windows 7 won't start

[Kristijonas]

Hello, I have a PC that's only 1 month old, with full windows 7 updates. I was playing a game on it (eve online), no other processes in the background. Then suddenly the PC restarts. But it doesn't start and instead tries to startup repair and fails. Then I inserted windows 7 DVD and tried last known good configuration and system restore. Both failed...
Is there any way I can restore my windows without losing files? Please help

 

[Kristijonas]

I have found a (weird) solution. Let me share it here if someone will be looking for in the future: After BIOS loaded, I pressed f8 and boot menu appeared. I selected "disable enforce driver signature". Strangely - it worked! Safe mode, system restore, startup repair - all didn't work. But disabling driver signature have. No idea how to fix the problem from this point though. Running Malwarebytes' Anti-Malware now.

 

[Kristijonas]

I have found the cause of this problem. I will share it here in case someone needs it in the future. It was a TDSS virus. It's invisible to both microsoft essentials and malware bytes! Luckily, there's a killer for it:

http://answers.microsoft.com/en-us/...in-order/0b1973a8-ebba-48a0-b71c-9ab8b58aca43

http://threatinfo.trendmicro.com/vinfo/articles/securityarticles.asp?xmlfile=111209-TDSS.xml

Google is the best antivirus. And thanks to Kasperski.

 

[ViRGE]

Although your system is probably fine, I would strongly suggest wiping it and starting anew anyhow. With a rootkit like TDSS, you can never be sure you've actually removed it, since by virtue of being a rootkit it can hide from the OS. So your system may still be compromised without your knowing it.

 

[Kristijonas]

A good point. I'm too lazy to move files around and do a windows reinstall, so I'm scanning with three different anti-viruses now and will keep one or two on always. That should be enough to contain the virus even if it's still in the system. Though I have a feeling the system is clear now.

 

[FishAk]

Make sure to run TDSS Killer in Safe Mode. That will give the best chance of getting rid of it.

When you get back up and running, save yourself some heartache in the future by making an image set of your OS partition. With a good image, you can have your system restored in about 20 minuts.

By creating a partition at the end of your drives, you can make a safe place to keep images. If you use TrueCrypt to encrypt the partition, no virus could legibly overwrite your image files while the partition is not mounted. If you remove the drive letter from the partition, it will only show up in Explorer when it's mounted with TrueCrypt.

A virus could potentially overwrite data in the partition, but it would just be gibberish. In other words, it could destroy images, but not insert itself into them.

 

[CU]

Would UAC set to highest setting prevent you from getting TDSS or other root kits? Did the OP have UAC turned on?

 

[Kristijonas]

What is UAC?

 

[ViRGE]

User Account Control, Microsoft's name for running applications with standard user privileges by default regardless of whether the user is an admin.

 

[VirtualLarry]

The newest TDSS is an MBR infector, so I hear. Best to thoroughly wipe the HD (DBAN etc).

Simply re-installing Windows overtop won't kill it.

 

[Emulex]

yeah general rule of thumb- if you are infected - take the drive and put it in enclosure and copy off the files you need, nuke it completely (MBR/FULL FORMAT) and re-install form your last good backup.

no excuses for not making backups.