Hi,
I was infected by the consvr.dll virus which was intercepting my web queries and redirecting my browser.
I managed to get rid of desktop.ini, ping.exe, consrv.dll.
When fixing the problem I also had the bsod problem after removing consrv.dll - but fixed it by editing the windows registry to change consrv.dll to winsrv from recovery console (as mentioned here http://www.bleepingcomputer.com/forums/topic400730.html/page__st__15__p__2271737#entry2271737)
So anyway, I’m basically virus free now - avast, avg, and malware anti-bytes all give clean bill of health when running scan.
However, there is still a persistent virus dropper somewhere that keeps dropping the consrv.dll into my C:\Windows\System32 folder, which Avast keeps putting it into the Virus Chest (as Win32:Sirefef-HO [Rtk]). It must have put it into the virus chest over 100 seperate times now.
So i’m not sure what is putting it there but something that disguises itself pretty well I guess.
Can anyone help?
Thanks,
J