Code:
1: kd> !thread fffff880009f40c0
THREAD fffff880009f40c0 Cid 0000.0000 Teb: 0000000000000000 Win32Thread: 0000000000000000 RUNNING on processor 1
Not impersonating
DeviceMap fffff8a000008b30
Owning Process fffff8000361f180 Image: Idle
Attached Process fffffa8003aec890 Image: System
Wait Start TickCount 0 Ticks: 35525 (0:00:09:14.193)
Context Switch Count 14070 IdealProcessor: 1
UserTime 00:00:00.000
KernelTime 00:08:57.719
Win32 Start Address nt!KiIdleLoop (0xfffff800034886f0)
Stack Init fffff88002f1bdb0 Current fffff88002f1bd40
Base fffff88002f1c000 Limit fffff88002f16000 Call 0
Priority 16 BasePriority 0 UnusualBoost 0 ForegroundBoost 0 IoPriority 0 PagePriority 0
Child-SP RetAddr : Args to Child : Call Site
fffff880`02f1bbd8 fffff800`03a0dae7 : fffffa80`056d3010 fffffa80`04dca000 fffffa80`0574e4a0 fffffa80`04dca000 : hal!HalpLegacyApicReadGenericReg+0xd
fffff880`02f1bbe0 fffff800`034e7f62 : fffff880`009e9180 00000000`00000001 fffffa80`054b01a0 fffffa80`054b01a0 : hal!HalRequestSoftwareInterrupt+0x58
fffff880`02f1bc10 fffff800`0349a3a9 : 00000000`0019c3d7 00000000`00000001 fffff880`009e9180 00000000`00000000 : nt!KeAccumulateTicks+0x4f76
fffff880`02f1bca0 fffff800`0348871c : fffff880`009e9180 fffff880`00000001 00000000`00000001 fffff880`00000000 : nt!PoIdle+0x65a
fffff880`02f1bd80 00000000`00000000 : fffff880`02f1c000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x2c
fffff800`03a0ef97 90 nop
fffff800`03a0ef98 0fba24250003feff0c bt dword ptr [0FFFFFFFFFFFE0300h],0Ch
fffff800`03a0efa1 72f5 jb hal!HalpLegacyApicWaitForIcr+0x2 (fffff800`03a0ef98)
fffff800`03a0efa3 f3c3 rep ret
fffff800`03a0efa5 90 nop
fffff800`03a0efa6 90 nop
fffff800`03a0efa7 90 nop
fffff800`03a0efa8 90 nop
fffff800`03a0efa9 90 nop
fffff800`03a0efaa 90 nop
fffff800`03a0efab 90 nop
hal!HalpX2ApicReadGenericReg:
fffff800`03a0efac c1e904 shr ecx,4
fffff800`03a0efaf 81c100080000 add ecx,800h
fffff800`03a0efb5 0f32 rdmsr
fffff800`03a0efb7 48c1e220 shl rdx,20h
fffff800`03a0efbb 480bc2 or rax,rdx
fffff800`03a0efbe c3 ret
This is looking like a bad processor, I'm quite positive of it.
We seem to be encountering an error when performing some legacy APIC function, but for some reason there's little documentation, which is unusual for hal functions.
I'm guessing it's some register read and write function, but clearly something went wrong.
So we're performing some interrupt routine when something goes wrong, and the processor stops responding, probably stuck in an infinite loop.
Okay, I'm noticing something strange, PRocessor #1 is trying to perform an IPI, currently initiating the Interrupt Command Register in the APIC to perform a read and write function, but the CPU is already performing a clock level IPI, and requested processor #1 to flush its registers. I'm not sure why it isn't accepting it though.
Code:
1: kd> dt nt!_KDPC fffffa8004dc4080
+0x000 Type : 0x13 ''
+0x001 Importance : 0x1 ''
+0x002 Number : 0x101
+0x008 DpcListEntry : _LIST_ENTRY [ 0xfffff880`009eb300 - 0xfffff880`009eb300 ]
+0x018 DeferredRoutine : 0xfffff880`04976ae4 void +0
+0x020 DeferredContext : 0xfffffa80`04dc4080 Void
+0x028 SystemArgument1 : (null)
+0x030 SystemArgument2 : (null)
+0x038 DpcData : 0xfffff880`009eb300 Void
1: kd> lmvm k57nd60a
Browse full module list
start end module name
fffff880`0493d000 fffff880`0498e000 k57nd60a (no symbols)
Loaded symbol image file: k57nd60a.sys
Image path: \SystemRoot\system32\DRIVERS\k57nd60a.sys
Image name: k57nd60a.sys
Browse all global symbols functions data
Timestamp: Thu Aug 06 12:44:32 2009 (4A7AC220)
CheckSum: 0005DC4B
ImageSize: 00051000
Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
Your Broadcom NetLink Gigabit Ethernet is out of date, and appears to be stuck in a DPC queue on the processor which isn't responding. I don't have much time at the moment, but I'll try and do some more digging later, tt could be conflictign with Avast.
I would remove Avast and update your network driver.
