Hi,
This BSOD appeared while I was browsing the web (with google chrome). Avast version is 7.0.1466. Here is windbg output:
Microsoft (R) Windows Debugger Version 6.2.8400.0 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available
Symbol search path is: SRVD:\Code\Symbolshttp://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
Machine Name:
Kernel base = 0xfffff80003207000 PsLoadedModuleList = 0xfffff800
0344b670
Debug session time: Sat Sep 8 04:33:29.166 2012 (UTC + 2:00)
System Uptime: 0 days 14:19:19.774
Loading Kernel Symbols
…
…
…
Loading User Symbols
PEB is paged out (Peb.Ldr = 00000000`7efdf018). Type “.hh dbgerr001” for details
Loading unloaded module list
…
-
*
-
Bugcheck Analysis *
-
*
Use !analyze -v to get detailed debugging information.
BugCheck 50, {fffff8ff00006040, 0, fffff8000327cbf0, 5}
*** ERROR: Module load completed but symbols could not be loaded for aswSnx.SYS
Probably caused by : aswSnx.SYS ( aswSnx+27e6f )
Followup: MachineOwner
0: kd> !analyze -v
-
*
-
Bugcheck Analysis *
-
*
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: fffff8ff00006040, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff8000327cbf0, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000005, (reserved)
Debugging Details:
READ_ADDRESS: fffff8ff00006040 Paged pool
FAULTING_IP:
nt!memmove+60
fffff800`0327cbf0 488b040a mov rax,qword ptr [rdx+rcx]
MM_INTERNAL_CODE: 5
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
BUGCHECK_STR: 0x50
PROCESS_NAME: chrome.exe
CURRENT_IRQL: 0
TRAP_FRAME: fffff88008553020 – (.trap 0xfffff88008553020)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000010 rbx=0000000000000000 rcx=00000000087eea08
rdx=fffff8fef7817638 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8000327cbf0 rsp=fffff880085531b8 rbp=00000000000016e0
r8=000000000000000e r9=0000000000000001 r10=0000000000000010
r11=00000000087eea08 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na pe cy
nt!memmove+0x60:
fffff8000327cbf0 488b040a mov rax,qword ptr [rdx+rcx] ds:fffff8ff
00006040=???
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff8000322cf0f to fffff800032861c0
STACK_TEXT:
fffff88008552eb8 fffff800
0322cf0f : 0000000000000050 fffff8ff
00006040 0000000000000000 fffff880
08553020 : nt!KeBugCheckEx
fffff88008552ec0 fffff800
032842ee : 0000000000000000 fffff8ff
00006040 0000000100000000 fffffa80
039ef080 : nt! ?? ::FNODOBFM::string'+0x43d51 fffff880
08553020 fffff8000327cbf0 : fffff800
0351e6f1 00000000087ee9a0 00000000
00000001 0000000000000002 : nt!KiPageFault+0x16e fffff880
085531b8 fffff8000351e6f1 : 00000000
087ee9a0 0000000000000001 00000000
00000002 00000000000016e0 : nt!memmove+0x60 fffff880
085531c0 fffff80003562e75 : 00000000
00000000 0000000000000000 00000000
00000000 ffff010100000001 : nt!ObQueryTypeInfo+0xb1 fffff880
08553200 fffff88004299e6f : 00000000
087ee9a0 fffffa8007cfbdc0 00000000
00000002 0000000000000000 : nt!NtQueryObject+0x2ab fffff880
08553310 fffff8800434d579 : 00000000
00000000 fffff88008553500 fffffa80
07cfbdc0 0000000000000500 : aswSnx+0x27e6f fffff880
08553360 fffff88004275510 : 00000000
0053ecd0 0000000000000000 fffffa80
0000008c fffffa8004f22948 : aswSnx+0xdb579 fffff880
085539c0 fffff8000359c717 : fffffa80
00000000 fffffa8005d02370 fffffa80
05d02370 fffffa8004f22830 : aswSnx+0x3510 fffff880
08553a10 fffff8000359cf76 : 00000000
00000000 0000000000000000 00000000
00000001 0000000000000000 : nt!IopXxxControlFile+0x607 fffff880
08553b40 fffff80003285453 : fffffa80
08636b50 00000000087ee188 fffff880
08553bc8 fffffa8000000000 : nt!NtDeviceIoControlFile+0x56 fffff880
08553bb0 000000007762138a : 00000000
00000000 0000000000000000 00000000
00000000 0000000000000000 : nt!KiSystemServiceCopyEnd+0x13 00000000
087ee098 0000000000000000 : 00000000
00000000 0000000000000000 00000000
00000000 00000000`00000000 : 0x7762138a
STACK_COMMAND: kb
FOLLOWUP_IP:
aswSnx+27e6f
fffff880`04299e6f 85c0 test eax,eax
SYMBOL_STACK_INDEX: 6
SYMBOL_NAME: aswSnx+27e6f
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: aswSnx
IMAGE_NAME: aswSnx.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 50334f74
FAILURE_BUCKET_ID: X64_0x50_aswSnx+27e6f
BUCKET_ID: X64_0x50_aswSnx+27e6f
Followup: MachineOwner
0: kd> lmvm aswSnx
start end module name
fffff88004272000 fffff880
04362000 aswSnx (no symbols)
Loaded symbol image file: aswSnx.SYS
Image path: \SystemRoot\System32\Drivers\aswSnx.SYS
Image name: aswSnx.SYS
Timestamp: Tue Aug 21 11:05:56 2012 (50334F74)
CheckSum: 000F3B11
ImageSize: 000F0000
Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
0: kd> .bugcheck
Bugcheck code 00000050
Arguments fffff8ff00006040 00000000
00000000 fffff8000327cbf0 00000000
00000005