A Windows 10 system with a Killer Wireless 1535 Wireless Network Adapter crashes with a Bug Check 0xC8 (IRQL_UNEXPECTED_VALUE) after installing a Symantec Endpoint Protection (SEP) 12.1 or 14 client with the Firewall component.
In one thread, while a Net Buffer List (NBL) is being passed to Microsoft's NDIS stack, NDIS6 filter driver teefer.sys (our Symantec CMC Firewall Teefer3 driver) is injected and it passes on the origin NBL's IRQL, which is PASSIVE_LEVEL. At the same time, in another thread, bwcW10x64.sys (Killer Wireless' Bandwidth Control driver) changes the IRQL from PASSIVE_LEVEL to DISPATCH_LEVEL. As it fails to restore it back to the origin NBL's PASSIVE_LEVEL IRQL, the operating system detects an unexpected IRQL change and crashes the system to prevent further disruption.
If you can't upgrade immediately, there are currently two possible workarounds:
Unbind “Killer Bandwidth Control” from the Killer Wireless 1535 Wireless Network Adapter, thereby preventing bwcW10x64.sys (Killer Wireless' Bandwidth Control driver) being loaded and unexpectedly changing the IRQL.
Install the SEP 12.1 or SEP 14 client without the Firewall component and use the built-in Windows 10 firewall.
Subscribing will provide email updates when this Article is updated. Login is required.