1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Rootkit locked me out my system!

Discussion in 'Virus & Other Malware Removal' started by chibixai, Jul 17, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. chibixai

    chibixai Thread Starter

    Joined:
    Jul 17, 2012
    Messages:
    9
    Hello, I had an issue with a few rootkits, I had webroot's everything program remove them and upon rebooting after removal, windows 7 no longer boots past the flag. I have tried chkdsk, startup repair, system restore and nothing is working!

    problem Signature:
    event name: StartupRepairOffline
    01: 6.1.7600.16385
    02: 6.1.7600.16385
    03: unknown
    04: 21200181
    05: AutoFailover
    06: 8
    07: NoRootCause
    OS Version: 6.1.7601.2.1.0.256.1
    Locale ID: 1033

    Safe mode won't even load since the second it gets to the "Loading Windows" flag, it restarts the computer.

    I can't do ANYTHING and I absolutely CAN NOT format or I will lose some very important files that I was stupid enough to not back up.
    What do I do? :'(
     
  2. etaf

    etaf Wayne Moderator

    Joined:
    Oct 2, 2003
    Messages:
    55,917
    you could try ubuntu and run as a standa lone operating system and see if you can get the data off - otherwise this needs to be in the malware forum to see if you can get one of the experts check and remove the virus if still on the pc

    have a read here and post all the logs requested - i will then move to virus /malware forum
    http://forums.techguy.org/virus-other-malware-removal/943214-everyone-must-read-before-posting.html

    ------------------------------------------------------------------------

    UBUNTU Stand Alone CD

    NOTE : version Ubuntu 12.04

    It may be possible to boot from another Operating System
    This will at least test the Hardware and also see if you can see the Harddrive and possibly get data off.

    If you have another PC with a cdwriter and spare CD
    goto http://www.ubuntu.com/ and download the ISO http://www.ubuntu.com/desktop/get-ubuntu/download

    You can also run from a USB device now - if the Machine supports booting off a USB Stick
    http://www.ubuntu.com/desktop/get-ubuntu/download

    full details are here (Note this is for version 9 - so the start up options are slightly different )
    http://www.howtogeek.com/howto/wind...backup-files-from-your-dead-windows-computer/

    click on the image "download ubuntu"
    Select a location
    then begin download
    Save the file onto your PC – remember where you saved it – so you can find it again to create the image bootable CD.

    You do NOT copy the ISO file onto a CD - you have to use the ISO to create a bootable CD
    The CD creator software you have on the PC may have an option to create an image from an ISO
    If not - use this free program http://www.imgburn.com/ - Choose the option Write image file to disc
    OR
    you can use this stand alone ISO Burner to burn the ubuntu onto CD ftp://terabyteunlimited.com/burncdcc.zip

    When the UBUNTU CD boots - you will see a screen - with Language on the left panel and two option images labelled

    == > Try ubuntu
    == > Install ubuntu

    You can try Ubuntu without making any changes to your computer, directly from this CD

    Use "Try ubunto" ONLY this option this will run from the CD and not install onto your harddrive - be careful, if you do install onto the PC - you will wipe the data and software OFF your hard drive.., so repeat only use option 1

    Now you should see a UBUNTU desktop
    This at least proves the main parts of the PC are working

    You may see your Harddrive on the desktop - if not have in look in the places on the tool bar at the top of the screen.

    If you can see your harddrive – see if you can find the your datafiles –
    XP look in “documents and settings” under the user name you had on the PC
    Vista/Windows 7 look in “user” under the user name you had on the PC

    Now if you have a USB flash drive or external harddrive – you should be able to copy your data from the harddrive onto the USB device

    ----------------------------------------------------------
     
  3. chibixai

    chibixai Thread Starter

    Joined:
    Jul 17, 2012
    Messages:
    9
    Thank you, I'll give this Ubuntu thing a try.
    I completely missed the malware forum, sorry for posting in the wrong place. In such a panic. Been tearing my hiar out over this for hours :'(
     
  4. etaf

    etaf Wayne Moderator

    Joined:
    Oct 2, 2003
    Messages:
    55,917
    ok i will move when i see the logs

    with ubuntu - do take care and do not panic and do things quickly - just us the try option - DO NOT install otherwise you will have no data and no windows
     
  5. chibixai

    chibixai Thread Starter

    Joined:
    Jul 17, 2012
    Messages:
    9
    Etaf, I cant provide any logs for the broken pc, its locked out of windows. Would I have to run that program when Ubuntu is running since I can't get into windows without it?
     
  6. etaf

    etaf Wayne Moderator

    Joined:
    Oct 2, 2003
    Messages:
    55,917
    No

    I will move to the virus forum now and lets see what they think - the downside is that its a busy forum and only specialist are allowed to answer - so it takes a while fro a reply - if you don't get a reply in 48hrs post a new reply to bring to top of the forum.

    is ubuntu working and are you able to get your data off
     
  7. chibixai

    chibixai Thread Starter

    Joined:
    Jul 17, 2012
    Messages:
    9
    I'm just creating the iso pendrive, and biting my nails the entire way.
    I will respond again soon with either many many tears or many many thanks.

    As soon as I can get to my files and save them happily I'll just format it and hope for the best.


    EDIT: Ok. So I have ubuntu in and before I could actually select an option it burst into this scrolling wall of code. but now it is sat there doing nothing and the bottom line says "Parsing VBIOS init table 2 at offset 0x8C88" :S it hasn't moved at all for the past few minutes. No desk top or nothing.

    :'(
     
  8. etaf

    etaf Wayne Moderator

    Joined:
    Oct 2, 2003
    Messages:
    55,917
    will the machine support USB booting?
     
  9. chibixai

    chibixai Thread Starter

    Joined:
    Jul 17, 2012
    Messages:
    9
    it does indeed, except every time I run ubuntu's iso thingy, it gets a little bit further in the coding, it got to table 3 the second time, then stopped

    and just now table 3 0x8C92.

    I think it must hate me.

    Will try running it again and see if it gets any further this time

    EDIt: It didn't get any further, but it does say

    Ox8A2D: Failed Parsing init table ocp
    ode: INIT_I2C_LOG_IF -19

    id that maes any sence to you. I think it just won't work
     
  10. etaf

    etaf Wayne Moderator

    Joined:
    Oct 2, 2003
    Messages:
    55,917
    ok - not tried the USB boot - only from CD and dont get any writing like that

    whats the make and model of the pc - it may have some hardware diagnostics built in you could run
     
  11. chibixai

    chibixai Thread Starter

    Joined:
    Jul 17, 2012
    Messages:
    9
    It's a PC-Specialist(.co.uk) custom build.
    I'm downloading the 64bit version of ubuntu to give that a try. I can only hope that that will work :'(

    The computer I only got in April, so I don't want to have to void the warranty by taking the HDD out and backing up the manual way. But I wonder if that is what I'll have to do in the end :(

    All this just because my speakers were playing arabic adverts :(

    Processor (CPU): Intel® Core™i5-2500 Quad Core (3.30GHz, 6MB Cache) + HD Graphics
    Motherboard: ASUS® P8H61-M LE/USB3 (NEW REV 3.0): M-ATX, USB 3.0, SATA 3.0Gb/s
    Memory (RAM): 8GB SAMSUNG DUAL-DDR3 1333MHz (2 X 4GB)
    Graphics Card: 2GB NVIDIA GEFORCE GTX 560 - 2 DVI,HDMI,VGA - 3D Vision Ready

    Operating System: Genuine Windows 7 Home Premium 64 Bit
     
  12. etaf

    etaf Wayne Moderator

    Joined:
    Oct 2, 2003
    Messages:
    55,917
    might be worth try a CD - if you have one
     
  13. chibixai

    chibixai Thread Starter

    Joined:
    Jul 17, 2012
    Messages:
    9
    Sadly I don't have access to any dvd's and my cd's are only 700mb. The files are both over 700mb :(

    The 64x version also isn't working :'(

    EDIT: Got my ands on a couple of dvd's. All it does is sit there as a black screen with a little tiny white flashing bar in the top left of the screen. Going to try the 64x disk now too.
     
  14. etaf

    etaf Wayne Moderator

    Joined:
    Oct 2, 2003
    Messages:
    55,917
    i created 12.04 onto a CD OK and booted using imgburn

    lets see what a virus guru thinks
     
  15. chibixai

    chibixai Thread Starter

    Joined:
    Jul 17, 2012
    Messages:
    9
    Hiya Etaf! I got it working, after a bit of google mooching, I found that it needed to load via the nomodeset.

    Ahh! <3 I have my files back! I have them on emergency back up and then will attempt a format of the computer.

    Thank you ever so uch! You have really saved my life! I was on the verge of tears with worry since it's full of my degree work :S
    I have learned one heck of a valuable lesson today!

    Thank you ever so much for all your help, Etaf!! :D
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1061385