Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

RootKit Infection Problem [Moved]


  • Please log in to reply
4 replies to this topic

#1 Jade13

Jade13

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:35 PM

Posted 13 December 2009 - 08:09 PM

I still have not been able to use the computer I want to fix for over 6 months. I was finally able to email the link from another computer and able to download "RootRepeal" on my desk top (not the Netbook I am typing on, but my Dell).

First, how do I find my old posts? I believe they are under "XP" but is there a way to scan under "topic Starter"? I can never find my own posts. Thanks.

Second. When I open "RootRepeal" (Left click twice), the options are "Run" or Cancel, there is no "Scan" option. However, nothing seems to happen (or nothing that I can see) I left click twice.

Help. I do not want to have to purchase a new computer.

Note, I did download the recommended Primary Mirror. No boxes open to check any options.

This is very frustrating.

Is this fixable or will I need to use a windows disk, etc?

Thanks



post Nov 3 2009, 07:57 PM
Post #1




Group: Members
Posts: 7
Joined: 3-November 09
Member No.: 398,258




How do I fix this error?

"The application or DLL C:\WINDOW\system32\lofiketo.dll is not a valid Window image. Please check this against your installation diskette"?

Is this fixable without reformatting my hard drive?

I tried going back to the furthest restore point, but no success. My initial problem was that I was out of disk space, but I was able to move or delete files so this is my only remaining issue.

I have a Dell Dimension E310, and orange Disk "Operating System", Blue Disk "Applications ("for reinstalling Dell systems software") and Blue Disk "Drivers and Utilities". All are dated 2004 or 2005.

I would like to fix without reformatting and loosing files.

Thanks!

This post has been edited by garmanma: Nov 3 2009, 08:20 PM
Go to the top of the page


+Quote Post

garmanma
View Member Profile
Add as Friend
Send Message
Find Member's Topics
Find Member's Posts

post Nov 3 2009, 08:25 PM
Post #2


Computer Masochist
******

Group: Moderator
Posts: 23,529
Joined: 27-January 07
From: Cleveland, Ohio
Member No.: 108,618




More likely than not you have a rootkit infection
It will take time

We Need to check for Rootkits with RootRepeal

1. Download RootRepeal from the following location and save it to your desktop.
* Direct Download (Recommended)
o Primary Mirror
o Secondary Mirror
o Secondary Mirror
o Secondary Mirror
* Zip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
o Primary Mirror
o Secondary Mirror
o Secondary Mirror
* Rar Mirrors - Only if you know what a RAR is and can extract it.
o Primary Mirror
o Secondary Mirror
o Secondary Mirror
2. Extract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).
3. Open on your desktop.
4. Click the tab.
5. Click the button.
6. Check all seven boxes:
7. Push Ok
8. Check the box for your main system drive (Usually C:), and press Ok.
9. Allow RootRepeal to run a scan of your system. This may take some time.
10. Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.



----------------------------------

Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to High

Also try: right-click on rootrepeal.exe and rename it to tatertot.scr

BC AdBot (Login to Remove)

 


#2 Jade13

Jade13
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:35 PM

Posted 13 December 2009 - 08:36 PM

When I clicked again it said a scan was in progress. I also have the option to scan with Macafee or Scan with Malwarebytes Anti-Malware (recommended by someone who directed me to this web site).

Another option when I right click on the "RootRepeal" icon is to "unpin" from start menu. Well, computer said it was scanning when I clicked on "Rootrepeal" but I don't see anything happening.

Edited by Orange Blossom, 13 December 2009 - 10:26 PM.
Remove unnecessary quote. ~ OB


#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,943 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:35 PM

Posted 13 December 2009 - 10:24 PM

Hello,

I am moving this topic to the Am I Infected forum from the XP forum.

As for how to find previous posts, please read this topic: http://www.bleepingcomputer.com/forums/t/110360/how-to-find-your-previous-posts-topics/

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#4 Jade13

Jade13
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:35 PM

Posted 20 December 2009 - 10:36 AM

I still have not been able to use the computer I want to fix for over 6 months. I was finally able to email the link from another computer and able to download "RootRepeal" on my desk top (not the Netbook I am typing on, but my Dell).

First, how do I find my old posts? I believe they are under "XP" but is there a way to scan under "topic Starter"? I can never find my own posts. Thanks.

Second. When I open "RootRepeal" (Left click twice), the options are "Run" or Cancel, there is no "Scan" option. However, nothing seems to happen (or nothing that I can see) I left click twice.

Help. I do not want to have to purchase a new computer.

Note, I did download the recommended Primary Mirror. No boxes open to check any options.

This is very frustrating.

Is this fixable or will I need to use a windows disk, etc?

Thanks



post Nov 3 2009, 07:57 PM
Post #1




Group: Members
Posts: 7
Joined: 3-November 09
Member No.: 398,258




How do I fix this error?

"The application or DLL C:\WINDOW\system32\lofiketo.dll is not a valid Window image. Please check this against your installation diskette"?

Is this fixable without reformatting my hard drive?

I tried going back to the furthest restore point, but no success. My initial problem was that I was out of disk space, but I was able to move or delete files so this is my only remaining issue.

I have a Dell Dimension E310, and orange Disk "Operating System", Blue Disk "Applications ("for reinstalling Dell systems software") and Blue Disk "Drivers and Utilities". All are dated 2004 or 2005.

I would like to fix without reformatting and loosing files.

Thanks!

This post has been edited by garmanma: Nov 3 2009, 08:20 PM
Go to the top of the page


+Quote Post

garmanma
View Member Profile
Add as Friend
Send Message
Find Member's Topics
Find Member's Posts

post Nov 3 2009, 08:25 PM
Post #2


Computer Masochist
******

Group: Moderator
Posts: 23,529
Joined: 27-January 07
From: Cleveland, Ohio
Member No.: 108,618




More likely than not you have a rootkit infection
It will take time

We Need to check for Rootkits with RootRepeal

1. Download RootRepeal from the following location and save it to your desktop.
* Direct Download (Recommended)
o Primary Mirror
o Secondary Mirror
o Secondary Mirror
o Secondary Mirror
* Zip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
o Primary Mirror
o Secondary Mirror
o Secondary Mirror
* Rar Mirrors - Only if you know what a RAR is and can extract it.
o Primary Mirror
o Secondary Mirror
o Secondary Mirror
2. Extract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).
3. Open on your desktop.
4. Click the tab.
5. Click the button.
6. Check all seven boxes:
7. Push Ok
8. Check the box for your main system drive (Usually C:), and press Ok.
9. Allow RootRepeal to run a scan of your system. This may take some time.
10. Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.



----------------------------------

Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to High

Also try: right-click on rootrepeal.exe and rename it to tatertot.scr



I finally figured I can go to "My topics" at the top of the page to find my posts.

I finally have more info. I could not cut and paste from infected computer so am typing the notes from the RootRepeal test:

x FOPS - DeviceIoControl Error!
Error Code = oxc0000001
Extended Error (ox 00000090)
===================
Details

x FOPS - DeviceIoControl Error!
Error Code = oxc0000001
Extended Error (ox 00000090)

x DeviceIoControl Error!
Error Code = 0x1e7

x FOPS = DeviceIoControl Error!
Erroe Code = 0xc0000001
Extended Info
(0x00000090)

========

Can this computer be fixed without reformatting and losing all data? Computer is a Dell Dimension E310 with pre-loadeded software such as Excel and Microsoft Word and approx 3,500 jpegs that I haven't been able to move. Plus, that is the easy way out.

I am looking for specific step by step directions on how to fix this computer. This error message has been sitting on my desk top for months, "DLL C:\WINDOW\system32\lofiketo.dll"

What is this error, what caused it, and how do I fix it?

Thanks!

#5 Jade13

Jade13
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:35 PM

Posted 25 December 2009 - 12:36 PM

Is there not anyone who can give me directions on how to fix this computer.

The error message is:

RootRepeal Error

DeviceIoControl Error! Error Code - 0x0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users