UNEXPECTED_KERNEL_MODE_TRAP

K

kotenok2000

Member
Joined
Dec 19, 2017
Posts
7
  • I sometimes get a BSOD
  • Laptop or Desktop? Desktop
  • Exact model number (if laptop, check label on bottom)
  • OS ? (Windows 11, 10, 8.1, 8, 7, Vista) Microsoft Windows [Version 10.0.22631.4391]
  • x86 (32bit) or x64 (64bit)? x64
  • (Only for Vista, Windows 7) Service pack?
  • What was original installed OS on system? Windows 10
  • Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? Retail
  • Age of system? (hardware)
  • Age of OS installation? 2022
  • Have you re-installed the OS? Yes. My hard drive died.
  • Ryzen 3 3100
  • RAM (brand, EXACT model, what slots are you using?)
  • Capacity DeviceLocator FormFactor Manufacturer MemoryType PartNumber SerialNumber Speed
    8589934592 DIMM 1 8 Unknown 0 F4-3000C16-8GISB 00000000 3000
    8589934592 DIMM 1 8 Unknown 0 F4-3000C16-8GISB 00000000 3000
  • Video Card NVIDIA GTX 1650
  • Модель основной платы B450M BAZOOKA MAX WIFI (MS-7C87)
  • Power Supply - brand & wattage (if laptop, skip this one)
  • Is driver verifier enabled or disabled? Disabled
  • What security software are you using? (Firewall, antivirus, antimalware, antispyware, and so forth)
  • Are you using proxy, vpn, ipfilters or similar software?
  • Are you using Disk Image tools? (like daemon tools, alcohol 52% or 120%, virtual CloneDrive, roxio software)
  • Are you currently under/overclocking? Are there overclocking software installed on your system?
 

Attachments

Can you please set your system langauge to English then run the Sysnative Data Collection app again, and finally upload the new output. Most of us on here only read English.

Also DO NOT delete any files from the output before you upload it. We need ALL of the data collected please.

Can you also please open a command prompt and issue the command slmgr /dlv. A small window will open, please post a screenshot of that small window.
 
Many thanks for that, it helps a lot.

From the one dump that was uploaded your problem in that BSOD was almost certainly the WinDivert64.sys driver. Here's the failing instruction....
Code: 
4: kd> .frame /r e
0e ffffd88d`736fdac0 00000000`00000001     WinDivert64+0x571d
rax=00000000000000ff rbx=0000000000000001 rcx=ffff918e5799c080
rdx=ffffd88d736fd040 rsi=0000000000000001 rdi=0000000000000000
rip=fffff8013cd7571d rsp=ffffd88d736fdac0 rbp=0000000000000000
 r8=ffffd88d736fd140  r9=ffffd88d736fd178 r10=ffff918e5799ca58
r11=0000000000000001 r12=0000000000000001 r13=ffff918e4e9318d0
r14=0000000000000000 r15=0000000000000034
iopl=0         nv up di ng nz na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00040086
WinDivert64+0x571d:
fffff801`3cd7571d ??              ???
You can see at the bottom of the above that the instruction pointer (the RIP register) is pointing 0x571D bytes into the WinDivert.sys driver code, but at that address there is nothing - note the ??? indicating an invalid memory reference.

The version of WinDivert.sys that you have installed is also ancient, dating from October 2019 and thus pre-dating the initial release of Windows 11 by 2 years...
Code: 
4: kd> lmvm WinDivert64
Browse full module list
start             end                 module name
fffff801`3cd70000 fffff801`3cd8c000   WinDivert64 T (no symbols)        
    Loaded symbol image file: WinDivert64.sys
    Image path: \??\E:\Новая папка\goodbyedpi-0.2.2\x86_64\WinDivert64.sys
    Image name: WinDivert64.sys
    Browse all global symbols  functions  data  Symbol Reload
    Timestamp:        Tue Oct 15 03:06:43 2019 (5DA50D93)
    CheckSum:         00024DC4
    ImageSize:        0001C000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
    Information from resource tables:
It's entirely possible that this driver is not fully compatible with Windows 11. I would contact WinDivert for an updated version of their packet sniffer, version 2.2 is apparently Windows 11 compliant.
 
Back
Top