Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: BSOD after each start

05 May 2011   #11
Jonathan_King

Windows 7 Professional x64
 
 

Now try running the Kaspersky TDSS Killer: How to remove malware belonging to the family Rootkit.Win32.TDSS (aka Tidserv, TDSServ, Alureon)?


My System SpecsSystem Spec
.
06 May 2011   #12
mylifeforaiur

Windows 7 Professional 32bit
 
 

Ran the utility 3 times:
- one time in safe mode, detected the rootkit and a forged file, bsod at shutdown, at reboot no action done
- another time, same result, no bsod this time so file was deleted and system rebooted in normal mode
- a third check in normal mode to be sure, this time the rootkit is gone.

report:
Code:
2011/05/06 07:46:23.0872 3208    TDSS rootkit removing tool 2.5.0.0 May  1 2011 14:20:16
2011/05/06 07:46:24.0012 3208    ================================================================================
2011/05/06 07:46:24.0012 3208    SystemInfo:
2011/05/06 07:46:24.0012 3208    
2011/05/06 07:46:24.0012 3208    OS Version: 6.1.7600 ServicePack: 0.0
2011/05/06 07:46:24.0012 3208    Product type: Workstation
2011/05/06 07:46:24.0012 3208    ComputerName: ADRIEN-PC
2011/05/06 07:46:24.0012 3208    UserName: Adrien
2011/05/06 07:46:24.0012 3208    Windows directory: C:\Windows
2011/05/06 07:46:24.0012 3208    System windows directory: C:\Windows
2011/05/06 07:46:24.0012 3208    Processor architecture: Intel x86
2011/05/06 07:46:24.0012 3208    Number of processors: 1
2011/05/06 07:46:24.0012 3208    Page size: 0x1000
2011/05/06 07:46:24.0012 3208    Boot type: Normal boot
2011/05/06 07:46:24.0012 3208    ================================================================================
2011/05/06 07:46:24.0622 3208    Initialize success
2011/05/06 07:46:27.0450 1184    ================================================================================
2011/05/06 07:46:27.0450 1184    Scan started
2011/05/06 07:46:27.0450 1184    Mode: Manual; 
2011/05/06 07:46:27.0450 1184    ================================================================================
2011/05/06 07:46:28.0528 1184    1394ohci        (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\drivers\1394ohci.sys
2011/05/06 07:46:28.0590 1184    ACPI            (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\drivers\ACPI.sys
2011/05/06 07:46:28.0637 1184    AcpiPmi         (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\drivers\acpipmi.sys
2011/05/06 07:46:28.0715 1184    adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/06 07:46:28.0731 1184    adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/06 07:46:28.0793 1184    adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/06 07:46:28.0872 1184    AFD             (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/05/06 07:46:28.0918 1184    agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
2011/05/06 07:46:28.0981 1184    aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/05/06 07:46:29.0106 1184    ALCXWDM         (7997b6f02cbda0e31fa18cc85871b938) C:\Windows\system32\drivers\RTKVAC.SYS
2011/05/06 07:46:29.0215 1184    aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
2011/05/06 07:46:29.0278 1184    amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
2011/05/06 07:46:29.0325 1184    amdide          (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
2011/05/06 07:46:29.0403 1184    AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/06 07:46:29.0450 1184    AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/06 07:46:29.0497 1184    amdsata         (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\drivers\amdsata.sys
2011/05/06 07:46:29.0559 1184    amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/06 07:46:29.0606 1184    amdxata         (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\drivers\amdxata.sys
2011/05/06 07:46:29.0668 1184    AppID           (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/05/06 07:46:29.0762 1184    arc             (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/05/06 07:46:29.0793 1184    arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/06 07:46:29.0887 1184    AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/06 07:46:29.0934 1184    atapi           (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
2011/05/06 07:46:30.0028 1184    athr            (c910b8ebe20289565a55d9b8904e1563) C:\Windows\system32\DRIVERS\athr.sys
2011/05/06 07:46:30.0153 1184    b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/05/06 07:46:30.0200 1184    b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/05/06 07:46:30.0247 1184    Beep            (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/05/06 07:46:30.0325 1184    blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/06 07:46:30.0372 1184    bowser          (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/06 07:46:30.0403 1184    BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/06 07:46:30.0434 1184    BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/06 07:46:30.0481 1184    Brserid         (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/05/06 07:46:30.0497 1184    BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/06 07:46:30.0543 1184    BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/06 07:46:30.0575 1184    BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/06 07:46:30.0606 1184    BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/06 07:46:30.0668 1184    cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/06 07:46:30.0731 1184    cdrom           (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\drivers\cdrom.sys
2011/05/06 07:46:30.0809 1184    circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/06 07:46:30.0856 1184    CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/05/06 07:46:30.0918 1184    CmBatt          (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/06 07:46:30.0950 1184    cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
2011/05/06 07:46:31.0012 1184    CNG             (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/05/06 07:46:31.0106 1184    Compbatt        (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/06 07:46:31.0168 1184    CompositeBus    (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\drivers\CompositeBus.sys
2011/05/06 07:46:31.0231 1184    crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/06 07:46:31.0309 1184    CSC             (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
2011/05/06 07:46:31.0403 1184    DfsC            (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/05/06 07:46:31.0465 1184    discache        (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/05/06 07:46:31.0512 1184    Disk            (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/05/06 07:46:31.0575 1184    drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/05/06 07:46:31.0637 1184    DXGKrnl         (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/06 07:46:31.0747 1184    ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/05/06 07:46:31.0856 1184    elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/06 07:46:31.0918 1184    ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
2011/05/06 07:46:31.0997 1184    exfat           (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/05/06 07:46:32.0043 1184    fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/05/06 07:46:32.0106 1184    fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/06 07:46:32.0168 1184    FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/05/06 07:46:32.0200 1184    Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/05/06 07:46:32.0247 1184    flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/06 07:46:32.0293 1184    FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/05/06 07:46:32.0340 1184    FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/05/06 07:46:32.0403 1184    Fs_Rec          (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/06 07:46:32.0481 1184    fvevol          (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/06 07:46:32.0543 1184    gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/06 07:46:32.0637 1184    hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/06 07:46:32.0684 1184    HDAudBus        (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\drivers\HDAudBus.sys
2011/05/06 07:46:32.0731 1184    HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/06 07:46:32.0747 1184    HidBth          (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/06 07:46:32.0793 1184    HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/06 07:46:32.0856 1184    HidUsb          (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\drivers\hidusb.sys
2011/05/06 07:46:32.0934 1184    HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
2011/05/06 07:46:33.0012 1184    HTTP            (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/05/06 07:46:33.0059 1184    hwpolicy        (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/06 07:46:33.0122 1184    i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
2011/05/06 07:46:33.0215 1184    iaStorV         (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\drivers\iaStorV.sys
2011/05/06 07:46:33.0309 1184    iirsp           (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/06 07:46:33.0387 1184    intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
2011/05/06 07:46:33.0434 1184    intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/06 07:46:33.0481 1184    IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/06 07:46:33.0543 1184    IPMIDRV         (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\drivers\IPMIDrv.sys
2011/05/06 07:46:33.0590 1184    IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/05/06 07:46:33.0637 1184    IRENUM          (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/05/06 07:46:33.0684 1184    isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
2011/05/06 07:46:33.0747 1184    iScsiPrt        (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\drivers\msiscsi.sys
2011/05/06 07:46:33.0825 1184    kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
2011/05/06 07:46:33.0887 1184    kbdhid          (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\drivers\kbdhid.sys
2011/05/06 07:46:33.0965 1184    KSecDD          (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/06 07:46:34.0043 1184    KSecPkg         (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/06 07:46:34.0153 1184    lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/06 07:46:34.0231 1184    LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/06 07:46:34.0262 1184    LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/06 07:46:34.0293 1184    LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/06 07:46:34.0340 1184    LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/06 07:46:34.0387 1184    luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/05/06 07:46:34.0434 1184    megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/06 07:46:34.0481 1184    MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/06 07:46:34.0528 1184    Modem           (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/05/06 07:46:34.0559 1184    monitor         (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/06 07:46:34.0622 1184    mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
2011/05/06 07:46:34.0684 1184    mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/06 07:46:34.0715 1184    mountmgr        (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/05/06 07:46:34.0809 1184    MpFilter        (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/05/06 07:46:34.0856 1184    mpio            (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\drivers\mpio.sys
2011/05/06 07:46:35.0043 1184    MpKsl2ba21a99   (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{849E9EBA-3162-4EF3-83AF-BDE4C00B11D6}\MpKsl2ba21a99.sys
2011/05/06 07:46:35.0059 1184    Suspicious file (Forged): C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{849E9EBA-3162-4EF3-83AF-BDE4C00B11D6}\MpKsl2ba21a99.sys. Real md5: 5f53edfead46fa7adb78eee9ecce8fdf, Fake md5: 7702b27661f74715060586b65246b849
2011/05/06 07:46:35.0075 1184    MpKsl2ba21a99 - detected ForgedFile.Multi.Generic (1)
2011/05/06 07:46:35.0153 1184    MpKsl433f0822   (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{849E9EBA-3162-4EF3-83AF-BDE4C00B11D6}\MpKsl433f0822.sys
2011/05/06 07:46:35.0278 1184    MpKsl8d31a349   (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{849E9EBA-3162-4EF3-83AF-BDE4C00B11D6}\MpKsl8d31a349.sys
2011/05/06 07:46:35.0497 1184    MpNWMon         (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/05/06 07:46:35.0559 1184    mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/06 07:46:35.0606 1184    MRxDAV          (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/05/06 07:46:35.0700 1184    mrxsmb          (b4c76ef46322a9711c7b0f4e21ef6ea5) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/06 07:46:35.0747 1184    mrxsmb10        (e593d45024a3fdd11e93cc4a6ca91101) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/06 07:46:35.0825 1184    mrxsmb20        (a9f86c82c9cc3b679cc3957e1183a30f) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/06 07:46:35.0887 1184    msahci          (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\drivers\msahci.sys
2011/05/06 07:46:35.0934 1184    msdsm           (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\drivers\msdsm.sys
2011/05/06 07:46:36.0043 1184    Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/05/06 07:46:36.0090 1184    mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/06 07:46:36.0137 1184    msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
2011/05/06 07:46:36.0215 1184    MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/06 07:46:36.0278 1184    MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/06 07:46:36.0293 1184    MSPQM           (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/05/06 07:46:36.0340 1184    MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/05/06 07:46:36.0387 1184    mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
2011/05/06 07:46:36.0403 1184    MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/05/06 07:46:36.0434 1184    MTConfig        (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/06 07:46:36.0465 1184    Mup             (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/05/06 07:46:36.0543 1184    NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/06 07:46:36.0606 1184    NDIS            (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/05/06 07:46:36.0668 1184    NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/06 07:46:36.0700 1184    NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/06 07:46:36.0747 1184    Ndisuio         (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/06 07:46:36.0809 1184    NdisWan         (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/06 07:46:36.0856 1184    NDProxy         (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/05/06 07:46:36.0918 1184    NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/06 07:46:36.0950 1184    NetBT           (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/06 07:46:37.0090 1184    nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/06 07:46:37.0137 1184    NisDrv          (17e2c08c5ecfbe94a7c67b1c275ee9d9) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/05/06 07:46:37.0215 1184    Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/05/06 07:46:37.0262 1184    nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/06 07:46:37.0340 1184    Ntfs            (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2011/05/06 07:46:37.0418 1184    Null            (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/05/06 07:46:37.0497 1184    NVENETFD        (d958a2b5f6ad5c3b8ccdc4d7da62466c) C:\Windows\system32\DRIVERS\nvmfdx32.sys
2011/05/06 07:46:37.0731 1184    nvlddmkm        (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/05/06 07:46:37.0840 1184    nvraid          (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\drivers\nvraid.sys
2011/05/06 07:46:37.0887 1184    nvstor          (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\drivers\nvstor.sys
2011/05/06 07:46:37.0997 1184    nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
2011/05/06 07:46:38.0059 1184    ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
2011/05/06 07:46:38.0153 1184    Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/05/06 07:46:38.0184 1184    partmgr         (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/05/06 07:46:38.0247 1184    Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/05/06 07:46:38.0293 1184    pavboot         (3adb8bd6154a3ef87496e8fce9c22493) C:\Windows\system32\drivers\pavboot.sys
2011/05/06 07:46:38.0340 1184    pci             (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\drivers\pci.sys
2011/05/06 07:46:38.0465 1184    pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
2011/05/06 07:46:38.0497 1184    pcmcia          (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/06 07:46:38.0543 1184    pcw             (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/05/06 07:46:38.0590 1184    PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/05/06 07:46:38.0731 1184    PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/06 07:46:38.0778 1184    Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/05/06 07:46:38.0856 1184    Psched          (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/06 07:46:38.0918 1184    ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/06 07:46:38.0981 1184    ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/06 07:46:39.0028 1184    QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/06 07:46:39.0059 1184    RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/06 07:46:39.0106 1184    RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/06 07:46:39.0168 1184    Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/06 07:46:39.0231 1184    RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/06 07:46:39.0278 1184    RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/06 07:46:39.0340 1184    rdbss           (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/06 07:46:39.0403 1184    rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/06 07:46:39.0434 1184    RDPCDD          (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/06 07:46:39.0497 1184    RDPDR           (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
2011/05/06 07:46:39.0575 1184    RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/06 07:46:39.0606 1184    RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/06 07:46:39.0653 1184    RDPWD           (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/05/06 07:46:39.0715 1184    rdyboost        (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/05/06 07:46:39.0840 1184    rspndr          (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/06 07:46:39.0887 1184    s3cap           (5423d8437051e89dd34749f242c98648) C:\Windows\system32\drivers\vms3cap.sys
2011/05/06 07:46:39.0965 1184    sbp2port        (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\drivers\sbp2port.sys
2011/05/06 07:46:40.0028 1184    scfilter        (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/06 07:46:40.0090 1184    secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/06 07:46:40.0168 1184    Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/06 07:46:40.0200 1184    Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/05/06 07:46:40.0247 1184    sermouse        (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/06 07:46:40.0340 1184    sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
2011/05/06 07:46:40.0387 1184    sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/06 07:46:40.0434 1184    sffp_sd         (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/06 07:46:40.0481 1184    sfloppy         (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/06 07:46:40.0543 1184    sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
2011/05/06 07:46:40.0590 1184    SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/06 07:46:40.0622 1184    SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/06 07:46:40.0668 1184    Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/05/06 07:46:40.0747 1184    spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/05/06 07:46:40.0840 1184    srv             (4a9b0f215de2519e2363f91df25c1e97) C:\Windows\system32\DRIVERS\srv.sys
2011/05/06 07:46:40.0903 1184    srv2            (14c44875518ae1c982e54ea8c5f7fe28) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/06 07:46:40.0981 1184    srvnet          (07a14223b0a50e76ade003fdf95d4fec) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/06 07:46:41.0090 1184    stexstor        (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/06 07:46:41.0168 1184    storflt         (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\drivers\vmstorfl.sys
2011/05/06 07:46:41.0247 1184    storvsc         (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\drivers\storvsc.sys
2011/05/06 07:46:41.0309 1184    swenum          (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
2011/05/06 07:46:41.0418 1184    Tcpip           (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2011/05/06 07:46:41.0528 1184    TCPIP6          (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/06 07:46:41.0590 1184    tcpipreg        (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/06 07:46:41.0637 1184    TDPIPE          (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/05/06 07:46:41.0684 1184    TDTCP           (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/05/06 07:46:41.0731 1184    tdx             (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/06 07:46:41.0809 1184    TermDD          (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\drivers\termdd.sys
2011/05/06 07:46:41.0918 1184    tssecsrv        (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/06 07:46:41.0997 1184    tunnel          (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/06 07:46:42.0059 1184    uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/06 07:46:42.0106 1184    udfs            (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/06 07:46:42.0215 1184    uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/06 07:46:42.0293 1184    umbus           (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\drivers\umbus.sys
2011/05/06 07:46:42.0340 1184    UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/06 07:46:42.0418 1184    usbaudio        (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
2011/05/06 07:46:42.0481 1184    usbccgp         (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\drivers\usbccgp.sys
2011/05/06 07:46:42.0543 1184    usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
2011/05/06 07:46:42.0606 1184    usbehci         (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/06 07:46:42.0653 1184    usbhub          (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\drivers\usbhub.sys
2011/05/06 07:46:42.0731 1184    usbohci         (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/05/06 07:46:42.0778 1184    usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/06 07:46:42.0825 1184    USBSTOR         (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\drivers\USBSTOR.SYS
2011/05/06 07:46:42.0856 1184    usbuhci         (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/06 07:46:42.0918 1184    vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
2011/05/06 07:46:42.0965 1184    vga             (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/06 07:46:43.0012 1184    VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/05/06 07:46:43.0059 1184    vhdmp           (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\drivers\vhdmp.sys
2011/05/06 07:46:43.0137 1184    viaagp          (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
2011/05/06 07:46:43.0184 1184    ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/05/06 07:46:43.0231 1184    viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
2011/05/06 07:46:43.0325 1184    vmbus           (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\drivers\vmbus.sys
2011/05/06 07:46:43.0403 1184    VMBusHID        (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\drivers\VMBusHID.sys
2011/05/06 07:46:43.0450 1184    volmgr          (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\drivers\volmgr.sys
2011/05/06 07:46:43.0512 1184    volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/05/06 07:46:43.0575 1184    volsnap         (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\drivers\volsnap.sys
2011/05/06 07:46:43.0637 1184    vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/06 07:46:43.0700 1184    vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/05/06 07:46:43.0762 1184    vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/05/06 07:46:43.0825 1184    WacomPen        (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/06 07:46:43.0856 1184    WANARP          (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/06 07:46:43.0903 1184    Wanarpv6        (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/06 07:46:43.0981 1184    Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/05/06 07:46:44.0028 1184    Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/06 07:46:44.0137 1184    WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/06 07:46:44.0168 1184    WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/05/06 07:46:44.0309 1184    WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/06 07:46:44.0403 1184    ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/06 07:46:44.0481 1184    WudfPf          (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/05/06 07:46:44.0559 1184    WUDFRd          (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/06 07:46:44.0778 1184    ================================================================================
2011/05/06 07:46:44.0778 1184    Scan finished
2011/05/06 07:46:44.0778 1184    ================================================================================
2011/05/06 07:46:44.0793 0412    Detected object count: 1
2011/05/06 07:46:52.0872 0412    MpKsl2ba21a99   (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{849E9EBA-3162-4EF3-83AF-BDE4C00B11D6}\MpKsl2ba21a99.sys
2011/05/06 07:46:52.0872 0412    Suspicious file (Forged): C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{849E9EBA-3162-4EF3-83AF-BDE4C00B11D6}\MpKsl2ba21a99.sys. Real md5: 5f53edfead46fa7adb78eee9ecce8fdf, Fake md5: 7702b27661f74715060586b65246b849
2011/05/06 07:46:52.0872 0412    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{849E9EBA-3162-4EF3-83AF-BDE4C00B11D6}\MpKsl2ba21a99.sys - copied to quarantine
2011/05/06 07:46:52.0918 0412    ForgedFile.Multi.Generic(MpKsl2ba21a99) - User select action: Quarantine 
2011/05/06 07:46:57.0965 3520    Deinitialize success
I would carry on but i need to go to work.

Thanks so far. I might be away during the weekend
My System SpecsSystem Spec
06 May 2011   #13
Jonathan_King

Windows 7 Professional x64
 
 

That "forged file" is nothing to worry about; that's a false positive.

Let's watch to see if the problems persist...hopefully, that will be the end!
My System SpecsSystem Spec
.

06 May 2011   #14
mylifeforaiur

Windows 7 Professional 32bit
 
 

(Posting from work, no access to my system)

Cool! I already managed to shut down the pc without getting a BSOD so it looks like it's gonna be better now. I'll test everything when I get back home, that might be on monday.

I really need to think of where the gaping hole in my protection is though, this is the third virus in about 3 months. I'm using microsoft security essentials right now.
My System SpecsSystem Spec
06 May 2011   #15
Jonathan_King

Windows 7 Professional x64
 
 

Microsoft Security Essentials is a good free one; I will probably go back to that after my ESET subscription runs out. If you're looking for a recommendation on a good paid program, my vote would be cast for ESET.
My System SpecsSystem Spec
10 May 2011   #16
mylifeforaiur

Windows 7 Professional 32bit
 
 

The Blue Screens are all gone now, and Malwarebytes, MSE and Bitdefender onlinescan all indicate no threats, so everything seems solved here. Anything else I should check?

Thanks a lot for your help!
My System SpecsSystem Spec
10 May 2011   #17
mylifeforaiur

Windows 7 Professional 32bit
 
 

New threat....

Microsoft Antimalware has taken action to protect this machine from malware or other potentially unwanted software.
For more information please see the following:
Encyclopedia entry: Trojan:Win32/Coremhead - Learn more about malware - Microsoft Malware Protection Center
Name: Trojan:Win32/Coremhead
ID: 2147624664
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\56e 05429-739564fe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
User: Adrien-PC\Adrien
Process Name: Unknown
Action: Remove
Action Status: No additional actions required
Signature Version: AV: 1.103.1373.0, AS: 1.103.1373.0, NIS: 9.146.0.0
Engine Version: AM: 1.1.6802.0, NIS: 2.0.5854.0


I just keep wondering where all that **** comes from.


I also have this other issue: Specific website can't be opened, then firefox hangs at exit

Sorry if this is getting a little bit out of topic. edit: maybe i should make a new thread in the trojan section of the forum?
My System SpecsSystem Spec
10 May 2011   #18
Jonathan_King

Windows 7 Professional x64
 
 

It may be a good idea to create a new thread in the Security forum; we'll see.

If you're sure you're visiting only safe sites, the problem must be coming from either another computer on the network, or is still buried in the OS. Try restricting yourself for a few days; visit only reputable sites such as Google, Facebook, Youtube, and whatever else you determine is low-risk. High-risk sites include "adult", torrent, crack/keygen, free music/movies, games, etc.
My System SpecsSystem Spec
Reply

 BSOD after each start




Thread Tools




Similar help and support threads
Thread Forum
Laptop won't start after update, can't start start up repair either
My mother in law has a toshiba satellite p775-s7100 and this morning she told me there was a toshiba update, I was on her laptop yesterday and saw there was an update for her bios, so I'm assuming she clicked the update button and messed the update up somehow. Now when we try to boot the laptop,...
General Discussion
BSOD At start up - W7ULT - Memory BSOD related
These errors and problems have occured since I first got my computer. I just assumed that it was a problem that always happened and when I was on W7 x64 Home Premium I just ended up never getting a BSOD after a while but my computer would always restart on shut down. Now I'm on Windows 7...
BSOD Help and Support
BSOD on Start up, White bars and pixelation in start up screen.
Hello, my machine is 2 yrs old and recently I have encountered this problem. It started slowly. While playing League of Legends and Starcraft 2 it would occasionally freeze up, the display would become pixelated and I would have to restart my PC. I could still hear audio, but nothing would...
BSOD Help and Support
BSOD trying to start Windows, gets to desktop then BSOD, then reboots
Hi guys, I encountered BSOD for the first time. Very annoying. Right now I have to run this on Safe Mode in order to access the internet. I also noticed I can't use Firefox right now, and instead am using iE. I couldn't run the the performance scan report either (time out?), but I did attach the...
BSOD Help and Support
BSOD just after start up
Hi, as you can tell i'm new here Iv been reading a few of the other random crash posts and have tried to follow them as best as I can. Basically, my computer will freeze about a minute or 2 after login, and when I restart, I can login again either in safe mode or normal, and I will get a...
BSOD Help and Support
BSOD on Start - able to start in Safe Mode and Restore
Windows 7 Home Premium 64-bit on Dell XPS 8100 with Intel Core i5, 650@3.20 GHz, 8Gb RAM, worked flawlessly out of the box in April (for five months). For a few weeks, powering off had produced "Installing Windows Updates, 1 (etc) of 8" - each and every time. Two days ago, power on results in...
Backup and Restore


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 02:57.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App