Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › BSOD upon any rootkit scan?
New Posts  All Forums:Forum Nav:

BSOD upon any rootkit scan?

post #1 of 34
Thread Starter 
Kind of lost here, if I do any sort of rootkit scan AVG or malewarebytes I will almost instantly get a BSOD, even under safe mode. Also my windows update is not updating it fails for the past while I just never knew of it until recently. Last time I tried to update, yesterday, my computer would no longer boot i ended up using the windows 7 disk and it repaired, but it didn't the first few tries. I've tried the sfc /scannow aswell. I am kind of at a loss. I used CCleaner and I feel like many bad things have happened since using it yesterday. It will remove some things and more come, I did backup my registry before hand. Somehow something got installed yesterday that installed a bunch more things, I forget what they were like Driver Support and whatnot I got it removed I think, Driver Support still shows up in the uninstall programs but I deleted all the files of it I could find and tried the uninstall but it won't work. Soo I am kind of confused and I don't get why windows update was not working in the first place.

I would occasionally get a BSOD before while gaming or just whenever but never got a chance to save everything from the BSOD but I believe this is what I had been getting even before updates were failing, hasn't updated correctly since 3/18/14. I will try to do a system restore to get before that point and see what happens but I am pretty lost right now.

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.256.48
Locale ID: 1033

Additional information about the problem:
BCCode: deaddead
BCP1: 1000000000000000
BCP2: FFFFF8000268CB51
BCP3: C1FF480F74A748F3
BCP4: 0000000000000000
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\033014-45864-01.dmp
C:\Users\John\AppData\Local\Temp\WER-59592-0.sysdata.xml

Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt



Also the failures for windows update sayings Code 800F0826. Trying to google it now and figure out what's going on.
Turd
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD 1055t Crosshair IV Formula 2x SLI EVGA GTX 470 G Skill Eco 1600 8G 
Hard DriveOptical DriveOSMonitor
Samsung F3 1tb Samsung blu-ray combo Win 7 64 bit Pro LG E2750VR-SN 27" 
KeyboardPowerCaseMouse
Razer Lycoas XFX 850 Antec 1200 Razer Lachesis 
Mouse Pad
Razer Goliathus 
  hide details  
Reply
Turd
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD 1055t Crosshair IV Formula 2x SLI EVGA GTX 470 G Skill Eco 1600 8G 
Hard DriveOptical DriveOSMonitor
Samsung F3 1tb Samsung blu-ray combo Win 7 64 bit Pro LG E2750VR-SN 27" 
KeyboardPowerCaseMouse
Razer Lycoas XFX 850 Antec 1200 Razer Lachesis 
Mouse Pad
Razer Goliathus 
  hide details  
Reply
post #2 of 34
have you tried a command prompt level scan from 'combofix' it is pretty good at sniffing out root kits.
12 Thread i7x
(17 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 3960X Rampage IV Extreme XFX Vega64 WC - RX-VEGMXWFXW G.Skil F3-170000CL9-4GBZH Ripjaws Z DDR3 2133 
Hard DriveHard DriveOptical DriveCooling
Samsung SSD 840 EVO WD WD30EFRX Samsung DVDWBD SH-B123L Corsair H80 
OSMonitorMonitorMonitor
Windows 10 Pro 64Bit Samsung U28E590D Vizio 22" M220VA Vizio 22" E220VA 
KeyboardPowerCaseMouse
Overclock.net Edition Ducky 1087 10 Key-less Bl... XFX-850 Black Edition HAF - 932 Black Edition Cooler Master Storm Inferno 
Mouse Pad
World of Warcraft Cataclysm Collectors Edition 
  hide details  
Reply
12 Thread i7x
(17 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 3960X Rampage IV Extreme XFX Vega64 WC - RX-VEGMXWFXW G.Skil F3-170000CL9-4GBZH Ripjaws Z DDR3 2133 
Hard DriveHard DriveOptical DriveCooling
Samsung SSD 840 EVO WD WD30EFRX Samsung DVDWBD SH-B123L Corsair H80 
OSMonitorMonitorMonitor
Windows 10 Pro 64Bit Samsung U28E590D Vizio 22" M220VA Vizio 22" E220VA 
KeyboardPowerCaseMouse
Overclock.net Edition Ducky 1087 10 Key-less Bl... XFX-850 Black Edition HAF - 932 Black Edition Cooler Master Storm Inferno 
Mouse Pad
World of Warcraft Cataclysm Collectors Edition 
  hide details  
Reply
post #3 of 34
That's what's known as a manually initiated crash, basically the rootkit detects the rootkit scan and crashes purposely. You will likely need to boot to something else to have any real chance of removing it. My advice is to wipe the drive and install Windows from scratch, even if at some point you believe you've managed to remove it, my advice remains the same.
post #4 of 34
Thread Starter 
That is what I was thinking my options were, basically nothing and do a clean install lol. I don't even know where it came from I don't even watch porn on this computer! Ofcourse my porn depths of the internet whatever viewing computer is free and clear. What are my options as far as saving the programs and whatnot I DO have on there? Most of my games were installed in a different partition anyways. Kind of worried now because the computer with the rootkit is the one I pay ALL my bills with and do everything like that on....
Turd
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD 1055t Crosshair IV Formula 2x SLI EVGA GTX 470 G Skill Eco 1600 8G 
Hard DriveOptical DriveOSMonitor
Samsung F3 1tb Samsung blu-ray combo Win 7 64 bit Pro LG E2750VR-SN 27" 
KeyboardPowerCaseMouse
Razer Lycoas XFX 850 Antec 1200 Razer Lachesis 
Mouse Pad
Razer Goliathus 
  hide details  
Reply
Turd
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD 1055t Crosshair IV Formula 2x SLI EVGA GTX 470 G Skill Eco 1600 8G 
Hard DriveOptical DriveOSMonitor
Samsung F3 1tb Samsung blu-ray combo Win 7 64 bit Pro LG E2750VR-SN 27" 
KeyboardPowerCaseMouse
Razer Lycoas XFX 850 Antec 1200 Razer Lachesis 
Mouse Pad
Razer Goliathus 
  hide details  
Reply
post #5 of 34
Hahahaha, you don't need to watch porn to get malware; the easiest person to infect with malware is the average person that uses a search engine.

I'd store a copy of the documents and files you need to keep on a USB drive etc. then I recommend you just wipe every drive and everything on that machine using DBAN. You shouldn't keep any games, programs, tools, apps, executables etc. etc. etc. since they can just be modified to reinstall the malware every time that they're run. Once that's been done, install Windows and make sure you've got good security software installed and configured before you even consider putting your documents on the machine. The next thing I'd do is change passwords on everything.
Edited by Bearybear - 3/30/14 at 6:25pm
post #6 of 34
Thread Starter 
From what i've been reading AVG is no longer the way to go anymore either. Such a pain this will be. And it had to happen at the end of the month where I need a secure computer to pay all my bills too.... I hardly even do anything on this computer but play games... Good thing I bought 32gb usb drives I suppose ill get a list of all the programs I have/want put it all on a text document or something and save it. Don't really have anything I need as far as programs.
Turd
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD 1055t Crosshair IV Formula 2x SLI EVGA GTX 470 G Skill Eco 1600 8G 
Hard DriveOptical DriveOSMonitor
Samsung F3 1tb Samsung blu-ray combo Win 7 64 bit Pro LG E2750VR-SN 27" 
KeyboardPowerCaseMouse
Razer Lycoas XFX 850 Antec 1200 Razer Lachesis 
Mouse Pad
Razer Goliathus 
  hide details  
Reply
Turd
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD 1055t Crosshair IV Formula 2x SLI EVGA GTX 470 G Skill Eco 1600 8G 
Hard DriveOptical DriveOSMonitor
Samsung F3 1tb Samsung blu-ray combo Win 7 64 bit Pro LG E2750VR-SN 27" 
KeyboardPowerCaseMouse
Razer Lycoas XFX 850 Antec 1200 Razer Lachesis 
Mouse Pad
Razer Goliathus 
  hide details  
Reply
post #7 of 34
I personally recommend Bitdefender Antivirus Free Edition, Malwarebytes Anti-Malware Premium (now includes anti-rootkit haha) and Microsoft Enhanced Mitigation Experience Toolkit. If you are using/going to use Windows 7 I also recommend installing Kaspersky Security Scan (free). You should also always leave UAC enabled at the highest setting.
post #8 of 34
Quote:
Originally Posted by Johnn999 View Post

What are my options as far as saving the programs and whatnot I DO have on there? Most of my games were installed in a different partition anyways. Kind of worried now because the computer with the rootkit is the one I pay ALL my bills with and do everything like that on....

Quote:
Originally Posted by Bearybear View Post

I'd store a copy of the documents and files you need to keep on a USB drive etc. then I recommend you just wipe every drive and everything on that machine using DBAN. You shouldn't keep any games, programs, tools, apps, executables etc. etc. etc. since they can just be modified to reinstall the malware every time that they're run.

I agree: don't save your programs, because executables can be infected to make sure that the malware persists. I've seen malware that modifies every .exe on a system so that whenever any program is opened, it first checks to see if the malware is running. If it's not, then it starts it up. If it is, then it just opens up the normal program like nothing ever happened. In both cases, the fact that the malicious code is being run first is completely unseen to the user.

By the way, does windows 7 do any type of code signing for programs? You might be able to tell if they've been modified by verifying code signatures. I've patched some apps in OSX, and a warning is generated in the Console every time it is opened.
post #9 of 34
9 hours?! what are you scanning?
post #10 of 34
Thread Starter 
Heck idk i just put dban on a usb drive put it in and did the autonuke....
Turd
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD 1055t Crosshair IV Formula 2x SLI EVGA GTX 470 G Skill Eco 1600 8G 
Hard DriveOptical DriveOSMonitor
Samsung F3 1tb Samsung blu-ray combo Win 7 64 bit Pro LG E2750VR-SN 27" 
KeyboardPowerCaseMouse
Razer Lycoas XFX 850 Antec 1200 Razer Lachesis 
Mouse Pad
Razer Goliathus 
  hide details  
Reply
Turd
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD 1055t Crosshair IV Formula 2x SLI EVGA GTX 470 G Skill Eco 1600 8G 
Hard DriveOptical DriveOSMonitor
Samsung F3 1tb Samsung blu-ray combo Win 7 64 bit Pro LG E2750VR-SN 27" 
KeyboardPowerCaseMouse
Razer Lycoas XFX 850 Antec 1200 Razer Lachesis 
Mouse Pad
Razer Goliathus 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Windows
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › BSOD upon any rootkit scan?