[godawgs]

Hi D2e,

The bootlog file didn't shed a lot of light on the blue screen problem. Normally if a system driver is causing the problem there will be a mimidump file created, so no minidump file is good on one hand and no help on the other. I want to check the boot options. TDSSKiller found and killed the rootkit, but we need to run TDSSKiller again and remove the TDSS File System.

When the machine blue screens does it give any error messages or stop codes?


Step-1.

TDSSKiller

Please read carefully and follow these steps. They are a little different from the last instructions.
Re-open TDSSKiller on the desktop.

• Click on Change parameters.
  
  
• Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  
  
• Click the Start Scan button.
  
  
• If a suspicious object is detected, the default action will be Skip. Leave the default Skip action except for the following:
  When you see TDSS File System on the Threats Detected page, click the down arrow beside Skip and click Delete.
• Click on Continue.
  
  
• If malicious objects are found, they will show in the Scan results and offer three (3) options.
• Ensure Cure is selected, then click Continue
• If TDSSKiller needs the system rebooted a window will come up telling you to reboot. Click the Reboot Computer button to finish the cleaning process.
  
  
• Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step-2.

Check Boot Options

Please restart your system and tap the F10 key repeatedly, until the Edit Boot Options screen appears.

Please DO NOT edit anything, just report back what you see.

You should see this:

Edit Windows boot options for: Windows 7

Path: \Windows\System32\winload.exe

Partition: 1
Hard Disk: {Some random looking numbers}

[ /NOEXECUTE=OPTIN <--This is the bit I am most interested in. Don't change anything, just tell me exactly what is shown after this statement.


Step-3.

Things For Your Next Post:
1. The TDSSKiller log
2. Tell me exectly what the [/NOEXECUTE=OPTIN line showed.
3. Do you get any error messages or Stop codes when the system blue screens?

Edited by godawgs, 13 April 2012 - 11:24 PM.

[Advertisements]

Hello,
My company transitioned to a new network last week & I no longer have admin rights. So now my laptop won't run the TDS program because it requires the admin password. I am trying to get admin privileges from IT but I doubt it will fly.
Are there any other options I could try without being the administrator?

[D2e]

Hello,
My company transitioned to a new network last week & I no longer have admin rights. So now my laptop won't run the TDS program because it requires the admin password. I am trying to get admin privileges from IT but I doubt it will fly.
Are there any other options I could try without being the administrator?

[godawgs]

Hi D2e,

I wish I had known up front that this computer belonged to your company. Our support is for home and personal use. Please see section 3 b. of our Terms Of Use. The TOU specifically states that we are not here to support/replace your company's IT department. While there are times, and under certain circumstances, we will look at a computer belonging to a company, we will do so only with the company's knowledge of and consent to our looking at it. We want to avoid having a company get angry at us because their IT department was circumvented.
To answer your question, I don't know of any tools we can run or settings we can check without Admin. privileges. If/when you get Admin. privileges and your company gives the go ahead for us to continue, send me a PM and I will check with the powers that be here and let you know if we can continue.

[D2e]

It's a bit of a hybrid scenario...It's MY laptop but I use it for work. The company was sold in January & until you were transitioned to the new company network, there WAS no IT support because you couldn't access the ticket portal.
At any rate I am on the new network as of last week so I can open a ticket with IT at this point. I thought I could finish what we were doing here since we were almost done but with the Admin issue probably not going to happen.
Thanks for the help up to this point.

[godawgs]

D2e,

Thank you for telling me. You are welcome and I'm sorry we couldn't finish. Good luck.

[Essexboy]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.