Had a BSOD

[Gaz1701]

I'm not sure whether I've still got this trojan or not (see this thread for details), but here's all the info you need

-Windows 7 X86
-Not the original OS (was Vista)
-Full retail (legally bought) version
-I bought my computer/hardware on 13th March 2007
-installed Win7 [only once] on 24th October 2009

Here's the Windows_NT6_BSOD_jcgriff2 folder & the PERFMON HTML zip file

 

[Tews]

Please follow these instructions when asking for help... Blue Screen of Death (BSOD) Posting Instructions

 

[Gaz1701]

I've edited it to comply with your instructions

 

[Tews]

Your .dmp file is pointing to pxrts.sys ( Prevx Realtime Scanner, Prevx Edge.) as the probable cause of your crash. Uninstall Prevex and use DriverSweeper to remove pxrts.sys from your system...

You can disable driver verifier now..

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced.  This cannot be protected by try-except,
it must be protected by a Probe.  Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: b7dac0d4, memory referenced.
Arg2: 00000000, value 0 = read operation, 1 = write operation.
Arg3: 81ac87a8, If non-zero, the instruction address which referenced the bad memory
	address.
Arg4: 00000000, (reserved)

Debugging Details:
------------------

Unable to load image \SystemRoot\System32\drivers\pxrts.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for pxrts.sys
*** ERROR: Module load completed but symbols could not be loaded for pxrts.sys

READ_ADDRESS: GetPointerFromAddress: unable to read from 81b70718
Unable to read MiSystemVaType memory at 81b50160
 b7dac0d4 

FAULTING_IP: 
nt!PsGetThreadProcessId+8
81ac87a8 8b802c020000    mov     eax,dword ptr [eax+22Ch]

MM_INTERNAL_CODE:  0

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP

BUGCHECK_STR:  0x50

PROCESS_NAME:  RocketDock.exe

CURRENT_IRQL:  0

TRAP_FRAME:  9912fc68 -- (.trap 0xffffffff9912fc68)
ErrCode = 00000000
eax=b7dabea8 ebx=00000000 ecx=b7dabea8 edx=00000001 esi=00000f8c edi=00000488
eip=81ac87a8 esp=9912fcdc ebp=9912fcdc iopl=0         nv up ei pl zr na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010246
nt!PsGetThreadProcessId+0x8:
81ac87a8 8b802c020000    mov     eax,dword ptr [eax+22Ch] ds:0023:b7dac0d4=????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from 81a4e638 to 81a8d903

STACK_TEXT:  
9912fc50 81a4e638 00000000 b7dac0d4 00000000 nt!MmAccessFault+0x106
9912fc50 81ac87a8 00000000 b7dac0d4 00000000 nt!KiTrap0E+0xdc
9912fcdc 8bdc57fb b7dabea8 00000488 00000488 nt!PsGetThreadProcessId+0x8
WARNING: Stack unwind information not available. Following frames may be wrong.
9912fd10 8bdc1ca3 00000005 b7dabea8 0012fdb0 pxrts+0x57fb
9912fd24 81a4b44a 00000488 00000000 0012fdd8 pxrts+0x1ca3
9912fd24 776d64f4 00000488 00000000 0012fdd8 nt!KiFastCallEntry+0x12a
0012fdd8 00000000 00000000 00000000 00000000 0x776d64f4


STACK_COMMAND:  kb

FOLLOWUP_IP: 
pxrts+57fb
8bdc57fb ??              ???

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  pxrts+57fb

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: pxrts

IMAGE_NAME:  pxrts.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4c909cd0

FAILURE_BUCKET_ID:  0x50_VRF_pxrts+57fb

BUCKET_ID:  0x50_VRF_pxrts+57fb

Followup: MachineOwner
---------

The following driver is out of date and should be updated..

nvm62x32.sys Fri Oct 17 17:00:39 2008 (48F8FCF7) ... nVidia Ethernet Networking Driver (nForce chipset driver) ... [url=http://www.nvidia.com/Download/index.aspx]Drivers - Download NVIDIA Drivers[/url]