Log in
Register
What's new
Search
Search
Search titles only
By:
Menu
Log in
Register
What's new
Search
Search
Search titles only
By:
Forums
Tutorials
About
Rules
What's New
Driver Reference Table
Donate
Search titles only
By:
Latest activity
Register
Sysnative BSOD Analyst App Repository
BSOD Processing Apps Download | Info + Discussion
Anyone know what this is?
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="satrow" data-source="post: 72184" data-attributes="member: 121"><p>I once spent a couple of hours on an infected machine trying to figure out what a similar, cryptically named, dynamic driver was - it turned out to be Rootkit Revealer that I'd been running ...</p><p></p><p>Re. malware in dumps, yes, actually seeing the driver listed is rare - better to check Autoruns.arn for anomalies (entries in AppInit, as well as the usual places) and MSInfo32 to check if Security Accounts Manager (SAM) is stopped or under Components> Problem Devices for Security Processor Loader Driver ROOT\LEGACY_SPLDR\0000 This device is not present, is not working properly, or does not have all its drivers installed.</p><p></p><p>Getting hits like the above doesn't necessarily mean there's an infection, it certainly warrants a thorough check though.</p><p></p><p>[ATTACH]7895[/ATTACH] <- Autoruns and MSInfo32 attached from a recent infected machine that I asked Patrick to check for me: <a href="http://www.techsupportforum.com/forums/f299/bsod-assistance-797938.html" target="_blank">BSOD Assistance - Tech Support Forum</a></p></blockquote><p></p>
[QUOTE="satrow, post: 72184, member: 121"] I once spent a couple of hours on an infected machine trying to figure out what a similar, cryptically named, dynamic driver was - it turned out to be Rootkit Revealer that I'd been running ... Re. malware in dumps, yes, actually seeing the driver listed is rare - better to check Autoruns.arn for anomalies (entries in AppInit, as well as the usual places) and MSInfo32 to check if Security Accounts Manager (SAM) is stopped or under Components> Problem Devices for Security Processor Loader Driver ROOT\LEGACY_SPLDR\0000 This device is not present, is not working properly, or does not have all its drivers installed. Getting hits like the above doesn't necessarily mean there's an infection, it certainly warrants a thorough check though. [ATTACH]7895[/ATTACH] <- Autoruns and MSInfo32 attached from a recent infected machine that I asked Patrick to check for me: [url=http://www.techsupportforum.com/forums/f299/bsod-assistance-797938.html]BSOD Assistance - Tech Support Forum[/url] [/QUOTE]
Insert quotes...
Verification
Post reply
Sysnative BSOD Analyst App Repository
BSOD Processing Apps Download | Info + Discussion
Anyone know what this is?
Menu
Log in
Register
Top
