Avast 7 aswSnx.SYS BSOD (chrome involved)

Hi,

This BSOD appeared while I was browsing the web (with google chrome). Avast version is 7.0.1466. Here is windbg output:

Microsoft (R) Windows Debugger Version 6.2.8400.0 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available

Symbol search path is: SRVD:\Code\Symbolshttp://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
Machine Name:
Kernel base = 0xfffff80003207000 PsLoadedModuleList = 0xfffff8000344b670
Debug session time: Sat Sep 8 04:33:29.166 2012 (UTC + 2:00)
System Uptime: 0 days 14:19:19.774
Loading Kernel Symbols



Loading User Symbols
PEB is paged out (Peb.Ldr = 00000000`7efdf018). Type “.hh dbgerr001” for details
Loading unloaded module list


  •                                                                         *
    
  •                    Bugcheck Analysis                                    *
    
  •                                                                         *
    

Use !analyze -v to get detailed debugging information.

BugCheck 50, {fffff8ff00006040, 0, fffff8000327cbf0, 5}

*** ERROR: Module load completed but symbols could not be loaded for aswSnx.SYS
Probably caused by : aswSnx.SYS ( aswSnx+27e6f )

Followup: MachineOwner

0: kd> !analyze -v


  •                                                                         *
    
  •                    Bugcheck Analysis                                    *
    
  •                                                                         *
    

PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: fffff8ff00006040, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff8000327cbf0, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000005, (reserved)

Debugging Details:

READ_ADDRESS: fffff8ff00006040 Paged pool

FAULTING_IP:
nt!memmove+60
fffff800`0327cbf0 488b040a mov rax,qword ptr [rdx+rcx]

MM_INTERNAL_CODE: 5

DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT

BUGCHECK_STR: 0x50

PROCESS_NAME: chrome.exe

CURRENT_IRQL: 0

TRAP_FRAME: fffff88008553020 – (.trap 0xfffff88008553020)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000010 rbx=0000000000000000 rcx=00000000087eea08
rdx=fffff8fef7817638 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8000327cbf0 rsp=fffff880085531b8 rbp=00000000000016e0
r8=000000000000000e r9=0000000000000001 r10=0000000000000010
r11=00000000087eea08 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na pe cy
nt!memmove+0x60:
fffff8000327cbf0 488b040a mov rax,qword ptr [rdx+rcx] ds:fffff8ff00006040=???
Resetting default scope

LAST_CONTROL_TRANSFER: from fffff8000322cf0f to fffff800032861c0

STACK_TEXT:
fffff88008552eb8 fffff8000322cf0f : 0000000000000050 fffff8ff00006040 0000000000000000 fffff88008553020 : nt!KeBugCheckEx
fffff88008552ec0 fffff800032842ee : 0000000000000000 fffff8ff00006040 0000000100000000 fffffa80039ef080 : nt! ?? ::FNODOBFM::string'+0x43d51 fffff88008553020 fffff8000327cbf0 : fffff8000351e6f1 00000000087ee9a0 0000000000000001 0000000000000002 : nt!KiPageFault+0x16e fffff880085531b8 fffff8000351e6f1 : 00000000087ee9a0 0000000000000001 0000000000000002 00000000000016e0 : nt!memmove+0x60 fffff880085531c0 fffff80003562e75 : 0000000000000000 0000000000000000 0000000000000000 ffff010100000001 : nt!ObQueryTypeInfo+0xb1 fffff88008553200 fffff88004299e6f : 00000000087ee9a0 fffffa8007cfbdc0 0000000000000002 0000000000000000 : nt!NtQueryObject+0x2ab fffff88008553310 fffff8800434d579 : 0000000000000000 fffff88008553500 fffffa8007cfbdc0 0000000000000500 : aswSnx+0x27e6f fffff88008553360 fffff88004275510 : 000000000053ecd0 0000000000000000 fffffa800000008c fffffa8004f22948 : aswSnx+0xdb579 fffff880085539c0 fffff8000359c717 : fffffa8000000000 fffffa8005d02370 fffffa8005d02370 fffffa8004f22830 : aswSnx+0x3510 fffff88008553a10 fffff8000359cf76 : 0000000000000000 0000000000000000 0000000000000001 0000000000000000 : nt!IopXxxControlFile+0x607 fffff88008553b40 fffff80003285453 : fffffa8008636b50 00000000087ee188 fffff88008553bc8 fffffa8000000000 : nt!NtDeviceIoControlFile+0x56 fffff88008553bb0 000000007762138a : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!KiSystemServiceCopyEnd+0x13 00000000087ee098 0000000000000000 : 0000000000000000 0000000000000000 0000000000000000 00000000`00000000 : 0x7762138a

STACK_COMMAND: kb

FOLLOWUP_IP:
aswSnx+27e6f
fffff880`04299e6f 85c0 test eax,eax

SYMBOL_STACK_INDEX: 6

SYMBOL_NAME: aswSnx+27e6f

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: aswSnx

IMAGE_NAME: aswSnx.SYS

DEBUG_FLR_IMAGE_TIMESTAMP: 50334f74

FAILURE_BUCKET_ID: X64_0x50_aswSnx+27e6f

BUCKET_ID: X64_0x50_aswSnx+27e6f

Followup: MachineOwner

0: kd> lmvm aswSnx
start end module name
fffff88004272000 fffff88004362000 aswSnx (no symbols)
Loaded symbol image file: aswSnx.SYS
Image path: \SystemRoot\System32\Drivers\aswSnx.SYS
Image name: aswSnx.SYS
Timestamp: Tue Aug 21 11:05:56 2012 (50334F74)
CheckSum: 000F3B11
ImageSize: 000F0000
Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
0: kd> .bugcheck
Bugcheck code 00000050
Arguments fffff8ff00006040 0000000000000000 fffff8000327cbf0 0000000000000005