Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Getting rid of rootkits without normal/safe mode

31 Aug 2013   #11
cottonball

Windows 7 Home Premium
 
 

You may not even have a RootKit...

Do you have the last report created by TDSSKiller?

Logs have a name/location like:
C:\TDSSKiller.2.4.7_23.10.2013_15.31.43_log.txt


My System SpecsSystem Spec
.
01 Sep 2013   #12
TomanMT

Windows 7 Home Premium 64bit
 
 

Okay so this is what Gparted found.
Could you tell me if there's any thing wrong and how to get rid of it?
Otherwise I ran kaspersky, Microsoft offline defender, and bitdefender. Bitdefender was the only one to find two Trojans, which I deleted even though I'm pretty sure they were false positives (from Skype and adw cleaner or something like that).
I have yet to run FRST, and will do so asap.


Attached Thumbnails
-img_20130901_131555.jpg  
My System SpecsSystem Spec
01 Sep 2013   #13
TomanMT

Windows 7 Home Premium 64bit
 
 

I have no idea what it is so I'm looking in any direction...
I recently ran kaspersky rescue disk so does that qualify?
What do you think it could be? The update still?
My System SpecsSystem Spec
.

01 Sep 2013   #14
cottonball

Windows 7 Home Premium
 
 

Do not see any partition in GParted with Flags: boot, hidden

Don't think there is a RootKit...

If you post the TDSSKiller report, as previously requested, and the Farbar Recovery Scan Tool, that will provide some enlightenment as to whether the problem is malware.
My System SpecsSystem Spec
02 Sep 2013   #15
TomanMT

Windows 7 Home Premium 64bit
 
 

I have attached the FRST text. How can I get the TDSSKiller log since I can't access safe mode?


Attached Files
File Type: txt FRST.txt (29.3 KB, 8 views)
My System SpecsSystem Spec
02 Sep 2013   #16
cottonball

Windows 7 Home Premium
 
 

You do not need to access Safe Mode to get the TDSSKiller report.

Logs have a name/location like:
C:\TDSSKiller.2.4.7_23.10.2013_15.31.43_log.txt

It is located in drive C: (or the drive where the Operating System is located)
My System SpecsSystem Spec
03 Sep 2013   #17
TomanMT

Windows 7 Home Premium 64bit
 
 

I have more logs, but I'm not sure they're necessary. I'll upload them if you like.
My System SpecsSystem Spec
03 Sep 2013   #18
cottonball

Windows 7 Home Premium
 
 

Don't see a rootkit in those reports.

On the Safe Mode issue...

At this point, are you able, or, not able to boot to Safe Mode?

What happens if you try to do so?
My System SpecsSystem Spec
04 Sep 2013   #19
TomanMT

Windows 7 Home Premium 64bit
 
 

No I can't boot into safe mode. Previously, it would just get stuck on the welcome screen, with the wheel spinning and freezing at points. When I tried booting normally I got a message saying that the user service profile couldn't log on or something like that, so searching this problem on the internet I created an administrator account. Now when booting into safe mode it will load into the background but there is no toolbar or icons. I can log in with cmd, but it doesn't work. I can type things in and move around the screen, but actual commands freeze everything and once unfrozen don't do anything.
My System SpecsSystem Spec
04 Sep 2013   #20
cottonball

Windows 7 Home Premium
 
 

As of right now, what happens if you log in normally to your regular account?

Do you still get:
"User Profile Service failed the logon"


See if you can open a Command Prompt:
Start > All Programs > Accessories > Command Prompt

Once Command Prompt is open, copy (highlite with mouse and select: Copy) the command that follows, and at the blinking cursor, click to the right of it, and select Paste:

Code:
wmic useraccount get name,sid
Press: Enter
Please provide the results by clicking on the icon on the upper left frame of the Command Prompt, and selecting Edit > Select All
Once again, do the same and select: Edit > Copy
Open Notepad, and provide the results in your reply.


Also, at the Command Prompt type:

Code:
set userprof
Please provide the results as above.
My System SpecsSystem Spec
Reply

 Getting rid of rootkits without normal/safe mode




Thread Tools




Similar help and support threads
Thread Forum
Win7 Prof no desktop or icons in normal mode; safe mode okay
Lenovo Laptop Windows starts normally, but after login displays a black screen with only cursor showing. Mouse is okay, ctrl-alt-del opens a window and task manager works okay. Safe mode with networking works normally. Restored from to a restore point prior to an install of "proformax...
General Discussion
BSOD BCCode 50. freezes in normal mode, works fine in safe mode
laptop has been randomly freezing. cursor disappears no keyboard function. only thing to do is manual shutdown. Now getting a BSOD error 50. any help?
BSOD Help and Support
Windows doesn't login properly in normal mode but fine in safe mode
Hi, I got win 7 home premium 64 bit on an i3 laptop. My system worked fine until today morning. The problem is this; When I boot the system in normal mode, I get to the part where I need to enter my password to login. Once i do that, all I get is a black screen with the mouse pointer that...
General Discussion
Explorer running slow in normal mode, fine in safe mode.?
Hey guys I've checked through some of the tuts and what-not on this forum and still can't find a way to get me out of trouble.. i turned my computer on yesterday (23rd September) and there was an automatic update. Ever since the update my computer has been extremely slow (will take several minutes...
Performance & Maintenance
Windows Normal Mode Crashes to BSOD and Safe Mode doesn't load
I need some help please as I do not know where to start. I installed a Windows Update a few days ago and then got a BSOD the next time I turned my PC on. So I did a system recovery and this seemed to work. Now, it's happened again without me doing a Windows Update and I cannot get into...
BSOD Help and Support
Poor upload speed in normal mode, fine in safe mode
My speedtest.net performance is 30 Mbps download, and between 0.3 and 2.0 Mbps upload. If I start in safe mode with netorking, I get download and upload speeds of 25-30, my contracted speeds. Obviously, something loading in the full mode interferes with upload speed. I have tried restarting in...
Network & Sharing


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 17:08.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App