Results 1 to 8 of 8

Thread: Rootkit removal computer fails to start

  1. #1
    Join Date
    Sep 2010
    Posts
    305
    Mentioned
    0 Post(s)
    Quoted
    3 Post(s)

    Default Rootkit removal computer fails to start

    Well, i haven't been around here lately, but i know no other place that well enough that would be able to help me in this issue.

    I have been having problems with my computer recently, which runs windows 7. One day, my computer restarted itself and went into system repair and i was unable to recover it without revirting to the factory image. After that was done, i began to put everything on the computer that i had on before the new image. It turns out that there was still a virus on it.

    A virus at one point was one of the fake protection softwares that says you have 120938 viruses on your computer, or some bullshit, and blocks everything until you buy it. I was able to get rid of that, but i ran into another problem that stopped me from running anything on the computer after it loaded. I wanted to look up how to fix that problem, but my dad bought it back to a restore point (i think a point after the software virus).

    Since those problems, i have had some other minor issues. I have a lot of anti-spyware and stuff running scans regularly to try to find things, but a was still having some problems. There seemed to be a lot more "bad" cookies, like fastclick and zedo, that i wasn't getting before and i was regularly getting rid of them. I was always having some of my google searches being redirecting. After searching around for the problem, i was able to determine it had something to do with a TDSS virus (might have spelled wrong, but looks like that). I used AVG to run a rootkit scan and it found a file along those lines in the MBR. I used it to get heal/remove it and then i did a restart.

    Now, i wasn't doing this part myself, but dad was who know more about computers. He said that it loaded and he was running programs to try and clean up anything left, so that i wouldn't have anymore problems. He said Norton made changes to the registry, which could have caused this now current problem i have.

    When the computer was restarted again after all the scans and whatnot, windows started loading and right after the little colorful windows loadup graphic, or whatever it is, i got BSOD that came up for less than a second and it restarted to go to a system repair. System repair didn't fix anything and i am unable to restore it.

    Right now, i am using Knoppix to see if i can fix anything, but i really know nothing about linux. I am trying to avoid loading windows from the disk because i'm trying to keep my files and all.

    Sorry for the long post and thanks to anyone that actually reads it. I believe these were all the details of the shit that has been going on, but if you have any questions let me know and i can check for you. If i'm in the wrong section just let me know and i'll copy paste it to another.

  2. #2
    Join Date
    Nov 2007
    Location
    46696E6C616E64
    Posts
    3,069
    Mentioned
    44 Post(s)
    Quoted
    302 Post(s)

    Default

    So, if I got this right, you can't transfer your files to an external hdd because the virus follows? If so, you could temporarily install linux and transfer the files there, format the hdd, re-transfer the files there, format your computer, install Windows 7, copy your files.
    There used to be something meaningful here.

  3. #3
    Join Date
    Sep 2010
    Posts
    305
    Mentioned
    0 Post(s)
    Quoted
    3 Post(s)

    Default

    Quote Originally Posted by Frement View Post
    So, if I got this right, you can't transfer your files to an external hdd because the virus follows? If so, you could temporarily install linux and transfer the files there, format the hdd, re-transfer the files there, format your computer, install Windows 7, copy your files.
    Either it follows, or it isn't wiped out with the factory image, which was the one on the hdd and not the CD the first time we did it. I am trying to see if there is a way to fix it up and not reinstall windows. I ordered another hdd as a backup and to use to transfer files, which is coming in Friday i believe, so i have until then to see if i can fix anything. Sadly, it seems that my only option might be to reinstall windows.

  4. #4
    Join Date
    Nov 2007
    Location
    46696E6C616E64
    Posts
    3,069
    Mentioned
    44 Post(s)
    Quoted
    302 Post(s)

    Default

    Quote Originally Posted by blother View Post
    Either it follows, or it isn't wiped out with the factory image, which was the one on the hdd and not the CD the first time we did it. I am trying to see if there is a way to fix it up and not reinstall windows. I ordered another hdd as a backup and to use to transfer files, which is coming in Friday i believe, so i have until then to see if i can fix anything. Sadly, it seems that my only option might be to reinstall windows.
    I had a good rootkit removal program from some blackhat guy, I don't remember the name, and its not really available from google. The guy who made it had a blog, I found it when I searched for anti-debugging code.

    EDIT: Have you checked this? http://www.gmer.net/
    There used to be something meaningful here.

  5. #5
    Join Date
    Jun 2008
    Location
    Somewhere
    Posts
    117
    Mentioned
    2 Post(s)
    Quoted
    4 Post(s)

    Default

    Your best bet it just to reinstall windows, you may not want to but it may fix the problem and make your life alot easier.

    O and what did you download that gave you those problems?

  6. #6
    Join Date
    Sep 2010
    Posts
    305
    Mentioned
    0 Post(s)
    Quoted
    3 Post(s)

    Default

    Quote Originally Posted by Frement View Post
    I had a good rootkit removal program from some blackhat guy, I don't remember the name, and its not really available from google. The guy who made it had a blog, I found it when I searched for anti-debugging code.

    EDIT: Have you checked this? http://www.gmer.net/
    Apperantly AVG said it got rid of the rootkit, but i would still like to try that. How would i use it though since i cant start up even through safe mode?

    Right now, i am trying to reset the registry back to its default because i think norton changed some things, but i'm not having luck with that right now.

  7. #7
    Join Date
    Nov 2007
    Location
    46696E6C616E64
    Posts
    3,069
    Mentioned
    44 Post(s)
    Quoted
    302 Post(s)

    Default

    Do you have a restore disk? Use that, or just make a fresh install.
    There used to be something meaningful here.

  8. #8
    Join Date
    Sep 2010
    Posts
    305
    Mentioned
    0 Post(s)
    Quoted
    3 Post(s)

    Default

    Quote Originally Posted by Frement View Post
    Do you have a restore disk? Use that, or just make a fresh install.
    I can dock the hdd to another computer. Can i run it from there?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •