Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: gfkernel.dll

21 Apr 2010   #1
seekermeister

W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
 
 
gfkernel.dll

Since I don't find that any of the malware scanner are 100% reliable, I usually run more than one. It occurred to me that I hadn't run SpyBot S&D for a while, so after updating it, I did so. The result was that it listed the file virtumonde.sdn at C:\\Windows\System32\gfbaksm.dat. after a quick Google, I decided to let Spybot remove it.

However, there is another file called gfkernel.dll, that SpyBot didn't mark or remove, that appears to be related to the former. What I have Googled seems to indicate that it should be removed also, but since SpyBot didn't complain about it, I wanted to double check by posting here and see if anyone knows anything about it?


My System SpecsSystem Spec
.
21 Apr 2010   #2
Jonathan_King

Windows 7 Professional x64
 
 

It does look dangerous. Try running Malwarebytes or some other program, and see if it picks it up.

You can also try creating a backup the file, and deleting it.
My System SpecsSystem Spec
21 Apr 2010   #3
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Good call, Jon. It is indeed nasty. See Prevx-GFKERNEL.DLL.html

With Virtumonde identified, I suggest taking a close look at Add/Remove programs and uninstalling all versions of Java prior to SE6u20. This includes any item listing J2SE or Java Runtime Environment in the name. It would also be a good idea to run JavaRa.

My System SpecsSystem Spec
.

21 Apr 2010   #4
seekermeister

W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
 
 

Quote   Quote: Originally Posted by Corrine View Post
Good call, Jon. It is indeed nasty. See Prevx-GFKERNEL.DLL.html

With Virtumonde identified, I suggest taking a close look at Add/Remove programs and uninstalling all versions of Java prior to SE6u20. This includes any item listing J2SE or Java Runtime Environment in the name. It would also be a good idea to run JavaRa.

I had already uninstalled all older versions of Java several days ago. Is this the most common source of these files? The one thing that I wish MS would change is that there would be an easy and simple means of tracking the source of all files installed.

What is JavaRa?

Just as a footnote, I just finished a full scan with Malwarebytes, and it didn't squawk about the file either, but considering the remarks given, I'm deleting it.
My System SpecsSystem Spec
21 Apr 2010   #5
CarlTR6

Windows 7 Ultimate 32 bit
 
 

JavaRa is a Java uninstaller. It gets everything related to Java
My System SpecsSystem Spec
21 Apr 2010   #6
seekermeister

W7x64 Pro, SuSe 12.1/** W7 x64 Pro, XP MCE
 
 

Thanks, but since I just installed update 20 and uninstalled everything prior to that, just a few days ago, I will leave JavaRa until the next update.

EDIT: Of course, assuming that update 20 did not install these files, I guess that the uninstaller in Programs And Features doesn't do too good of a job.
My System SpecsSystem Spec
21 Apr 2010   #7
CarlTR6

Windows 7 Ultimate 32 bit
 
 

JavaRa itself gets updated and will only remove Java up to certain version. Right now it seems to be two or more versions behind. At any rate, it does does not remove the current version.
My System SpecsSystem Spec
21 Apr 2010   #8
Corrine

Windows 7 & Windows Vista Ultimate
 
 

JavaRa cleans up the left-overs missed in the uninstall process.
My System SpecsSystem Spec
22 Apr 2010   #9
CarlTR6

Windows 7 Ultimate 32 bit
 
 

Thanks, Corrine.
My System SpecsSystem Spec
22 Apr 2010   #10
Bill2

Windows 7 x64 pro/ Windows 7 x86 Pro/ XP SP3 x86
 
 

According to the security forums, A-squared is able to detect these 2 files. If seekermeister hasnt deleted them yet, perhaps he can check.
My System SpecsSystem Spec
Reply

 gfkernel.dll




Thread Tools



Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 19:56.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App