I started getting a blue screen of death around the time I noticed that System Tool 2011 showed up on my desktop.

I'm running Windows 7 32 bit. I get the BSOD after I startup the machine while Windows is still starting services, etc. The BSOD error message doesn't have any useful info in it, and I don't see anything related in the Windows Event Log. Note that I do not get the BSOD when running in safe mode with networking.

I followed the steps on this site to remove System Tool 2011, and it seems to be gone, but I still get the BSOD. Can anyone offer any advice? I attached logs from MalwareBytes and MySystem-Search. TIA!

Hello, and welcome to The Ultimate Geek TaskForce!

Please note the following information about the malware forum:

• Only Trained Advisors, Moderators and Administrators are allowed to give advice on removing malware from your computer.
  
• From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
  
• Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  
• If you have already asked for help somewhere, please post the link to the topic you were helped.
  
• We try our best to reply quickly, but for any reason we do not reply in two days, do this:
  
  Reply to this topic with the word BUMP.
  
  
• Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

---

Download BlueScreenView (in Zip file)
No installation required.
Unzip downloaded file and double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit>Select All.
Go File>Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

Here you go!

==================================================
Dump File : 123110-30232-01.dmp
Crash Time : 12/31/2010 4:20:44 PM
Bug Check String : UNEXPECTED_KERNEL_MODE_TRAP
Bug Check Code : 0x0000007f
Parameter 1 : 0x0000000d
Parameter 2 : 0x00000000
Parameter 3 : 0x00000000
Parameter 4 : 0x00000000
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+46f6b
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : 32-bit
Computer Name :
Full Path : C:\Windows\Minidump\123110-30232-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 144,752
==================================================

==================================================
Dump File : 123110-30700-01.dmp
Crash Time : 12/31/2010 4:02:47 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x82c8f050
Parameter 3 : 0x8be87774
Parameter 4 : 0x00000000
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+23e050
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : 32-bit
Computer Name :
Full Path : C:\Windows\Minidump\123110-30700-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 140,536
==================================================

==================================================
Dump File : 123110-25677-01.dmp
Crash Time : 12/31/2010 3:51:42 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x000000aa
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x836b8784
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+4682b
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : 32-bit
Computer Name :
Full Path : C:\Windows\Minidump\123110-25677-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 144,704
==================================================

==================================================
Dump File : 123110-26130-01.dmp
Crash Time : 12/31/2010 3:22:15 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0x00000000
Parameter 3 : 0x8daabc3c
Parameter 4 : 0x8daab820
Caused By Driver :
Caused By Address :
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Computer Name :
Full Path : C:\Windows\Minidump\123110-26130-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 144,704
==================================================

==================================================
Dump File : 123110-26083-01.dmp
Crash Time : 12/31/2010 2:14:27 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x04250077
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x83681784
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+4682b
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : 32-bit
Computer Name :
Full Path : C:\Windows\Minidump\123110-26083-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 144,704
==================================================

==================================================
Dump File : 123010-22261-01.dmp
Crash Time : 12/30/2010 10:55:22 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x00000016
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0x8368aa5b
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+4682b
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : 32-bit
Computer Name :
Full Path : C:\Windows\Minidump\123010-22261-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 144,800
==================================================

==================================================
Dump File : 123010-21184-01.dmp
Crash Time : 12/30/2010 10:39:58 PM
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0x832bb2f1
Parameter 3 : 0xa7473a60
Parameter 4 : 0xa7473640
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+bb2f1
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : 32-bit
Computer Name :
Full Path : C:\Windows\Minidump\123010-21184-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 144,752
==================================================

==================================================
Dump File : 123010-53711-01.dmp
Crash Time : 12/30/2010 10:35:57 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x00000016
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0x83241a5b
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+4682b
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : 32-bit
Computer Name :
Full Path : C:\Windows\Minidump\123010-53711-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 144,800
==================================================

==================================================
Dump File : 123010-37284-01.dmp
Crash Time : 12/30/2010 10:25:34 PM
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x0000000a
Parameter 1 : 0x00000076
Parameter 2 : 0x00000002
Parameter 3 : 0x00000001
Parameter 4 : 0x832a9784
Caused By Driver : ntkrnlpa.exe
Caused By Address : ntkrnlpa.exe+4682b
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7600.16617 (win7_gdr.100618-1621)
Processor : 32-bit
Computer Name :
Full Path : C:\Windows\Minidump\123010-37284-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7600
Dump File Size : 144,800
==================================================

All of those bugcheck codes point to device failure.

You are not overclocking any devices right?

This issue appears to have occurred after the malware, so let us check memory first.

Reboot your computer, and when you see the first screen, press the Spacebar to access the boot manager. Once there, use the arrow key to go down to Windows Memory Diagnostic.

Please let the test run. When finished, let me know of the results.

Note: if the Spacebar does not activate the boot manager, then try again, except press the F8 key three times.