Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

can't run programs or cmd


  • Please log in to reply

#1
KColacicco

KColacicco

    New Member

  • Member
  • Pip
  • 1 posts

Well I found my way here (finally) after working all day to fix this. Running: Windows 7 Ultimate x64. Last night I noticed my Google searches were being redirected to one IP which I don't have since it's on the infected computer. Ran SuperAntiSpyware and it didn't come up with anything, but after the reboot my computer started up fine, logged in, then it seemed like the services wouldn't start (ESET started but would then crash cause it couldn't access the kernel) and that was it. I couldn't run any programs at all, but I could open folders and notepad.

After some research figured out it could be a rootkit, downloaded GMER that I found recommended on another site and booted into safe mode but still couldn't run ANY programs or command lines. After trying everything under the sun, I finally found Hiren's BootCD and I'm currently running Dr.Web Anti-Virus in a mini-XP environment off of a USB key that found BackDoor.TDSS.4005 in the Master Boot Record. The scan is still running and it says it's cured but I figured since I found this place I'd see if after this scan is done and I boot into windows if there's more I would need to do to make sure it's gone (and if there's anything to make sure it doesn't happen again). I wasn't using the computer when it happened, and the person using it said they didn't download anything (yeah, all heard that before). Anyway is there any logs I could post to make sure it's clean after this scan?


Well that Dr.Web scan did fix it, although I had a fun time trying to fix the MBR after that. I'm booted back in now and used the clean-up post from here, everything is looking fine. Thanks though.

Edited by KColacicco, 19 June 2011 - 08:12 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP