Keith
Avast is killing netio.sys. I would remove it and use the built in defender in its place
Microsoft (R) Windows Debugger Version 6.3.9600.17298 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Ken\Desktop\030515-43281-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
WARNING: Whitespace at start of path element
WARNING: Whitespace at end of path element
Error: Empty Path.
Symbol search path is:
SRV*e:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 8 Kernel Version 9600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 9600.17630.amd64fre.winblue_r7.150109-2022
Machine Name:
Kernel base = 0xfffff803`dfe1a000 PsLoadedModuleList = 0xfffff803`e00f3250
Debug session time: Thu Mar 5 18:52:48.145 2015 (UTC - 5:00)
System Uptime: 0 days 0:11:53.911
Loading Kernel Symbols
...............................................................
................................................................
................................................................
Loading User Symbols
Loading unloaded module list
............
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck C2, {7, 1200, a420225b, ffffe0005c7a8008}
*** WARNING: Unable to verify timestamp for aswStm.sys
*** ERROR: Module load completed but symbols could not be loaded for aswStm.sys
GetPointerFromAddress: unable to read from fffff803e017d138
unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
Probably caused by : NETIO.SYS ( NETIO!NetioFreeMdl+232d3 )
Followup: MachineOwner
---------
3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
BAD_POOL_CALLER (c2)
The current thread is making a bad pool request. Typically this is at a bad IRQL level or double freeing the same allocation, etc.
Arguments:
Arg1: 0000000000000007, Attempt to free pool which was already freed
Arg2: 0000000000001200, (reserved)
Arg3: 00000000a420225b, Memory contents of the pool block
Arg4: ffffe0005c7a8008, Address of the block of pool being deallocated
Debugging Details:
------------------
POOL_ADDRESS: ffffe0005c7a8008
FREED_POOL_TAG: Mdl
BUGCHECK_STR: 0xc2_7_Mdl
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
PROCESS_NAME: AvastSvc.exe
CURRENT_IRQL: 2
ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre
LAST_CONTROL_TRANSFER: from fffff803e00bef56 to fffff803dff6a9a0
STACK_TEXT:
ffffd000`3a5bafa8 fffff803`e00bef56 : 00000000`000000c2 00000000`00000007 00000000`00001200 00000000`a420225b : nt!KeBugCheckEx
ffffd000`3a5bafb0 fffff800`70060653 : 00000000`00000000 fffff803`dfe6ccde ffffe000`5da03900 00000000`00000020 : nt!ExFreePool+0x26a
ffffd000`3a5bb0a0 fffff800`703e0824 : ffffe000`5e26d6a0 00000000`00000000 0000007f`fffffff8 00000980`00000000 : NETIO!NetioFreeMdl+0x232d3
ffffd000`3a5bb0f0 fffff800`70036142 : ffffe000`5a53ce80 fffff800`00000001 00000000`ffffff00 00000000`00000000 : tcpip!FlpReturnNetBufferListChain+0x87094
ffffd000`3a5bb140 fffff800`70568792 : 00000000`ffffff00 ffffe000`5a53ce80 00000000`00000000 ffffe000`5a53ce00 : NETIO!NetioDereferenceNetBufferList+0xb2
ffffd000`3a5bb180 fffff800`7056930d : ffffe000`5a53ce80 ffffe000`5d90ef50 ffffd000`3a5bb2c8 00001fff`a12f6e38 : fwpkclnt!FwppDereferenceNetioNetBufferList+0x46
ffffd000`3a5bb1d0 fffff800`70569466 : ffffe000`5a53ce80 ffffd000`3a5bb250 ffffd000`3a5bb2c0 ffffe000`5ed091c0 : fwpkclnt!FwpsDereferenceNetBufferList0+0x25
ffffd000`3a5bb200 fffff800`7103e524 : ffffe000`5d5cb020 00000000`00000000 00000000`ffffffe0 00000000`00001000 : fwpkclnt!FwpsFreeCloneNetBufferList0+0x106
ffffd000`3a5bb240 ffffe000`5d5cb020 : 00000000`00000000 00000000`ffffffe0 00000000`00001000 ffffe000`5aa3d0a0 : aswStm+0x1524
ffffd000`3a5bb248 00000000`00000000 : 00000000`ffffffe0 00000000`00001000 ffffe000`5aa3d0a0 fffff800`7103e217 : 0xffffe000`5d5cb020
STACK_COMMAND: kb
FOLLOWUP_IP:
NETIO!NetioFreeMdl+232d3
fffff800`70060653 90 nop
SYMBOL_STACK_INDEX: 2
SYMBOL_NAME: NETIO!NetioFreeMdl+232d3
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: NETIO
IMAGE_NAME: NETIO.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 546029c5
IMAGE_VERSION: 6.3.9600.17485
BUCKET_ID_FUNC_OFFSET: 232d3
FAILURE_BUCKET_ID: 0xc2_7_Mdl__NETIO!NetioFreeMdl
BUCKET_ID: 0xc2_7_Mdl__NETIO!NetioFreeMdl
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0xc2_7_mdl__netio!netiofreemdl
FAILURE_ID_HASH: {f2c46e80-d936-89a0-13f9-f9b302dc640b}
Followup: MachineOwner
---------