This problem can be caused by malicious programs, such as worms, trojans, and viruses. On Windows XP SP2 and Windows Server 2003 SP1, a new feature called DEP (Data Execution Prevention) performs additional checks on memory to help protect against malicious code exploits. There is a type of attack that attempts to insert and execute code from a non-executable memory locations. DEP helps prevent these attacks by intercepting them and raising an exception. A user mode DEP exception, which is an exception caused by an application that does not run in kernel mode results in a STATUS_ACCESS_VIOLATION (0xC0000005) on Windows systems. In most processes, the STATUS_ACCESS_VIOLATION exception will be an unhandled exception and results in the termination of the process.
See "Data Execution Prevention" and "Changes to Functionality in Microsoft Windows XP Service Pack 2" for additional information on DEP.
A memory access violation occurred. (Parameter 4 of the bug check is the address, which the driver attempted to access.) Typically generated by faulty drivers.
This status code maps to Win32 error code "ERROR_NOACCESS".
Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.
Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.