Skip to content

kernelw.sys

kernelw.sys was added to FreeFixer's database on the 21 Sep 2007. The most recent search for this file was done on 09 Oct 2007. kernelw.sys is located in the 'c:\windows\system32\' folder.

So far there has been 8 searches for kernelw.sys.

If you have additional information about the file, please share it with the FreeFixer users by posting a comment at the bottom of this page.

Version information

This file does not have any version information.

What will you do with the file?

To help other users, please let us know what you will do with the file:



What did other users do?

The poll results listed below shows what other users choose to do with the file.

Votes
Keep50 %
12
Remove50 %
12

NOTE: Please do not use this poll as the only source of input to determine what you will do with the file.

Comments

Roger Karlsson writes

1 thumb Put you thumb up for this comment Put you thumb down for this comment

Here's the scan result from Jotti's scanner:

File: kernelw.sys
Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: cc43010c40ec6907f2d0526c55495c16
Packers detected: -
Bit9 reports: High threat detected (more info)

Scanner results
Scan taken on 24 Sep 2007 16:24:19 (GMT)
A-Squared Found nothing
AntiVir Found TR/Rootkit.Gen
ArcaVir Found Worm.Zhelatin.Ap
Avast Found Win32:Tibs-BBQ
AVG Antivirus Found Downloader.Tibs
BitDefender Found Trojan.Peed.IIG
ClamAV Found Trojan.Proxy-1247
CPsecure Found Packed.W32.Tibs.ap
Dr.Web Found Trojan.NtRootKit.378
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found Packed.Win32.Tibs.ap
Fortinet Found nothing
Kaspersky Anti-Virus Found Packed.Win32.Tibs.ap
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found Trj/Agent.GMR
Rising Antivirus Found Trojan.Win32.Agent.yfu
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found Trojan.NtRootKit.378

# 24 Sep 2007, 18:18

SpamBUSTERS writes

2 thumbs Put you thumb up for this comment Put you thumb down for this comment

Kernelw.sys is a Trojan/Backdoor process
kernelw.sys
The kernelw.sys file is installed and used by Trojan.Tibs
Trojan.Tibs is a Trojan Downloader program that is related to the VXGame Trojan. Once Trojan.Tibs is executed on your computer, it will connect to the Internet and download additional malware. Trojan.Tibs may also generate large numbers of popup adverts, and it will also attempt to bypass the Windows Firewall. Trojan.Tibs program is a security risk, and should be removed immediately to protect your personal data. Fake email greeting cards are infected with trojans. Beware of strangers sending greeting cards.
http://www.spywareremove.com/removeTrojanTibs.html


Other Trojan Tibs process files
vedxga4m1et4.exe
vedxga3me2.exe
vedxga1me4t1.exe
vedxg4am1et2.exe
newmaxxsv234.exe
vedxg6ame4.exe
syszple.exe
sysrfls.exe
ecard.exe
gop.exe
alt.exe.exe
fun[1].exe
kernels88.exe
frmwrk.sys
kernelw.sys
vedxga4m1et4.exe
vedxga3me2.exe
vedxga1me4t1.exe
vedxg4am1et2.exe
newmaxxsv234.exe
SystemSv12
vedxg6ame4.exe
Service Pack 1
syszple.exe
sysrfls.exe
egreeting card
ecard.exe
gop.exe
alt.exe.exe
fun[1].exe
kernels88.exe

# 1 Jan 2008, 10:46

Login and comment