`27f30000 fffff806`27f40000   amdpsp     (deferred)             
fffff806`27f50000 fffff806`27fcf000   fwpkclnt   (deferred)             
fffff806`27fd0000 fffff806`27fdb000   volume     (deferred)             
fffff806`27fe0000 fffff806`27ff2000   iorate     (deferred)             
fffff806`28000000 fffff806`282ed000   tcpip      (deferred)             
fffff806`282f0000 fffff806`28320000   wfplwfs    (deferred)             
fffff806`28330000 fffff806`283f9000   fvevol     (deferred)             
fffff806`28400000 fffff806`2846d000   volsnap    (deferred)             
fffff806`28470000 fffff806`284c0000   rdyboost   (deferred)             
fffff806`284d0000 fffff806`284f6000   mup        (deferred)             
fffff806`28520000 fffff806`2853d000   disk       (deferred)             
fffff806`28540000 fffff806`285b2000   CLASSPNP   (deferred)             
fffff806`6b000000 fffff806`6b094000   mrxsmb     (deferred)             
fffff806`6b0e0000 fffff806`6b158000   ks         (deferred)             
fffff806`6b160000 fffff806`6b1fd000   USBXHCI    (deferred)             
fffff806`6b200000 fffff806`6b213000   mouclass   (deferred)             
fffff806`6b220000 fffff806`6b23c000   serial     (deferred)             
fffff806`6b240000 fffff806`6b24c000   wmiacpi    (deferred)             
fffff806`6b250000 fffff806`6b25d000   amdgpio2   (deferred)             
fffff806`6b260000 fffff806`6b292000   msgpioclx   (deferred)             
fffff806`6b2a0000 fffff806`6b2dc000   amdppm     (deferred)             
fffff806`6b2e0000 fffff806`6b2ea000   amdgpio3   (deferred)             
fffff806`6b2f0000 fffff806`6b2fe000   UEFI       (deferred)             
fffff806`6b300000 fffff806`6b30a000   amdfendrmgr   (deferred)             
fffff806`6b310000 fffff806`6b31d000   NdisVirtualBus   (deferred)             
fffff806`6b320000 fffff806`6b32c000   swenum     (deferred)             
fffff806`6b330000 fffff806`6b33e000   rdpbus     (deferred)             
fffff806`6b340000 fffff806`6b3e3000   UsbHub3    (deferred)             
fffff806`6b3f0000 fffff806`6b3fe000   USBD       (deferred)             
fffff806`6b400000 fffff806`6b43e000   AtihdWT6   (deferred)             
fffff806`6b440000 fffff806`6b4af000   HdAudio    (deferred)             
fffff806`6b4f0000 fffff806`6b522000   dump_storahci   (deferred)             
fffff806`6b550000 fffff806`6b56d000   dump_dumpfve   (deferred)             
fffff806`6b570000 fffff806`6b583000   hidparse   (deferred)             
fffff806`6b710000 fffff806`6b744000   usbccgp    (deferred)             
fffff806`6b750000 fffff806`6b762000   hidusb     (deferred)             
fffff806`6b770000 fffff806`6b7b1000   HIDCLASS   (deferred)             
fffff806`6b7e0000 fffff806`6b7fe000   crashdmp   (deferred)             
fffff806`71000000 fffff806`713aa000   dxgkrnl    (deferred)             
fffff806`713b0000 fffff806`713c8000   watchdog   (deferred)             
fffff806`713d0000 fffff806`713e6000   BasicDisplay   (deferred)             
fffff806`713f0000 fffff806`71401000   BasicRender   (deferred)             
fffff806`71410000 fffff806`7142c000   Npfs       (deferred)             
fffff806`71430000 fffff806`71441000   Msfs       (deferred)             
fffff806`71450000 fffff806`7146e000   CimFS      (deferred)             
fffff806`71470000 fffff806`71492000   tdx        (deferred)             
fffff806`714a0000 fffff806`714b0000   TDI        (deferred)             
fffff806`714c0000 fffff806`7151c000   netbt      (deferred)             
fffff806`71520000 fffff806`71534000   afunix     (deferred)             
fffff806`71540000 fffff806`715e8000   afd        (deferred)             
fffff806`715f0000 fffff806`7160a000   vwififlt   (deferred)             
fffff806`71610000 fffff806`7163b000   pacer      (deferred)             
fffff806`71640000 fffff806`71654000   ndiscap    (deferred)             
fffff806`71660000 fffff806`71674000   netbios    (deferred)             
fffff806`71680000 fffff806`71721000   Vid        (deferred)             
fffff806`71730000 fffff806`71754000   winhvr     (deferred)             
fffff806`71760000 fffff806`717db000   rdbss      (deferred)             
fffff806`717e0000 fffff806`71875000   csc        (deferred)             
fffff806`71880000 fffff806`71892000   nsiproxy   (deferred)             
fffff806`718a0000 fffff806`718ae000   npsvctrig   (deferred)             
fffff806`718b0000 fffff806`718c0000   mssmbios   (deferred)             
fffff806`718d0000 fffff806`718d7000   MsIo64     (deferred)             
fffff806`718e0000 fffff806`718ea000   gpuenergydrv   (deferred)             
fffff806`718f0000 fffff806`7191d000   dfsc       (deferred)             
fffff806`71920000 fffff806`71935000   umbus      (deferred)             
fffff806`71940000 fffff806`719ad000   fastfat    (deferred)             
fffff806`719b0000 fffff806`719bb000   CtiAIo64   (deferred)             
fffff806`719c0000 fffff806`719d7000   bam        (deferred)             
fffff806`719e0000 fffff806`719ef000   AsIO3      (deferred)             
fffff806`719f0000 fffff806`71a42000   ahcache    (deferred)             
fffff806`71a50000 fffff806`71a5f000   amdxe      (deferred)             
fffff806`71a60000 fffff806`71aba000   amdfendr   (deferred)             
fffff806`71ac0000 fffff806`71ad2000   CompositeBus   (deferred)             
fffff806`71ae0000 fffff806`71aed000   kdnic      (deferred)             
fffff806`71af0000 fffff806`71b0c000   amdsafd    (deferred)             
fffff806`71b20000 fffff806`71b2f000   dump_diskdump   (deferred)             
fffff806`71b40000 fffff806`71b54000   kbdclass   (deferred)             
fffff806`71b60000 fffff806`73688000   vgk        (deferred)             
fffff806`73690000 fffff806`736c0000   cdrom      (deferred)             
fffff806`736d0000 fffff806`736e5000   filecrypt   (deferred)             
fffff806`736f0000 fffff806`736fe000   tbs        (deferred)             
fffff806`73700000 fffff806`73715000   UCPD       (deferred)             
fffff806`73720000 fffff806`7372a000   Null       (deferred)             
fffff806`73730000 fffff806`7373a000   Beep       (deferred)             
fffff806`73740000 fffff806`737a8000   portcls    (deferred)             
fffff806`737b0000 fffff806`737d1000   drmk       (deferred)             
fffff806`737e0000 fffff806`737f1000   ksthunk    (deferred)             
fffff806`8ca00000 fffff806`8ca25000   HDAudBus   (deferred)             
fffff806`8ca30000 fffff806`8cb74000   rt640x64   (deferred)             
fffff806`8cb80000 fffff806`8cbc4000   ucx01000   (deferred)             
fffff806`8cbd0000 fffff806`935d0000   amdkmdag   (deferred)             
fffff806`935e0000 fffff806`935eb000   AMDPCIDev   (deferred)             
fffff806`935f0000 fffff806`935ff000   serenum    (deferred)             
fffff806`9c400000 fffff806`9c482000   cldflt     (deferred)             
fffff806`9c490000 fffff806`9c4aa000   storqosflt   (deferred)             
fffff806`9c4b0000 fffff806`9c4d8000   bindflt    (deferred)             
fffff806`9c4e0000 fffff806`9c4f8000   mslldp     (deferred)             
fffff806`9c500000 fffff806`9c518000   lltdio     (deferred)             
fffff806`9c520000 fffff806`9c53d000   wanarp     (deferred)             
fffff806`9c540000 fffff806`9c55b000   rspndr     (deferred)             
fffff806`9c560000 fffff806`9c5b6000   msquic     (deferred)             
fffff806`9c5c0000 fffff806`9c747000   HTTP       (deferred)             
fffff806`9c750000 fffff806`9c775000   bowser     (deferred)             
fffff806`9c780000 fffff806`9c860000   dxgmms2    (deferred)             
fffff806`9c870000 fffff806`9c8a8000   usbaudio   (deferred)             
fffff806`9c8b0000 fffff806`9c8c1000   kbdhid     (deferred)             
fffff806`9c8d0000 fffff806`9c8e0000   mouhid     (deferred)             
fffff806`9c930000 fffff806`9c95d000   luafv      (deferred)             
fffff806`9c960000 fffff806`9c997000   wcifs      (deferred)             
fffff806`9c9a0000 fffff806`9c9ba000   mpsdrv     (deferred)             
fffff806`ca800000 fffff806`ca827000   Ndu        (deferred)             
fffff806`ca830000 fffff806`ca906000   peauth     (deferred)             
fffff806`ca910000 fffff806`ca925000   tcpipreg   (deferred)             
fffff806`ca930000 fffff806`ca94d000   rassstp    (deferred)             
fffff806`ca950000 fffff806`caa18000   srv2       (deferred)             
fffff806`caa20000 fffff806`caa3d000   NDProxy    (deferred)             
fffff806`caa40000 fffff806`caa68000   AgileVpn   (deferred)             
fffff806`caa70000 fffff806`caa91000   rasl2tp    (deferred)             
fffff806`caaa0000 fffff806`caac1000   raspptp    (deferred)             
fffff806`caad0000 fffff806`caaec000   raspppoe   (deferred)             
fffff806`caaf0000 fffff806`caaff000   ndistapi   (deferred)             
fffff806`cab00000 fffff806`cab3a000   ndiswan    (deferred)             
fffff806`cab40000 fffff806`cab52000   condrv     (deferred)             
fffff806`cab60000 fffff806`cab6e000   IOMap64    (deferred)             
fffff806`cab70000 fffff806`cab8d000   WdNisDrv   (deferred)             
fffff806`cab90000 fffff806`cab9d000   rdpvideominiport   (deferred)             
fffff806`cac10000 fffff806`cac55000   MpKslDrv   (deferred)             
fffff806`cb060000 fffff806`cb07b000   monitor    (deferred)             
fffff806`cb2d0000 fffff806`cb315000   mrxsmb20   (deferred)             
fffff806`cb320000 fffff806`cb350000   AMDRyzenMasterDriver   (deferred)             
fffff806`cb360000 fffff806`cb3b6000   srvnet     (deferred)             
fffff806`cb3c0000 fffff806`cb3d4000   mmcss      (deferred)             
fffff80a`7e4f0000 fffff80a`80491000   eaanticheat   (deferred)             

Unloaded modules:
fffff80a`7dc70000 fffff80a`7f5fc000   eaanticheat.
fffff806`cb040000 fffff806`cb05c000   monitor.sys
fffff806`cb020000 fffff806`cb03c000   monitor.sys
fffff806`cb000000 fffff806`cb01c000   monitor.sys
fffff806`cafe0000 fffff806`caffc000   monitor.sys
fffff806`cafc0000 fffff806`cafdc000   monitor.sys
fffff806`cafa0000 fffff806`cafbc000   monitor.sys
fffff806`caf80000 fffff806`caf9c000   monitor.sys
fffff806`caf60000 fffff806`caf7c000   monitor.sys
fffff806`caf40000 fffff806`caf5c000   monitor.sys
fffff806`caf20000 fffff806`caf3c000   monitor.sys
fffff806`caf00000 fffff806`caf1c000   monitor.sys
fffff806`caee0000 fffff806`caefc000   monitor.sys
fffff806`caec0000 fffff806`caedc000   monitor.sys
fffff806`caea0000 fffff806`caebc000   monitor.sys
fffff806`cae80000 fffff806`cae9c000   monitor.sys
fffff806`cae60000 fffff806`cae7c000   monitor.sys
fffff806`cae40000 fffff806`cae5c000   monitor.sys
fffff806`cae20000 fffff806`cae3c000   monitor.sys
fffff806`cae00000 fffff806`cae1c000   monitor.sys
fffff806`cade0000 fffff806`cadfc000   monitor.sys
fffff806`cadc0000 fffff806`caddc000   monitor.sys
fffff806`cada0000 fffff806`cadbc000   monitor.sys
fffff806`cad80000 fffff806`cad9c000   monitor.sys
fffff806`cad60000 fffff806`cad7c000   monitor.sys
fffff806`cad40000 fffff806`cad5c000   monitor.sys
fffff806`cad20000 fffff806`cad3c000   monitor.sys
fffff806`cad00000 fffff806`cad1c000   monitor.sys
fffff806`cace0000 fffff806`cacfc000   monitor.sys
fffff806`cacc0000 fffff806`cacdc000   monitor.sys
fffff806`caca0000 fffff806`cacbc000   monitor.sys
fffff806`cac80000 fffff806`cac9c000   monitor.sys
fffff806`cac60000 fffff806`cac7c000   monitor.sys
fffff806`9c8f0000 fffff806`9c90c000   monitor.sys
fffff806`caba0000 fffff806`cabb0000   hiber_storpo
fffff806`cabb0000 fffff806`cabe3000   hiber_storah
fffff806`cabf0000 fffff806`cac0e000   hiber_dumpfv
fffff806`6b5b0000 fffff806`6b6e5000   xboxgip.sys
fffff806`6b6f0000 fffff806`6b704000   DevAuthE.sys
fffff806`6b590000 fffff806`6b5a7000   dc1-controll
fffff806`9c910000 fffff806`9c928000   xinputhid.sy
fffff806`71b10000 fffff806`71b32000   i8042prt.sys
fffff806`6b010000 fffff806`6b020000   dump_storpor
fffff806`6b060000 fffff806`6b093000   dump_storahc
fffff806`6b0c0000 fffff806`6b0de000   dump_dumpfve
fffff806`71920000 fffff806`7193c000   dam.sys
fffff806`273c0000 fffff806`273cc000   WdBoot.sys
fffff806`28500000 fffff806`28511000   hwpolicy.sys
 # RetAddr               : Args to Child                                                           : Call Site
00 fffff806`22e45667     : 00000000`000000be ffffd8fc`0f615000 8a000000`04100121 ffffde0b`0de6eba0 : nt!KeBugCheckEx
01 fffff806`22c39790     : 00000000`00000005 00000000`00000003 ffffde0b`0de6ec20 00000000`00000000 : nt!MiSystemFault+0x1cd107
02 fffff806`22e0e46d     : ffffffff`ffffffff 00000000`00000001 ffffc900`4b640180 fffff806`22ca3d05 : nt!MmAccessFault+0x400
03 fffff806`22e145f0     : fffff806`22cbc6d8 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x36d
04 fffff806`22cbc6d8     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!memset+0x30
05 fffff806`232d3537     : 00000000`000001fb 00000000`780a804a 00000000`780a7e4f 00000000`0000000f : nt!RtlClearBitsEx+0x98
06 fffff806`232d34bc     : ffffb304`6de24a20 00000000`00000001 00000000`00000000 00000000`00001fa1 : nt!MiMarkRetpolineBits+0x63
07 fffff806`23212ec8     : ffffb304`6de24a20 ffffb304`6de24a20 ffffde0b`0de6eed0 00000000`00000001 : nt!MiMarkKernelImageRetpolineBits+0x34
08 fffff806`23161361     : 00000000`00000000 fffff806`ffffffff ffff98ff`00000001 ffffe307`1b690cc0 : nt!MiUnloadSystemImage+0x15e000
09 fffff806`2316128e     : ffffb304`68fdf500 ffffde0b`0de6f110 00000000`00000000 ffffb304`68fdf530 : nt!MmUnloadSystemImage+0x41
0a fffff806`2302d970     : ffffb304`68fdf500 ffffde0b`0de6f110 fffff806`23725400 ffffde0b`0de6f010 : nt!IopDeleteDriver+0x4e
0b fffff806`22c5ac67     : 00000000`00000000 00000000`00000000 ffffde0b`0de6f110 ffffb304`68fdf530 : nt!ObpRemoveObjectRoutine+0x80
0c fffff806`22e20b7a     : 00000000`00000000 ffffb304`68fdf530 369634f3`00000000 ffffde0b`0de6ef00 : nt!ObfDereferenceObjectWithTag+0xc7
0d fffff806`22c49a32     : ffffb304`52ffcf00 ffffb304`6a8ab000 ffffc900`4b4e4910 fffff806`22c4ad55 : nt!IopCompleteUnloadOrDelete+0x21da0a
0e fffff806`2302a2c0     : ffffb304`78355610 00000000`00000000 00000000`00000000 fffff806`22c52a59 : nt!IopDecrementDeviceObjectRef+0x162
0f fffff806`2302d970     : ffffb304`52ffcf00 00000000`00000001 ffffb304`783555e0 ffffb304`675ef740 : nt!IopDeleteFile+0x210
10 fffff806`22c5ac67     : 00000000`00000000 00000000`00000000 ffffde0b`0de6f3b9 ffffb304`78355610 : nt!ObpRemoveObjectRoutine+0x80
11 fffff806`230331d9     : ffffb304`783555e0 00000000`00000000 ffffe306`00000000 ffffb304`783555e0 : nt!ObfDereferenceObjectWithTag+0xc7
12 fffff806`2302df1c     : 00000000`00000688 ffff98ff`95c9e15e ffffb304`6d298080 fffff806`22e12ae6 : nt!ObCloseHandleTableEntry+0x6c9
13 fffff806`22e12b0b     : ffffb304`6d298000 000001bb`8da00000 ffffde0b`0de6f500 ffffffff`fe363c80 : nt!NtClose+0xec
14 00007fff`c6f8d744     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExitPico+0x41f
15 00000000`00000000     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`c6f8d744
Machine ID Information [From Smbios 3.7, DMIVersion 0, Size=2055]
BiosMajorRelease = 5
BiosMinorRelease = 35
BiosVendor = American Megatrends International, LLC.
BiosVersion = 1.E0
BiosReleaseDate = 07/23/2024
SystemManufacturer = Micro-Star International Co., Ltd.
SystemProductName = MS-7E28
SystemFamily = To be filled by O.E.M.
SystemVersion = 1.0
SystemSKU = To be filled by O.E.M.
BaseBoardManufacturer = Micro-Star International Co., Ltd.
BaseBoardProduct = PRO A620M-E (MS-7E28)
BaseBoardVersion = 1.0
[SMBIOS Data Tables v3.7]
[DMI Version - 0]
[2.0 Calling Convention - No]
[Table Size - 2055 bytes]

[BIOS Information (Type 0) - Length 26 - Handle 0000h]
  Vendor                        American Megatrends International, LLC.
  BIOS Version                  1.E0
  BIOS Starting Address Segment f000
  BIOS Release Date             07/23/2024
  BIOS ROM Size                 1000000
  BIOS Characteristics
       07: - PCI Supported
       11: - Upgradeable FLASH BIOS
       12: - BIOS Shadowing Supported
       15: - CD-Boot Supported
       16: - Selectable Boot Supported
       17: - BIOS ROM Socketed
       19: - EDD Supported
       20: - NEC 9800 J-Floppy Supported
       21: - Toshiba J-Floppy Supported
       22: - 360KB Floppy Supported
       23: - 1.2MB Floppy Supported
       24: - 720KB Floppy Supported
       25: - 2.88MB Floppy Supported
       26: - Print Screen Device Supported
       27: - Keyboard Services Supported
       28: - Serial Services Supported
       29: - Printer Services Supported
       30: - CGA/Mono Services Supported
       32: - BIOS Vendor Reserved
  BIOS Characteristic Extensions
       00: - ACPI Supported
       01: - USB Legacy Supported
       08: - BIOS Boot Specification Supported
       10: - Enable Targeted Content Distribution
       11: - UEFI Specification Supported
  BIOS Major Revision           5
  BIOS Minor Revision           35
  EC Firmware Major Revision    255
  EC Firmware Minor Revision    255
  Extended BIOS ROM Size        32 MB
[System Information (Type 1) - Length 27 - Handle 0001h]
  Manufacturer                  Micro-Star International Co., Ltd.
  Product Name                  MS-7E28
  Version                       1.0
  Serial Number                 To be filled by O.E.M.
  UUID                          00000000-0000-0000-0000-000000000000
  Wakeup Type                   Power Switch
  SKUNumber                     To be filled by O.E.M.
  Family                        To be filled by O.E.M.
[BaseBoard Information (Type 2) - Length 15 - Handle 0002h]
  Manufacturer                  Micro-Star International Co., Ltd.
  Product                       PRO A620M-E (MS-7E28)
  Version                       1.0
  Serial Number                 07E2810_O11B120387
  Asset Tag                                           
  Feature Flags                 09h
       00: - Motherboard
       03: - Replaceable
  Location                      To be filled by O.E.M.
  Chassis Handle                0003h
  Board Type                    0ah - Processor/Memory Module
  Number of Child Handles       0
[System Enclosure (Type 3) - Length 22 - Handle 0003h]
  Manufacturer                  Micro-Star International Co., Ltd.
  Chassis Type                  Desktop
  Version                       1.0
  Serial Number                                       
  Asset Tag Number                                   
  Bootup State                  Safe
  Power Supply State            Safe
  Thermal State                 Safe
  Security Status               None
  OEM Defined                   0
  Height                        0U
  Number of Power Cords         1
  Number of Contained Elements  0
  Contained Element Size        3
[OEM Strings (Type 11) - Length 5 - Handle 0004h]
  Number of Strings             1
   1                            To be filled by O.E.M.
[System Configuration Options (Type 12) - Length 5 - Handle 0005h]
[ (Type 256) - Length 9 - Handle 0007h]
[ (Type 256) - Length 31 - Handle 0008h]
[ (Type 256) - Length 26 - Handle 0009h]
[Cache Information (Type 7) - Length 27 - Handle 000ah]
  Socket Designation            L1 - Cache
  Cache Configuration           0180h - WBEnabled Int NonSocketed L1
  Maximum Cache Size            0180h - 384K
  Installed Size                0180h - 384K
  Supported SRAM Type           0010h - Pipeline-Burst
  Current SRAM Type             0010h - Pipeline-Burst
  Cache Speed                   1ns
  Error Correction Type         Specification Reserved
  System Cache Type             Unified
  Associativity                 8-way Set-Associative
  Maximum Cache Size 2          180 - 00000384l Kb
  Installed Cache Size 2        180 - 00000384l Kb
[Cache Information (Type 7) - Length 27 - Handle 000bh]
  Socket Designation            L2 - Cache
  Cache Configuration           0181h - WBEnabled Int NonSocketed L2
  Maximum Cache Size            1800h - 6144K
  Installed Size                1800h - 6144K
  Supported SRAM Type           0010h - Pipeline-Burst
  Current SRAM Type             0010h - Pipeline-Burst
  Cache Speed                   1ns
  Error Correction Type         Specification Reserved
  System Cache Type             Unified
  Associativity                 8-way Set-Associative
  Maximum Cache Size 2          1800 - 00006144l Kb
  Installed Cache Size 2        1800 - 00006144l Kb
[Cache Information (Type 7) - Length 27 - Handle 000ch]
  Socket Designation            L3 - Cache
  Cache Configuration           0182h - WBEnabled Int NonSocketed L3
  Maximum Cache Size            8200h - 32768K
  Installed Size                8200h - 32768K
  Supported SRAM Type           0010h - Pipeline-Burst
  Current SRAM Type             0010h - Pipeline-Burst
  Cache Speed                   1ns
  Error Correction Type         Specification Reserved
  System Cache Type             Unified
  Associativity                 16-way Set-Associative
  Maximum Cache Size 2          80000200 - 00032768l Kb
  Installed Cache Size 2        80000200 - 00032768l Kb
[Processor Information (Type 4) - Length 48 - Handle 000dh]
  Socket Designation            AM5
  Processor Type                Central Processor
  Processor Family              6bh - AMD Zen Processor Family
  Processor Manufacturer        Advanced Micro Devices, Inc.
  Processor ID                   120fa600fffb8b17
  Processor Version             AMD Ryzen 5 7500F 6-Core Processor             
  Processor Voltage             8dh - 1.3V
  External Clock                100MHz
  Max Speed                     5050MHz
  Current Speed                 3700MHz
  Status                        Enabled Populated
  Processor Upgrade             Specification Reserved
  L1 Cache Handle               000ah
  L2 Cache Handle               000bh
  L3 Cache Handle               000ch
  Serial Number                       
  Asset Tag Number                     
  Part Number                   Unknown
  Core Count                    6
  Core Enabled                  6
  Thread Count                  12
  Processor Characteristics     fc
  Enabled Characteristics:
       0x 2: 64-bit Capable
       0x 3: Multi-Core
       0x 4: Hardware Thread
       0x 5: Execute Protection
       0x 6: Enhanced Virtualization
       0x 7: Power/Performance Control
  Processor Family 2            006bh - AMD Zen Processor Family
  Core Count 2                  6
  Core Enabled 2                6
  Thread Count 2                12
[ (Type 256) - Length 9 - Handle 000eh]
[32Bit Memory Error Information (Type 18) - Length 23 - Handle 000fh]
[Physical Memory Array (Type 16) - Length 23 - Handle 0010h]
  Location                      03h - SystemBoard/Motherboard
  Use                           03h - System Memory
  Memory Error Correction       03h - None
  Maximum Capacity              134217728KB
  Memory Error Inf Handle       000fh
  Number of Memory Devices      2
[Memory Array Mapped Address (Type 19) - Length 31 - Handle 0011h]
  Starting Address              00000000h
  Ending Address                00ffffffh
  Memory Array Handle           0010h
  Partition Width               02
  Extended Starting Address     0000000000000000h
  Extended Ending Address       0000000000000000h
[32Bit Memory Error Information (Type 18) - Length 23 - Handle 0012h]
[Memory Device (Type 17) - Length 100 - Handle 0013h]
  Memory Error Info Handle      0012h
  Total Width                   64 bits
  Data Width                    64 bits
  Size                          8192MB
  Form Factor                   09h - DIMM
  Device Set                    [None]
  Device Locator                DIMMA1
  Bank Locator                  P0 CHANNEL A
  Memory Type                   22h - DDR5
  Type Detail                   4080h - Synchronous Unbuffered (Unregistered)
  Speed                         4800MHz
  Manufacturer                  Unknown
  Serial Number                         
  Asset Tag Number              [String Not Specified]
  Part Number                   UD5-5600                     
  Attributes                    1
  Extended Size                 0
  Configured Memory Speed       6000
  Minimum Voltage               1100
  Maximum Voltage               1100
  Configured Voltage            1100
  Memory Technology             3
  Memory Operating Mode Capability     8
  Firmware Version              6
  Module Manufacturer Id        61188
  Module Product Id             0
  Memory Subsystem Controller Manufacturer Id  0
  Memory Subsystem Controller Product Id       0
  Non-Volatile Size             0
  Volatile Size                 0
  Cache Size                    0
  Logical Size                  0
  Extended Speed                0
  Extended Configured Memory Speed     0
[Memory Device Mapped Address (Type 20) - Length 35 - Handle 0014h]
  Starting Address              00000000h
  Ending Address                007fffffh
  Memory Device Handle          0013h
  Mem Array Mapped Adr Handle   0011h
  Partition Row Position        [Unknown]
  Interleave Position           [Unknown]
  Interleave Data Depth         [Unknown]
  Extended Starting Address     0000000000000000h
  Extended Ending Address       0000000000000000h
[32Bit Memory Error Information (Type 18) - Length 23 - Handle 0015h]
[Memory Device (Type 17) - Length 100 - Handle 0016h]
  Memory Error Info Handle      0015h
  Total Width                   64 bits
  Data Width                    64 bits
  Size                          8192MB
  Form Factor                   09h - DIMM
  Device Set                    [None]
  Device Locator                DIMMB1
  Bank Locator                  P0 CHANNEL B
  Memory Type                   22h - DDR5
  Type Detail                   4080h - Synchronous Unbuffered (Unregistered)
  Speed                         4800MHz
  Manufacturer                  Unknown
  Serial Number                         
  Asset Tag Number              [String Not Specified]
  Part Number                   UD5-5600                     
  Attributes                    1
  Extended Size                 0
  Configured Memory Speed       6000
  Minimum Voltage               1100
  Maximum Voltage               1100
  Configured Voltage            1100
  Memory Technology             3
  Memory Operating Mode Capability     8
  Firmware Version              6
  Module Manufacturer Id        61188
  Module Product Id             0
  Memory Subsystem Controller Manufacturer Id  0
  Memory Subsystem Controller Product Id       0
  Non-Volatile Size             0
  Volatile Size                 0
  Cache Size                    0
  Logical Size                  0
  Extended Speed                0
  Extended Configured Memory Speed     0
[Memory Device Mapped Address (Type 20) - Length 35 - Handle 0017h]
  Starting Address              00800000h
  Ending Address                00ffffffh
  Memory Device Handle          0016h
  Mem Array Mapped Adr Handle   0011h
  Partition Row Position        [Unknown]
  Interleave Position           [Unknown]
  Interleave Data Depth         [Unknown]
  Extended Starting Address     0000000000000000h
  Extended Ending Address       0000000000000000h
[ (Type 256) - Length 14 - Handle 0018h]
[ (Type 256) - Length 11 - Handle 0026h]
[ (Type 256) - Length 16 - Handle 0027h]
[ (Type 256) - Length 4 - Handle 0028h]
THREAD ffffb3046d298080  Cid 439c.4d74  Teb: 0000007b13ebf000 Win32Thread: ffffb3046cfc83c0 RUNNING on processor 6
IRP List:
    Unable to read nt!_IRP @ ffffb30466af5a20
Not impersonating
GetUlongFromAddress: unable to read from fffff8062361159c
Owning Process            ffffb3046a3ee080       Image:         EAAntiCheat.GameService.exe
Attached Process          N/A            Image:         N/A
fffff78000000000: Unable to get shared data
Wait Start TickCount      3469117     
Context Switch Count      1185           IdealProcessor: 4             
ReadMemory error: Cannot get nt!KeMaximumIncrement value.
UserTime                  00:00:00.000
KernelTime                00:00:00.000
Win32 Start Address 0x00007fffc4f2dfb0
Stack Init ffffde0b0de6f610 Current ffffde0b0de6ecd0
Base ffffde0b0de70000 Limit ffffde0b0de69000 Call 0000000000000000
Priority 15  BasePriority 15  IoPriority 2  PagePriority 5
Child-SP          RetAddr               : Args to Child                                                           : Call Site
ffffde0b`0de6e8f8 fffff806`22e45667     : 00000000`000000be ffffd8fc`0f615000 8a000000`04100121 ffffde0b`0de6eba0 : nt!KeBugCheckEx
ffffde0b`0de6e900 fffff806`22c39790     : 00000000`00000005 00000000`00000003 ffffde0b`0de6ec20 00000000`00000000 : nt!MiSystemFault+0x1cd107
ffffde0b`0de6ea00 fffff806`22e0e46d     : ffffffff`ffffffff 00000000`00000001 ffffc900`4b640180 fffff806`22ca3d05 : nt!MmAccessFault+0x400
ffffde0b`0de6eba0 fffff806`22e145f0     : fffff806`22cbc6d8 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x36d (TrapFrame @ ffffde0b`0de6eba0)
ffffde0b`0de6ed38 fffff806`22cbc6d8     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!memset+0x30
ffffde0b`0de6ed40 fffff806`232d3537     : 00000000`000001fb 00000000`780a804a 00000000`780a7e4f 00000000`0000000f : nt!RtlClearBitsEx+0x98
ffffde0b`0de6ed70 fffff806`232d34bc     : ffffb304`6de24a20 00000000`00000001 00000000`00000000 00000000`00001fa1 : nt!MiMarkRetpolineBits+0x63
ffffde0b`0de6eda0 fffff806`23212ec8     : ffffb304`6de24a20 ffffb304`6de24a20 ffffde0b`0de6eed0 00000000`00000001 : nt!MiMarkKernelImageRetpolineBits+0x34
ffffde0b`0de6edd0 fffff806`23161361     : 00000000`00000000 fffff806`ffffffff ffff98ff`00000001 ffffe307`1b690cc0 : nt!MiUnloadSystemImage+0x15e000
ffffde0b`0de6ef70 fffff806`2316128e     : ffffb304`68fdf500 ffffde0b`0de6f110 00000000`00000000 ffffb304`68fdf530 : nt!MmUnloadSystemImage+0x41
ffffde0b`0de6efa0 fffff806`2302d970     : ffffb304`68fdf500 ffffde0b`0de6f110 fffff806`23725400 ffffde0b`0de6f010 : nt!IopDeleteDriver+0x4e
ffffde0b`0de6eff0 fffff806`22c5ac67     : 00000000`00000000 00000000`00000000 ffffde0b`0de6f110 ffffb304`68fdf530 : nt!ObpRemoveObjectRoutine+0x80
ffffde0b`0de6f050 fffff806`22e20b7a     : 00000000`00000000 ffffb304`68fdf530 369634f3`00000000 ffffde0b`0de6ef00 : nt!ObfDereferenceObjectWithTag+0xc7
ffffde0b`0de6f090 fffff806`22c49a32     : ffffb304`52ffcf00 ffffb304`6a8ab000 ffffc900`4b4e4910 fffff806`22c4ad55 : nt!IopCompleteUnloadOrDelete+0x21da0a
ffffde0b`0de6f150 fffff806`2302a2c0     : ffffb304`78355610 00000000`00000000 00000000`00000000 fffff806`22c52a59 : nt!IopDecrementDeviceObjectRef+0x162
ffffde0b`0de6f1b0 fffff806`2302d970     : ffffb304`52ffcf00 00000000`00000001 ffffb304`783555e0 ffffb304`675ef740 : nt!IopDeleteFile+0x210
ffffde0b`0de6f230 fffff806`22c5ac67     : 00000000`00000000 00000000`00000000 ffffde0b`0de6f3b9 ffffb304`78355610 : nt!ObpRemoveObjectRoutine+0x80
ffffde0b`0de6f290 fffff806`230331d9     : ffffb304`783555e0 00000000`00000000 ffffe306`00000000 ffffb304`783555e0 : nt!ObfDereferenceObjectWithTag+0xc7
ffffde0b`0de6f2d0 fffff806`2302df1c     : 00000000`00000688 ffff98ff`95c9e15e ffffb304`6d298080 fffff806`22e12ae6 : nt!ObCloseHandleTableEntry+0x6c9
ffffde0b`0de6f410 fffff806`22e12b0b     : ffffb304`6d298000 000001bb`8da00000 ffffde0b`0de6f500 ffffffff`fe363c80 : nt!NtClose+0xec
ffffde0b`0de6f480 00007fff`c6f8d744     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExitPico+0x41f (TrapFrame @ ffffde0b`0de6f480)
0000007b`15bfe528 00000000`00000000     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`c6f8d744
 
Artı 0 Eksi
Sistem parçalarıyla alakalı bir sorun yok değil mi? Xbox controlcü bağlı bile değildi, Fusion 500 kulaklığın yazılımında ayarları bayağı kurcalamıştım, kulaklığın USB portlarını değiştirmiştim sürekli.
 
Artı 0 Eksi
Xbox o sıra bağlı değilse bir bug bile oluşmuş olabilir, emin değilim. Kulaklığın ayarlarını bir yere kaydedip varsayılanda oynayabilirsin ya da direkt Armoury Crate'i devre dışı bırakıp oynayabilirsin.
 
Artı 0 Eksi
Enes3078 dedi:
Xbox o sıra bağlı değilse bir bug bile oluşmuş olabilir, emin değilim. Kulaklığın ayarlarını bir yere kaydedip varsayılanda oynayabilirsin ya da direkt Armoury Crate'i devre dışı bırakıp oynayabilirsin.
Genişletmek için tıkla...
Küçültmek için tıkla...
Ayarları yalama gibi oynamıştım, portları da aynı şekilde, büyük ihtimal ondan oldu. Teşekkürler.

Sistem parçalarında sorun olmasın yeterli benim için.
 
Artı 0 Eksi
Kod: 
ATTEMPTED_WRITE_TO_READONLY_MEMORY (be)
An attempt was made to write to readonly memory.  The guilty driver is on the
stack trace (and is typically the current instruction pointer).
When possible, the guilty driver's name (Unicode string) is printed on
the BugCheck screen and saved in KiBugCheckDriver.
Arguments:
Arg1: ffffd8fc0f615000, Virtual address for the attempted write.
Arg2: 8a00000004100121, PTE contents.
Arg3: ffffde0b0de6eba0, (reserved)
Arg4: 000000000000000b, (reserved)

Bir şey, ReadOnly bir bellek bölgesine erişmeye çalışıyor. Bu tipik olarak imkansız bir erişimdir çünkü bu bellek bölgesi 3.taraf sürücüler için ayrılan bir alanda değildir. İlk değer pte adresimizi veriyor.

6: kd> !pte ffffd8fc0f615000
VA ffffd8fc0f615000
PXE at FFFFF67B3D9ECD88 PPE at FFFFF67B3D9B1F80 PDE at FFFFF67B363F03D8 PTE at FFFFF66C7E07B0A8
contains 0A0000000083D863 contains 0A0000043A2D6863 contains 1A0000043A278863 contains 8A00000004100121 / 2.parametre değeri
pfn 83d ---DA--KWEV pfn 43a2d6 ---DA--KWEV pfn 43a278 ---DA--KWEV pfn 4100 -G--A--KR-V
Genişletmek için tıkla...
Küçültmek için tıkla...

Kod: 
6: kd> k
 # Child-SP          RetAddr               Call Site
00 ffffde0b`0de6e8f8 fffff806`22e45667     nt!KeBugCheckEx
01 ffffde0b`0de6e900 fffff806`22c39790     nt!MiSystemFault+0x1cd107
02 ffffde0b`0de6ea00 fffff806`22e0e46d     nt!MmAccessFault+0x400 < Geçersiz erişim!
03 ffffde0b`0de6eba0 fffff806`22e145f0     nt!KiPageFault+0x36d < Çökme
04 ffffde0b`0de6ed38 fffff806`22cbc6d8     nt!memset+0x30
05 ffffde0b`0de6ed40 fffff806`232d3537     nt!RtlClearBitsEx+0x98 < Belirtilen bellek aralığını temizle
06 ffffde0b`0de6ed70 fffff806`232d34bc     nt!MiMarkRetpolineBits+0x63
07 ffffde0b`0de6eda0 fffff806`23212ec8     nt!MiMarkKernelImageRetpolineBits+0x34 ???
08 ffffde0b`0de6edd0 fffff806`23161361     nt!MiUnloadSystemImage+0x15e000 <
09 ffffde0b`0de6ef70 fffff806`2316128e     nt!MmUnloadSystemImage+0x41 < Sistem imajını sil. Memory manager
0a ffffde0b`0de6efa0 fffff806`2302d970     nt!IopDeleteDriver+0x4e
0b ffffde0b`0de6eff0 fffff806`22c5ac67     nt!ObpRemoveObjectRoutine+0x80
0c ffffde0b`0de6f050 fffff806`22e20b7a     nt!ObfDereferenceObjectWithTag+0xc7
0d ffffde0b`0de6f090 fffff806`22c49a32     nt!IopCompleteUnloadOrDelete+0x21da0a < İlgili objenin kaldırıldığını bildir
0e ffffde0b`0de6f150 fffff806`2302a2c0     nt!IopDecrementDeviceObjectRef+0x162 < Device Object referansını düşür. Objenin kullanılmadığını bildir
0f ffffde0b`0de6f1b0 fffff806`2302d970     nt!IopDeleteFile+0x210 < Dosyayı kaldır
10 ffffde0b`0de6f230 fffff806`22c5ac67     nt!ObpRemoveObjectRoutine+0x80 < Objeyi Kaldır
11 ffffde0b`0de6f290 fffff806`230331d9     nt!ObfDereferenceObjectWithTag+0xc7 < Objeyi 0'a ayarla
12 ffffde0b`0de6f2d0 fffff806`2302df1c     nt!ObCloseHandleTableEntry+0x6c9 < NtClose tarafından çağırılan ve handle tablo girişini kapatır
13 ffffde0b`0de6f410 fffff806`22e12b0b     nt!NtClose+0xec < İlgili objenin handle'ını kapat
14 ffffde0b`0de6f480 00007fff`c6f8d744     nt!KiSystemServiceExitPico+0x41f
15 0000007b`15bfe528 00000000`00000000     0x00007fff`c6f8d744 < Kullanıcı modundan gelen bir çağrı

Yığıta bakılırsa bir sürücünün birden fazla kez kaldırıldığını, yani aynı işlemlerin 2.kez çağrılması sonrası oluşan bellek leak'inin geçersiz bellek erişimine yol açtığını düşünüyorum. Daha doğrusu readonly bir bellek bölgesine erişim olduğunu görüyoruz. Kaldırılan sürücü nedir?

Bunu nt!IopDeleteDriver fonksiyonu ile beraber tutulanan sürücü nesnesinden bulabiliriz.

07 ffffde0b0de6efa0 nt!IopDeleteDriver+8x
Parameter[0] = ffffb30468fdf530 < Sürücü nesnesi.
Parameter[1] = (unknown)
Parameter[2] = (unknown)
Parameter[3] = (unknown)
Genişletmek için tıkla...
Küçültmek için tıkla...

6: kd> !drvobj ffffb30468fdf530
Driver object (ffffb30468fdf530) is for:
\FileSystem\EAAntiCheat

Driver Extension List: (id , addr)
Genişletmek için tıkla...
Küçültmek için tıkla...

Kaldırılmaya çalışırken sorun yaratan sürücünün apaçık EAC sürücüsü olduğu ortada. Sorun da bundan dolayı çıkıyor...

Kod: 
6: kd> lmvmEAAntiCheat
Browse full module list
start             end                 module name
fffff80a`7e4f0000 fffff80a`80491000   eaanticheat T (no symbols)          
    Loaded symbol image file: eaanticheat.sys
    Image path: \SystemRoot\system32\drivers\eaanticheat.sys
    Image name: eaanticheat.sys
    Browse all global symbols  functions  data
    Timestamp:        Fri Sep  6 05:24:14 2024 (66DA67CE)
    CheckSum:         01FE3103
    ImageSize:        01FA1000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
    Information from resource tables:

Sürücüsü güncel galiba.? Emin değilim. Durum tekrar ederse kaldırmanızı tavsiye ederim.
 
Artı 0 Eksi
Çözüm
@bicy MK 1'de video memory hatası alıyordum, Windows ayarlarından sanal belleği açtım, açınca oyunda artık hiç hata almamaya başladım, sonra BF5'e gireyim dedim ve girdim, çıkınca böyle ilginç bir hata verdi. Mavi ekran alma sebebim tamamen bu mu?

Mavi ekran sonrası sistemi Windows 11 temiz kurulum yaptım, sanal bellek aktif bir şekilde 6-7 saat oyun oynadım ve hata almadım, Armoury Crate vb yazılımları hiç kurcalamadım da.

bicy dedi:
Sürücüsü güncel galiba.?
Genişletmek için tıkla...
Küçültmek için tıkla...
BF5'i yükleyince otomatik olarak anti cheat onunla beraber yükleniyor, tıpki Valorant'ı yüklerken Vanguard'ın yüklenmesi gibi. Güncel olmama durumu yok, sanırım aldığım mavi ekran çok kutuplu. Bu arada hiçbir sürücüyü kaldırmaya çalışmadım, yukarıda anlatığım gibi oyunu indirip giriş yaptım, çıkınca da mavi ekran.
 
Son düzenleme:
Artı 0 Eksi
Sanal belleğin kapalı olması mavi ekrana sebebiyet verir tabii ki. Bunda anormal bir şey yok. Şu dosyada sorun EAC yani AC kaynaklı. Akabinde uzun süre kullanıp soru yaşamadığını söylüyorsun. O halde aynı şekilde devam edebilirsin. AC sürücülerinin verdiği refleksler karmaşık olabiliyor.

Hielah dedi:
BF5'i yükleyince otomatik olarak anti cheat onunla beraber yükleniyor, tıpki Valorant'ı yüklerken Vanguard'ın yüklenmesi gibi. Güncel olmama durumu yok, sanırım aldığım mavi ekran çok kutuplu. Bu arada hiçbir sürücüyü kaldırmaya çalışmadım, yukarıda anlatığım gibi oyunu indirip giriş yaptım, çıkınca da mavi ekran.
Genişletmek için tıkla...
Küçültmek için tıkla...
AC bir program ve ona bağlı bir sürücüsü mevcut. Vanguard VGK, VGC adlı 2 sürücüyü kullanır. EAC kendi özel sürücüsünü kullanır ve bunlar güncellenir. Sen fark etmesen de. FACEIT geçen günlerde güncelleme yaptığı AC programında kendi sürücüsünün NVIDIA sürücüsüyle uyumsuzluk yaratması nedeniyle mavi ekranlara sebep oldu örneğin. Keza Vanguard da sık güncellenen hatta sanırsam en sık güncellenen AC yazılımı. Bunlar yükledim oldu şeyler değil. O yüzden spesifik olarak EAC, güncellenmesi nispeten önemli bir AC. Sanırsam sende zaten güncel o yüzden bu hatayı şimdilik verdiği anlık bir refleks olarak görüyorum. Bir sürücünün 2 kere kaldırılması daha önce de gördüğüm bir şey. Sorun devam etmediği takdirde günlük kullanımına olduğu gibi devam edebilirsin.
 
Artı 0 Eksi

Benzer konular

D
  • Soru Soru
R5 7500F & RX 6800 XT sistemde Valorant açtıktan sonra mavi ekran hatası
Mesaj
2
Görüntüleme
55
Dagster3532
D
B
  • Soru Soru
R5 5600 ve RTX 3060 Sistemde Reaper Kullanırken Mavi Ekran Hatası
Mesaj
2
Görüntüleme
116
Bilgin
B
RaGo
  • Soru Soru
R7 7800X3D & B650 Eagle sistem açılırken mavi ekran hatası veriyor
Mesaj
2
Görüntüleme
73
X99
X99
RepLitance
  • Çözüldü
Çözüldü R5 7600X & RTX 5070 sistemin sürücüleri güncel olmasına rağmen mavi ekran hatası veriyor
2 3 4
Mesaj
35
Görüntüleme
415
X99
X99

Yeni konular

Yeni mesajlar