Browsers work but all other programs dont.

Page 3 of 3 FirstFirst 123

  1. Posts : 11
    windows 7 home premium 32bit
    Thread Starter
       #21

    Possible rootkit problem? - Geeks to Go Forums

    I ran AVG (nothing came up), Malwarebytes (came up with a few things that were auto set to delete and a lot that werent) and trend micro (terrible. took me 4 hours to actually get installed, and came up with nothing) i removed everything that was auto selected, if you recommend me removing the rest i can.

    to be more specific. the non selected files were PUP.rewardsarcade
      My Computer


  2. Posts : 166
    Windows
       #22

    It really depends on what the other scans found. PUPs aren't a big deal. Rootkits can be a pain to remove. Try doing a Scan Only with this Avast program then post the log. Don't let Avast repair anything if it finds something
      My Computer


  3. Posts : 11
    windows 7 home premium 32bit
    Thread Starter
       #23

    aswMBR version 0.9.9.1618 Copyright(c) 2011 AVAST Software
    Run date: 2012-02-18 08:41:54
    -----------------------------
    08:41:54.748 OS Version: Windows x64 6.1.7601 Service Pack 1
    08:41:54.748 Number of processors: 4 586 0x100
    08:41:54.750 ComputerName: BRANDON-HP UserName: Brandon
    08:41:57.089 Initialize success
    08:42:14.429 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000071
    08:42:14.432 Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 11
    08:42:14.442 Disk 0 MBR read successfully
    08:42:14.445 Disk 0 MBR scan
    08:42:14.448 Disk 0 Windows 7 default MBR code
    08:42:14.452 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
    08:42:14.463 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 592814 MB offset 409600
    08:42:14.498 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17362 MB offset 1214492672
    08:42:14.521 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 1250050048
    08:42:14.526 Service scanning
    08:42:39.765 Modules scanning
    08:42:39.774 Disk 0 trace - called modules:
    08:42:39.808 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys >>UNKNOWN [0xfffffa80069df2c0]<<sptd.sys amd_xata.sys ACPI.sys >>UNKNOWN [0xfffffa80060a92c0]<<storport.sys hal.dll amd_sata.sys
    08:42:39.814 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800720e060]
    08:42:40.146 3 CLASSPNP.SYS[fffff88001b5943f] -> nt!IofCallDriver -> [0xfffffa800704eb10]
    08:42:40.153 5 hpdskflt.sys[fffff88001b00189] -> nt!IofCallDriver -> [0xfffffa8006f4f630]
    08:42:40.160 \Driver\amd_xata[0xfffffa8006f4a9e0] -> IRP_MJ_CREATE -> 0xfffffa80069df2c0
    08:42:40.166 7 amd_xata.sys[fffff88001064a1d] -> nt!IofCallDriver -> [0xfffffa8006128d10]
    08:42:40.174 9 ACPI.sys[fffff88000f937a1] -> nt!IofCallDriver -> \Device\00000071[0xfffffa80061283c0]
    08:42:40.180 \Driver\amd_sata[0xfffffa80060f5060] -> IRP_MJ_CREATE -> 0xfffffa80060a92c0
    08:42:40.188 Scan finished successfully
    08:43:25.494 Disk 0 MBR has been saved successfully to "C:\Users\Brandon\Desktop\MBR.dat"
    08:43:25.503 The log file has been saved successfully to "C:\Users\Brandon\Desktop\aswMBR.txt"
      My Computer


  4. Posts : 166
    Windows
       #24

    You're infected with a rootkit and need to get that removed first. I'd rather not walk you through removing it over the internet since it's easy to run into a problem. Plus I have a lot of different tools here if something goes wrong. See how you make out on that other site and post back. I'm not sure if Sevenforums has a virus removal staff or procedure.
      My Computer


  5. Posts : 6,285
    Windows 10 Pro X64
       #25

    I've asked the malware folks at G2G to look at your post. They are very busy but hopefully someone will get to you soon. Rootkit's can be nasty.

    Edit: I see they finally got to you today. Sorry it took so long but malware is an epidemic any more and that site is very busy.
    Last edited by Ztruker; 20 Feb 2012 at 17:36.
      My Computer


 
Page 3 of 3 FirstFirst 123

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 18:34.
Find Us