Dan
Simple. Your AVG. I would remove it and use the built in defender in its place
Microsoft (R) Windows Debugger Version 6.3.9600.17298 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Ken\Desktop\020215-9656-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*E:\symbols
Deferred *http://msdl.microsoft.com/download/symbols
Symbol search path is: srv*E:\symbols;*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 8 Kernel Version 9600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 9600.17328.amd64fre.winblue_r3.140827-1500
Machine Name:
Kernel base = 0xfffff803`74a88000 PsLoadedModuleList = 0xfffff803`74d5e370
Debug session time: Mon Feb 2 09:22:21.330 2015 (UTC - 5:00)
System Uptime: 3 days 16:00:47.998
Loading Kernel Symbols
...............................................................
................................................................
..................................................
Loading User Symbols
Loading unloaded module list
..................................................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1E, {ffffffffc0000005, fffff80066766050, ffffd000d171b378, ffffd000d171ab80}
*** ERROR: Symbol file could not be found. Defaulted to export symbols for fwpkclnt.sys -
*** WARNING: Unable to verify timestamp for avgfwd6a.sys
*** ERROR: Module load completed but symbols could not be loaded for avgfwd6a.sys
Probably caused by : NETIO.SYS ( NETIO!WfpNblInfoGet+0 )
Followup: MachineOwner
---------
3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80066766050, The address that the exception occurred at
Arg3: ffffd000d171b378, Parameter 0 of the exception
Arg4: ffffd000d171ab80, Parameter 1 of the exception
Debugging Details:
------------------
WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80374de8138
unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
ffffd000d171ab80
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
FAULTING_IP:
NETIO!WfpNblInfoGet+0
fffff800`66766050 488b81e0000000 mov rax,qword ptr [rcx+0E0h]
EXCEPTION_PARAMETER1: ffffd000d171b378
EXCEPTION_PARAMETER2: ffffd000d171ab80
BUGCHECK_STR: 0x1E_c0000005
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
PROCESS_NAME: System
CURRENT_IRQL: 0
ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre
EXCEPTION_RECORD: ffffe0010c03f528 -- (.exr 0xffffe0010c03f528)
ExceptionAddress: ffffe00110a51570
ExceptionCode: 00000000
ExceptionFlags: 00000000
NumberParameters: 1317
Parameter[0]: 0000000000000018
Parameter[1]: 0000000000000008
Parameter[2]: 0000000000000066
Parameter[3]: 0000000000000006
Parameter[4]: 00000000000015dc
Parameter[5]: 0000000000000000
Parameter[6]: 0000000000000032
Parameter[7]: 0000000000001b71
Parameter[8]: 0000000000000007
Parameter[9]: 0000000000001b94
Parameter[10]: 000000000000002a
Parameter[11]: 00000000000001c2
Parameter[12]: 0000000000000000
Parameter[13]: 0000000000000060
Parameter[14]: 0000000000000017
LAST_CONTROL_TRANSFER: from fffff80374c67bef to fffff80374bd71a0
STACK_TEXT:
ffffd000`d171a358 fffff803`74c67bef : 00000000`0000001e ffffffff`c0000005 fffff800`66766050 ffffd000`d171b378 : nt!KeBugCheckEx
ffffd000`d171a360 fffff803`74be8016 : 00000000`000005b0 00000000`00000001 ffffd000`d171a401 fffff803`74ae0d79 : nt!KiFatalFilter+0x1f
ffffd000`d171a3a0 fffff803`74bc6296 : fffff803`74dee452 ffffe001`0d0a6803 ffff803f`e7a34b4c ffffd729`0a9d3fb9 : nt! ?? ::FNODOBFM::`string'+0x966
ffffd000`d171a3e0 fffff803`74bde6ed : 00000000`00000000 ffffd000`d171a580 ffffd000`d171b378 ffffd000`d171a580 : nt!_C_specific_handler+0x86
ffffd000`d171a450 fffff803`74b52531 : 00000000`00000001 fffff803`74a88000 00000000`00000000 00000000`00000000 : nt!RtlpExecuteHandlerForException+0xd
ffffd000`d171a480 fffff803`74b566ea : ffffd000`d171b378 ffffd000`d171b080 ffffd000`d171b378 00000000`00000000 : nt!RtlDispatchException+0x1a5
ffffd000`d171ab50 fffff803`74be2dc2 : ffffe001`0c03f528 ffffd000`d171b420 ffffe001`0d29f040 ffffd000`d171b2c0 : nt!KiDispatchException+0x646
ffffd000`d171b240 fffff803`74be1514 : 00000000`00000000 00000000`00000000 ffffe001`18f5e400 ffffd000`d171b420 : nt!KiExceptionDispatch+0xc2
ffffd000`d171b420 fffff800`66766050 : fffff800`66b66045 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x214
ffffd000`d171b5b8 fffff800`66b66045 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : NETIO!WfpNblInfoGet
ffffd000`d171b5c0 fffff800`66bd2356 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff800`680b0e43 : fwpkclnt!FwppNetBufferListEventNotify+0x35
ffffd000`d171b690 fffff800`6665b991 : 00000000`00000000 00000000`00000000 ffffd000`d171b720 00000000`00000003 : wfplwfs!LwfLowerReturnNetBufferLists+0x56
ffffd000`d171b6e0 fffff803`74b43f46 : 00000000`00000000 ffffe001`10aaf030 fffff803`00000000 00000000`00000000 : ndis!ndisDataPathExpandStackCallback+0x31
ffffd000`d171b720 fffff800`6665b381 : fffff800`6665b960 ffffd000`d171b870 00000000`00000100 00000000`00000001 : nt!KeExpandKernelStackAndCalloutInternal+0xe6
ffffd000`d171b810 fffff800`6665b3d6 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ndis!ndisExpandStack+0x19
ffffd000`d171b850 fffff800`6665eafd : 00000000`00000001 ffffe001`00000001 ffffe001`12c2b330 00000000`00000000 : ndis!ndisExpandDataPathStack+0x4a
ffffd000`d171b8b0 fffff800`6665e8c3 : 00000000`00000001 00000000`00000012 00000000`00000000 fffff800`673e78b7 : ndis!ndisInvokeNextReceiveCompleteHandler+0xfddd
ffffd000`d171b940 fffff800`673ea3ab : ffffe001`0dae9880 ffffe001`0dae8700 ffffe001`c0000001 00000000`00000000 : ndis!NdisFReturnNetBufferLists+0x282
ffffd000`d171b9c0 ffffe001`0dae9880 : ffffe001`0dae8700 ffffe001`c0000001 00000000`00000000 00000000`00000000 : avgfwd6a+0x43ab
ffffd000`d171b9c8 ffffe001`0dae8700 : ffffe001`c0000001 00000000`00000000 00000000`00000000 fffff803`74d72a00 : 0xffffe001`0dae9880
ffffd000`d171b9d0 ffffe001`c0000001 : 00000000`00000000 00000000`00000000 fffff803`74d72a00 ffffe001`0c3f93c0 : 0xffffe001`0dae8700
ffffd000`d171b9d8 00000000`00000000 : 00000000`00000000 fffff803`74d72a00 ffffe001`0c3f93c0 00000000`00000002 : 0xffffe001`c0000001
STACK_COMMAND: kb
FOLLOWUP_IP:
NETIO!WfpNblInfoGet+0
fffff800`66766050 488b81e0000000 mov rax,qword ptr [rcx+0E0h]
SYMBOL_STACK_INDEX: 9
SYMBOL_NAME: NETIO!WfpNblInfoGet+0
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: NETIO
IMAGE_NAME: NETIO.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 540ebbe6
IMAGE_VERSION: 6.3.9600.17337
BUCKET_ID_FUNC_OFFSET: 0
FAILURE_BUCKET_ID: 0x1E_c0000005_NETIO!WfpNblInfoGet
BUCKET_ID: 0x1E_c0000005_NETIO!WfpNblInfoGet
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0x1e_c0000005_netio!wfpnblinfoget
FAILURE_ID_HASH: {1735c053-8c3c-72d0-9016-7612a27a855c}
Followup: MachineOwner
---------