My Friend's BSOD dmp file Please help

1. 0: kd> !analyze -v
2. Loading Kernel Symbols
3. ..
4.  
5. Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
6. Run !sym noisy before .reload to track down problems loading symbols.
7.  
8. .............................................................
9. ................................................................
10. ................................................................
11. ....
12. Loading User Symbols
13. PEB is paged out (Peb.Ldr = 0000009e`b1bc1018). Type ".hh dbgerr001" for details
14. Loading unloaded module list
15. .........
16. *******************************************************************************
17. * *
18. * Bugcheck Analysis *
19. * *
20. *******************************************************************************
21.  
22. KERNEL_SECURITY_CHECK_FAILURE (139)
23. A kernel component has corrupted a critical data structure. The corruption
24. could potentially allow a malicious user to gain control of this machine.
25. Arguments:
26. Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
27. Arg2: ffffe08cb40af010, Address of the trap frame for the exception that caused the BugCheck
28. Arg3: ffffe08cb40aef68, Address of the exception record for the exception that caused the BugCheck
29. Arg4: 0000000000000000, Reserved
30.  
31. Debugging Details:
32. ------------------
33.  
34.  
35. KEY_VALUES_STRING: 1
36.  
37. Key : Analysis.CPU.mSec
38. Value: 1031
39.  
40. Key : Analysis.Elapsed.mSec
41. Value: 1894
42.  
43. Key : Analysis.IO.Other.Mb
44. Value: 0
45.  
46. Key : Analysis.IO.Read.Mb
47. Value: 1
48.  
49. Key : Analysis.IO.Write.Mb
50. Value: 23
51.  
52. Key : Analysis.Init.CPU.mSec
53. Value: 828
54.  
55. Key : Analysis.Init.Elapsed.mSec
56. Value: 45970
57.  
58. Key : Analysis.Memory.CommitPeak.Mb
59. Value: 108
60.  
61. Key : Analysis.Version.DbgEng
62. Value: 10.0.27871.1001
63.  
64. Key : Analysis.Version.Description
65. Value: 10.2505.01.02 amd64fre
66.  
67. Key : Analysis.Version.Ext
68. Value: 1.2505.1.2
69.  
70. Key : Bugcheck.Code.LegacyAPI
71. Value: 0x139
72.  
73. Key : Bugcheck.Code.TargetModel
74. Value: 0x139
75.  
76. Key : Dump.Attributes.AsUlong
77. Value: 0x21808
78.  
79. Key : Dump.Attributes.DiagDataWrittenToHeader
80. Value: 1
81.  
82. Key : Dump.Attributes.ErrorCode
83. Value: 0x0
84.  
85. Key : Dump.Attributes.KernelGeneratedTriageDump
86. Value: 1
87.  
88. Key : Dump.Attributes.LastLine
89. Value: Dump completed successfully.
90.  
91. Key : Dump.Attributes.ProgressPercentage
92. Value: 0
93.  
94. Key : FailFast.Name
95. Value: CORRUPT_LIST_ENTRY
96.  
97. Key : FailFast.Type
98. Value: 3
99.  
100. Key : Failure.Bucket
101. Value: 0x139_3_CORRUPT_LIST_ENTRY_nt!KiFastFailDispatch
102.  
103. Key : Failure.Exception.Code
104. Value: 0xc0000409
105.  
106. Key : Failure.Exception.Record
107. Value: 0xffffe08cb40aef68
108.  
109. Key : Failure.Hash
110. Value: {3aede96a-54dd-40d6-d4cb-2a161a843851}
111.  
112. Key : Hypervisor.Enlightenments.ValueHex
113. Value: 0x7497cf94
114.  
115. Key : Hypervisor.Flags.AnyHypervisorPresent
116. Value: 1
117.  
118. Key : Hypervisor.Flags.ApicEnlightened
119. Value: 1
120.  
121. Key : Hypervisor.Flags.ApicVirtualizationAvailable
122. Value: 0
123.  
124. Key : Hypervisor.Flags.AsyncMemoryHint
125. Value: 0
126.  
127. Key : Hypervisor.Flags.CoreSchedulerRequested
128. Value: 0
129.  
130. Key : Hypervisor.Flags.CpuManager
131. Value: 1
132.  
133. Key : Hypervisor.Flags.DeprecateAutoEoi
134. Value: 0
135.  
136. Key : Hypervisor.Flags.DynamicCpuDisabled
137. Value: 1
138.  
139. Key : Hypervisor.Flags.Epf
140. Value: 0
141.  
142. Key : Hypervisor.Flags.ExtendedProcessorMasks
143. Value: 1
144.  
145. Key : Hypervisor.Flags.HardwareMbecAvailable
146. Value: 1
147.  
148. Key : Hypervisor.Flags.MaxBankNumber
149. Value: 0
150.  
151. Key : Hypervisor.Flags.MemoryZeroingControl
152. Value: 0
153.  
154. Key : Hypervisor.Flags.NoExtendedRangeFlush
155. Value: 0
156.  
157. Key : Hypervisor.Flags.NoNonArchCoreSharing
158. Value: 1
159.  
160. Key : Hypervisor.Flags.Phase0InitDone
161. Value: 1
162.  
163. Key : Hypervisor.Flags.PowerSchedulerQos
164. Value: 0
165.  
166. Key : Hypervisor.Flags.RootScheduler
167. Value: 0
168.  
169. Key : Hypervisor.Flags.SynicAvailable
170. Value: 1
171.  
172. Key : Hypervisor.Flags.UseQpcBias
173. Value: 0
174.  
175. Key : Hypervisor.Flags.Value
176. Value: 38408431
177.  
178. Key : Hypervisor.Flags.ValueHex
179. Value: 0x24a10ef
180.  
181. Key : Hypervisor.Flags.VpAssistPage
182. Value: 1
183.  
184. Key : Hypervisor.Flags.VsmAvailable
185. Value: 1
186.  
187. Key : Hypervisor.RootFlags.AccessStats
188. Value: 1
189.  
190. Key : Hypervisor.RootFlags.CrashdumpEnlightened
191. Value: 1
192.  
193. Key : Hypervisor.RootFlags.CreateVirtualProcessor
194. Value: 1
195.  
196. Key : Hypervisor.RootFlags.DisableHyperthreading
197. Value: 0
198.  
199. Key : Hypervisor.RootFlags.HostTimelineSync
200. Value: 1
201.  
202. Key : Hypervisor.RootFlags.HypervisorDebuggingEnabled
203. Value: 0
204.  
205. Key : Hypervisor.RootFlags.IsHyperV
206. Value: 1
207.  
208. Key : Hypervisor.RootFlags.LivedumpEnlightened
209. Value: 1
210.  
211. Key : Hypervisor.RootFlags.MapDeviceInterrupt
212. Value: 1
213.  
214. Key : Hypervisor.RootFlags.MceEnlightened
215. Value: 1
216.  
217. Key : Hypervisor.RootFlags.Nested
218. Value: 0
219.  
220. Key : Hypervisor.RootFlags.StartLogicalProcessor
221. Value: 1
222.  
223. Key : Hypervisor.RootFlags.Value
224. Value: 1015
225.  
226. Key : Hypervisor.RootFlags.ValueHex
227. Value: 0x3f7
228.  
229.  
230. BUGCHECK_CODE: 139
231.  
232. BUGCHECK_P1: 3
233.  
234. BUGCHECK_P2: ffffe08cb40af010
235.  
236. BUGCHECK_P3: ffffe08cb40aef68
237.  
238. BUGCHECK_P4: 0
239.  
240. FILE_IN_CAB: 071625-8390-01.dmp
241.  
242. TAG_NOT_DEFINED_202b: *** Unknown TAG in analysis list 202b
243.  
244.  
245. DUMP_FILE_ATTRIBUTES: 0x21808
246. Kernel Generated Triage Dump
247.  
248. FAULTING_THREAD: ffff958fbcde8080
249.  
250. TRAP_FRAME: ffffe08cb40af010 -- (.trap 0xffffe08cb40af010)
251. NOTE: The trap frame does not contain all registers.
252. Some register values may be zeroed or incorrect.
253. rax=ffff958fba6dfbd8 rbx=0000000000000000 rcx=0000000000000003
254. rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
255. rip=fffff806a16c5c49 rsp=ffffe08cb40af1a0 rbp=ffff958fbcde8900
256. r8=0000000000000000 r9=4000000000000220 r10=0000fffff806a16c
257. r11=ffff757db7a00000 r12=0000000000000000 r13=0000000000000000
258. r14=0000000000000000 r15=0000000000000000
259. iopl=0 nv up ei pl nz na po nc
260. nt!EtwpDeleteRegistrationObject+0x109:
261. fffff806`a16c5c49 cd29 int 29h
262. Resetting default scope
263.  
264. EXCEPTION_RECORD: ffffe08cb40aef68 -- (.exr 0xffffe08cb40aef68)
265. ExceptionAddress: fffff806a16c5c49 (nt!EtwpDeleteRegistrationObject+0x0000000000000109)
266. ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
267. ExceptionFlags: 00000001
268. NumberParameters: 1
269. Parameter[0]: 0000000000000003
270. Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
271.  
272. BLACKBOXBSD: 1 (!blackboxbsd)
273.  
274.  
275. BLACKBOXNTFS: 1 (!blackboxntfs)
276.  
277.  
278. BLACKBOXWINLOGON: 1
279.  
280. CUSTOMER_CRASH_COUNT: 1
281.  
282. PROCESS_NAME: msedge.exe
283.  
284. ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
285.  
286. EXCEPTION_CODE_STR: c0000409
287.  
288. EXCEPTION_PARAMETER1: 0000000000000003
289.  
290. EXCEPTION_STR: 0xc0000409
291.  
292. STACK_TEXT:
293. ffffe08c`b40aece8 fffff806`a14b96e9 : 00000000`00000139 00000000`00000003 ffffe08c`b40af010 ffffe08c`b40aef68 : nt!KeBugCheckEx
294. ffffe08c`b40aecf0 fffff806`a14b9cf2 : 00000000`334e9b3f fffff806`a11239f9 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
295. ffffe08c`b40aee30 fffff806`a14b7928 : ffffe900`0404cd30 fffff806`00000000 00000001`56ef1025 fffff806`00000000 : nt!KiFastFailDispatch+0xb2
296. ffffe08c`b40af010 fffff806`a16c5c49 : ffff958f`bcc83d10 ffff958f`00000000 ffff958f`00000100 00000000`00000000 : nt!KiRaiseSecurityCheckFailure+0x368
297. ffffe08c`b40af1a0 fffff806`a165191a : ffff958f`bcc83ce0 00000000`00000000 ffff958f`bcc83d10 ffffde3f`fdc99350 : nt!EtwpDeleteRegistrationObject+0x109
298. ffffe08c`b40af200 fffff806`a1105108 : 00000000`00000000 00000000`00000000 ffffe08c`b40af3a0 ffff958f`bcc83d10 : nt!ObpRemoveObjectRoutine+0x11a
299. ffffe08c`b40af260 fffff806`a1657249 : 00000000`00000001 00000000`00000001 ffffe08c`b40af3f0 00000000`00000000 : nt!ObfDereferenceObjectWithTag+0x108
300. ffffe08c`b40af2a0 fffff806`a16559b9 : 00000000`00000000 00000000`0000000a 00000000`00000000 00000000`00000000 : nt!ObCloseHandleTableEntry+0x3d9
301. ffffe08c`b40af3f0 fffff806`a14b8d58 : ffff958f`bcde8000 00000000`00000000 ffff958f`bcde8080 0000009e`b23fef28 : nt!NtClose+0xe9
302. ffffe08c`b40af460 00007ffb`eba21fb4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
303. 0000009e`b23fee08 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffb`eba21fb4
304.  
305.  
306. SYMBOL_NAME: nt!KiFastFailDispatch+b2
307.  
308. MODULE_NAME: nt
309.  
310. IMAGE_NAME: ntkrnlmp.exe
311.  
312. IMAGE_VERSION: 10.0.26100.4652
313.  
314. STACK_COMMAND: .process /r /p 0xffff958fbcde7080; .thread 0xffff958fbcde8080 ; kb
315.  
316. BUCKET_ID_FUNC_OFFSET: b2
317.  
318. FAILURE_BUCKET_ID: 0x139_3_CORRUPT_LIST_ENTRY_nt!KiFastFailDispatch
319.  
320. OSPLATFORM_TYPE: x64
321.  
322. OSNAME: Windows 10
323.  
324. FAILURE_ID_HASH: {3aede96a-54dd-40d6-d4cb-2a161a843851}
325.  
326. Followup: MachineOwner
327. ---------