Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: "Malicious software warning", then costant BSODs


09 Aug 2012   #1

Windows 7 64 bit
 
 
"Malicious software warning", then costant BSODs

yesterday everything was good and fine, when suddenly I got a bubble notification saying there was a possibly of some malicious software. I wasn't browsing any new sites or anything, and it suddenly went blue screen on me. Now whenever I restart windows it looks like it's fine, then like one minute later it gives a blue screen and a restart (so fast I cant hardly read the stop error messages. I think it said stop error 0x000000a but I'm not sure)

anyhoo, here are my dump stuff per intructions




Attached Files
File Type: zip Seven Forums.zip (2.50 MB, 3 views)
My System SpecsSystem Spec
.

10 Aug 2012   #2

 
 

Quote   Quote: Originally Posted by piemanmoo View Post
yesterday everything was good and fine, when suddenly I got a bubble notification saying there was a possibly of some malicious software.
Since the PC seems to be crashing in about a minute or so, obviously you won't be able to do a normal AV scan. So:

Boot into safe mode - with networking (to give you internet access)

open a browser and run:

ESET Online Virus Scanner | ESET

And see if it picks up any nasties.

Also download and install MBAM


Run MBAM in safemode as well.


The crash dumps all show system files which doesn't point to a specific culprit. Essentially the BSOD code doesn't matter that much.


See how you go after running the scans.
My System SpecsSystem Spec
10 Aug 2012   #3

Windows 7 64 bit
 
 

MBAM found a few threats, but choosing to delete them required me to restart, lauching windows out of safemode where it thereupon crashed again.


As for the online scan, it also found some threats, listed below:

C:\ProgramData\Microsoft\Windows\DRM\AAC1.tmp Win64/Olmarik.AH trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\AAC2.tmp Win64/Olmarik.AH trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\CFE1.tmp Win64/Olmarik.AH trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\CFE2.tmp Win64/Olmarik.AH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\02.04.2012_23.31.54\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\02.04.2012_23.31.54\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\02.04.2012_23.31.54\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\02.04.2012_23.31.54\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AG trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\02.04.2012_23.31.54\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.KS trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\02.04.2012_23.31.54\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AF trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\02.04.2012_23.31.54\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\02.04.2012_23.31.54\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined


I will give it a try in normal mode and see if this time it's fixed anything
edit- It did not
My System SpecsSystem Spec
.


11 Aug 2012   #4

 
 

Fair chance it's still infected.

With the mbam threats, just let it detect them in safemode and then you can manually navigate and delete the threats yourself, rather than having mbam fail in normal mode.



It might be a good idea to have this thread moved to the security area where the folks are more used to cleaning systems might have a few more ideas on how to remove the infection.

(My personal method would be to back up my data and then do a fresh installation. However that method is not for everyone).
My System SpecsSystem Spec
11 Aug 2012   #5

Windows 7 64 bit
 
 

reading some of the other threads in this section, I went ahead and ran tdsskiller and it seems to have solved the problem.

thanks a bunch!
My System SpecsSystem Spec
11 Aug 2012   #6

 
 

Good to hear mate. Fingers crossed that's nailed it
My System SpecsSystem Spec
12 Aug 2012   #7

Windows 7 Ultimate x64
 
 

You can optionally put an antivirus Live CD on a disk or mount it to a USB, boot from CD (or USB) and scan your system that way.

13 Antivirus Rescue CDs Software Compared in Search For the Best Rescue Disk
It says 13, but lists 14 Live CD antiviruses.
Just another option that may help.
My System SpecsSystem Spec
Reply

 "Malicious software warning", then costant BSODs




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 07:31 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33