- a
https://drive.google.com/file/d/0BzDs1bdKVqlAcU9CZ3BMY2M3Wnk5eVV0WkhFWG9kYmRsaEtz/view?usp=sharing
Technology Tips and News
https://drive.google.com/file/d/0BzDs1bdKVqlAcU9CZ3BMY2M3Wnk5eVV0WkhFWG9kYmRsaEtz/view?usp=sharing
MH
This was related to the NETwbw02.sys Intel Wireless WiFi Link Driver from Intel Corporation. I would remove the current driver and install the newest driver available
If you continue to crash I would remove Kaspersky and use the built in defender.
Microsoft (R) Windows Debugger Version 6.3.9600.17298 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\Users\zigza\Desktop\041715-27750-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available ************* Symbol Path validation summary ************** Response Time (ms) Location Deferred SRV*D:\Symbols*http://msdl.microsoft.com/download/symbols Symbol search path is: SRV*D:\Symbols*http://msdl.microsoft.com/download/symbols Executable search path is: Windows 8 Kernel Version 9600 MP (8 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 9600.16384.amd64fre.winblue_rtm.130821-1623 Machine Name: Kernel base = 0xfffff800`b7871000 PsLoadedModuleList = 0xfffff800`b7b389b0 Debug session time: Fri Apr 17 16:30:22.174 2015 (UTC - 4:00) System Uptime: 0 days 0:00:10.822 Loading Kernel Symbols ............................................................... ................................................................ .... Loading User Symbols Loading unloaded module list ... ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck D1, {0, 2, 0, fffff80003cf33f7} *** WARNING: Unable to verify timestamp for NETwbw02.sys *** ERROR: Module load completed but symbols could not be loaded for NETwbw02.sys Probably caused by : NETwbw02.sys ( NETwbw02+993f7 ) Followup: MachineOwner --------- 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If kernel debugger is available get stack backtrace. Arguments: Arg1: 0000000000000000, memory referenced Arg2: 0000000000000002, IRQL Arg3: 0000000000000000, value 0 = read operation, 1 = write operation Arg4: fffff80003cf33f7, address which referenced memory Debugging Details: ------------------ READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800b7bc1150 GetUlongFromAddress: unable to read from fffff800b7bc1208 0000000000000000 Nonpaged pool CURRENT_IRQL: 2 FAULTING_IP: NETwbw02+993f7 fffff800`03cf33f7 488b09 mov rcx,qword ptr [rcx] CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT BUGCHECK_STR: AV PROCESS_NAME: System ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre DPC_STACK_BASE: FFFFF800B9C46FB0 TRAP_FRAME: fffff800b9c3f6b0 -- (.trap 0xfffff800b9c3f6b0) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=ffffe00004f2ed70 rbx=0000000000000000 rcx=0000000000000000 rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000 rip=fffff80003cf33f7 rsp=fffff800b9c3f840 rbp=ffffe00004fd9890 r8=fffff800b9c3f890 r9=0000000000000000 r10=fffff800b7b62180 r11=fffff800b9c3f870 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl zr na po nc NETwbw02+0x993f7: fffff800`03cf33f7 488b09 mov rcx,qword ptr [rcx] ds:00000000`00000000=???????????????? Resetting default scope LAST_CONTROL_TRANSFER: from fffff800b79ccbe9 to fffff800b79c10a0 STACK_TEXT: fffff800`b9c3f568 fffff800`b79ccbe9 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx fffff800`b9c3f570 fffff800`b79cb43a : 00000000`00000000 00000000`00000000 ffff4ce4`1dc3da00 fffff800`b9c3f6b0 : nt!KiBugCheckDispatch+0x69 fffff800`b9c3f6b0 fffff800`03cf33f7 : 00000000`00000285 00000000`00000000 00000000`00000000 ffffe000`05be4ca0 : nt!KiPageFault+0x23a fffff800`b9c3f840 00000000`00000285 : 00000000`00000000 00000000`00000000 ffffe000`05be4ca0 fffff800`03e62df0 : NETwbw02+0x993f7 fffff800`b9c3f848 00000000`00000000 : 00000000`00000000 ffffe000`05be4ca0 fffff800`03e62df0 ffffe000`04fd9540 : 0x285 STACK_COMMAND: kb FOLLOWUP_IP: NETwbw02+993f7 fffff800`03cf33f7 488b09 mov rcx,qword ptr [rcx] SYMBOL_STACK_INDEX: 3 SYMBOL_NAME: NETwbw02+993f7 FOLLOWUP_NAME: MachineOwner MODULE_NAME: NETwbw02 IMAGE_NAME: NETwbw02.sys DEBUG_FLR_IMAGE_TIMESTAMP: 52a09c3a FAILURE_BUCKET_ID: AV_NETwbw02+993f7 BUCKET_ID: AV_NETwbw02+993f7 ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:av_netwbw02+993f7 FAILURE_ID_HASH: {1e0ec353-2360-690e-9374-7a77832276f2} Followup: MachineOwner ---------
Hello mhhajisaeed,
What is your current situation?
Is this issue resolved?
Best regards,
Fangzhou CHEN
MH
As usual we need the new DMP file