|03 Jul 2012||#1|
| || |
Need help with TDSS, no access to second computer
I'm on a tablet right now, so I can't really copy/paste anything specific.
I've currently got the TDSS virus (Windows 7 ultimate, x64) and cannot boot into Windows, so all the available tools are unavailable to me until I can at least get this figured out. I know it's TDSS because I got it 3 months ago, but was able to fix it (and now I know I definitely should have used more antivirus). The symptoms are crashing on reboot due to corrupt system file (rdyboost.sys or something like that, but I know that's not the problem), and my hard drives randomly getting repartitioned.
The main problem is that I forgot what I need to do to the boot record to just get the machine booting up so I can go get the Kaspersky tools and recovery disc for future incidents. I do have a Windows 7 CD, and this is what I did so far from the recovery console:
-delete old bcd file and build a new one using bootrec /rebuildbcd
-rebooting failed, so I repeated that, booted into console again, and ran sfc /scannow, which said there was a system repair pending and could do nothing
-rebooting failed again, so I again repeated those steps and ran sfc again with the offbootdir flag. This time it said windows resource protection found corrupt files but was unable to repair them
This is where I'm stuck. I can't find any other info that has help at the recovery console level, and I'd really like to avoid a reformat, especially knowing that TDSS survives reformats because it sits in the master boot record.
Thanks in advance.
edit: never mind, after hours of frustration, I discovered that windows had randomly created a restore point for me an hour before hell broke loose, and reverting to that magically worked. It was my attempting to uninstall dot net for a clean reinstall that caused it, which is painful in itself because windows update fails on the dot net patches repeatedly for no reason...
|My System Specs|
|Similar help and support threads for2: Need help with TDSS, no access to second computer|
|Suspicous Unsigned Drivers - TDSS Scan||System Security|
|Stuck on verifying DMI Pool after TDSS removal, can't repair OS||General Discussion|
|Unknown computer is main HomeGroup computer so can't access!||Network & Sharing|
|Researchers Discover Link Between TDSS Rootkit and DNSchanger Trojan||Security News|
|Rent-a-Bot Networks Tied to TDSS Botnet||Security News|
|Cybercriminals Have Spent $250,000 Spreading TDSS Botnet||Security News|
|Old computer had hidden files, new computer cannot access them.||General Discussion|