Windows 8 and 8.1 Forums


BSOD on restart Windows 8.1 0xc000021a WINLOGON_FATALERROR

  1. #11


    Posts : 1,883
    7601.18247.x86fre.win7sp1


    Ok, ya then it really is a rootkit driver, unfortunately. No normal driver would hide itself.

      My System SpecsSystem Spec

  2. #12


    Posts : 8
    Windows 8.1


    After searching for this rootkit I ran rootkit scans with various tools (kaspersky, bitdefender, mcafee) which specifically state that they scan for the MBR infection. None of them found infection in my PC. Are you sure that I have an infection in my computer? I don't want to reset everything for no reason. Again, thanks for the help even though this doesn't concern my original problem.
      My System SpecsSystem Spec

  3. #13


    Posts : 1,360
    Windows 8.1 Enterprise


    Allow me to clarify something.. If infact you are infected with a rookit you need to seek advice from an expert who is trained to deal with these things. This particular infection should be taken very seriously, it is not your average popup flash game. You can find many different guides on how to remove TDL4 across the internet. However, unless you are trained to know what to look for the infection will continue to return until its been removed by someone who knows what to look for. Several special tools are required in order to detect and completely remove the infection.

    You have two options.. You can attempt to remove it and risk loosing your security & privacy. OR you can reinstall everything and be assured that the infection gone.

    In my opinion the amount of time wasted cleaning the infection you would be better off reinstalling Windows. I have personally dealt with this rootkit and its not worth the time.

    Additionally, as per forums rules members are not allowed to discuss malware. You can find help here if you choose.. Virus, Spyware and Malware Removal | PC Help Forum
    Last edited by ectech; 18 Feb 2014 at 18:58.
      My System SpecsSystem Spec

  4. #14


    Posts : 8
    Windows 8.1


    Ok thank you all for your advice and help.
      My System SpecsSystem Spec

  5. #15


    Posts : 1,360
    Windows 8.1 Enterprise


    Your welcome, best of luck to you.

    If you encounter any more problems let us know.
      My System SpecsSystem Spec

  6. #16


    Posts : 8
    Windows 8.1


    One more thing actually, in order to specify your observation rikvm_3A60B698.sys Mon May 14 03:49:40 2012 (4FB0B914) in other forums which discuss malware issues, is it possible for you to tell me where exactly in the files I sent you is it found? And why is it dated at 2012? I bought this laptop less than a year ago. Thank you.
      My System SpecsSystem Spec

  7. #17


    Posts : 1,360
    Windows 8.1 Enterprise


    Of course, this information was contained within the crash dump file dated: 2/18/2014 @ 7:36A.M.

    This rootkit was discovered back in 2011. Their have been many different variants with updated components over the course of several years. It looks like the one you have is dated 2012 because that's when the file was created. Not necessarily when you were infected but rather when the file was created by its author.

    Code:
    fffff800`04e12000 fffff800`04e24000   X5XSEx_Pr148 X5XSEx_Pr148.Sys Thu Aug 02 08:51:27 2012 (501A77CF)
    fffff800`04e42000 fffff800`0548b000   rikvm_3A60B698 rikvm_3A60B698.sys Mon May 14 03:49:40 2012 (4FB0B914)
    fffff800`0548b000 fffff800`05499000   vwifimp  vwifimp.sys  Thu Aug 22 07:36:15 2013 (5215F7AF)
    fffff800`05499000 fffff800`054e4000   mrxsmb10 mrxsmb10.sys Thu Aug 22 07:35:42 2013 (5215F78E)
    fffff800`054e4000 fffff800`05501000   Ndu      Ndu.sys      Thu Aug 22 07:35:42 2013 (5215F78E)
    fffff800`05501000 fffff800`055aa000   peauth   peauth.sys   Thu Aug 22 07:36:07 2013 (5215F7A7)
    fffff800`055aa000 fffff800`055b5000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
    fffff800`055b5000 fffff800`055f8000   srvnet   srvnet.sys   Wed Sep 11 05:31:45 2013 (52303881)
    fffff800`05602000 fffff800`0569a000   srv      srv.sys      Sat Oct 05 07:01:15 2013 (524FF17B)
    fffff800`0569a000 fffff800`056c7000   tunnel   tunnel.sys   Thu Aug 22 07:35:45 2013 (5215F791)
    fffff800`056c7000 fffff800`056e8000   WudfPf   WudfPf.sys   Thu Aug 22 07:37:21 2013 (5215F7F1)
    fffff800`056e8000 fffff800`05726000   WUDFRd   WUDFRd.sys   Thu Aug 22 07:36:50 2013 (5215F7D2)
    fffff800`05726000 fffff800`0572f000   mshidumdf mshidumdf.sys Thu Aug 22 07:39:06 2013 (5215F85A)
    fffff800`0572f000 fffff800`05746000   aswStm   aswStm.sys   Tue Jan 21 12:18:41 2014 (52DEABF1)
    fffff800`0578c000 fffff800`0579a000   monitor  monitor.sys  Thu Aug 22 07:36:37 2013 (5215F7C5)
    fffff800`057ee000 fffff800`057f9000   rdpvideominiport rdpvideominiport.sys Thu Aug 22 07:38:52 2013 (5215F84C)
    fffff803`c4b70000 fffff803`c4b79000   kd       kd.dll       Thu Aug 22 07:40:43 2013 (5215F8BB)
    fffff803`c5a0c000 fffff803`c618d000   nt       ntkrnlmp.exe Wed Oct 30 18:52:12 2013 (52718D9C)
    fffff803`c618d000 fffff803`c61fc000   hal      hal.dll      Sat Sep 21 04:01:36 2013 (523D5260)
    fffff960`00008000 fffff960`00421000   win32k   win32k.sys   unavailable (00000000)
    fffff960`006aa000 fffff960`006b3000   TSDDD    TSDDD.dll    unavailable (00000000)
    fffff960`00911000 fffff960`0094c000   cdd      cdd.dll      unavailable (00000000)
      My System SpecsSystem Spec

  8. #18


    Posts : 7
    Windows 8


    can you please look into my problem too...

    BSOD ( windows takes too long to start )

    I was referred here by MasterChief but I'd want to have in depth analysis on my problem as well
      My System SpecsSystem Spec

  9. #19


    Posts : 1,883
    7601.18247.x86fre.win7sp1


    Quote Originally Posted by markgoimon View Post
    can you please look into my problem too...

    BSOD ( windows takes too long to start )

    I was referred here by MasterChief but I'd want to have in depth analysis on my problem as well
    In depth analysis = Killdisk, Windows install.
      My System SpecsSystem Spec

  10. #20


    Posts : 7
    Windows 8


    Quote Originally Posted by MasterChief View Post
    Quote Originally Posted by markgoimon View Post
    can you please look into my problem too...

    BSOD ( windows takes too long to start )

    I was referred here by MasterChief but I'd want to have in depth analysis on my problem as well
    In depth analysis = Killdisk, Windows install.
    Hi masterchief i have more questions on my thread can you reply on them I dont want to derail this thread since its not mine sorry for looking impatient
      My System SpecsSystem Spec

Page 2 of 2 FirstFirst 12
BSOD on restart Windows 8.1 0xc000021a WINLOGON_FATALERROR
Related Threads
BSOD error 0xc000021a while on Chrome in BSOD Crashes and Debugging
Hello guys, I was on chrome and all of a sudden I got a BSOD with the error code 0xc000021a Dump file attached, thanks for all your help in advance. This community has always been amazing at helping me fix my BSOD issues. I appreciate it! :) 57719 The full memory dump...
(BSOD) 0xc000021a, unable to boot in BSOD Crashes and Debugging
I would like to say I'm sorry in advance. I'm unable to use the required programs to neatly bundle and zip the crashlogs. This is my only computer in the house at the moment and I'm am only able to write this from a live usb of Unbutu I flashed at university. As the title suggests, I can't boot...
Solved Sporadic BSOD 0xC000021A at shutdown in BSOD Crashes and Debugging
As stated in title.
I've just started getting a lot of BSODs in Win 8.1. It started a day or so ago. I did install a second NIC for Hyper-V but I have removed that just to eliminate it from the equation.The crash is random, either away from the machine or working on it. Explorer crashes or hangs, ALL Browsers...
Solved BSOD on restartWindows 8.1 Pro 0xc000021a in BSOD Crashes and Debugging
I just upgraded my PC from Windows 7 to 8.1 and now I am getting BSOD with code 0xc000021a whenever I restart my PC. Please help! Many thanks
Hi I've been experiencing BSODs for the past week and was using Windows 8. As many system files was corrupted I thought it was causing by my faulty hard drive. So, I freshly installed Windows 8.1 Pro x64 on my PC. Then, I installed all required drivers, Avast! Free Antivirus, Comodo Firewall and...
Hello everyone, my friend has asked me to have a look at his HP "Envy" ultrabook running Windows 8, as it's stuck in a boot up "loop" whilst displaying an error code (0XC000021a) I had a bit of shock, when I found out it doesn't have a DVD drive! Cue, several hours reading up how to install...
Eight Forums Android App Eight Forums IOS App Follow us on Facebook