-
July 8th, 2011, 08:50 AM
#1
TDSS modified by boot entry
I am using Windows 7 Home Premium.
I was attacked by TDSS and removed it with the Norton Removal Tool. However the computer would not get to the login after that. System restore would not restore and I was stuck
After several hours on the web I found that I could hit the F10 key on startup and would be able to edit the boot entry...which was
[NOEXECUTE -OPTIN /MINIT ] I deleted the /MINIT entry and the computer restarted fine. However I have to do this every time I restart the computer and BCDEDIT to modify anything would be deadly for me..though I did make a backup.
Is there anyway to edit the bootup options to save the changes ? I looked at EasyBCD but don't have a clue what to do. Thanks
-
July 8th, 2011, 12:28 PM
#2
Registered User
To clarify, are you talking about the boot.ini file or are you asking about the MBR. Usually a TDSS virus affects the MBR and has to be cleaned with something like TDSSKiller, or you have to boot with the OS cd and go into the recovery console and run the fixmbr command. None of this is a guarantee since there is a new TDSS virus that requires a complete wipeout and reinstall.
It's not the computers that keep having problems, it's the users!!
-
July 8th, 2011, 01:14 PM
#3
It's the MBR since this is Windows 7. I don't know how to edit out the change.
I wish it was boot.ini, then I could clear it up in Notepad ! I wish Windows had a better idea !
I can continue running F!0 at startup, but it's an aggravation if I don't get to it soon enough it tries to do a repair...and always fails.
Thanks
-
July 8th, 2011, 01:23 PM
#4
My error. The problem is in the BCD boot configuration data which is a replacement for the old boot.ini in Windows 7. BCDedit works with it but is entirely indecipherable to me. EasyBCD has no way to modify that particular enty that I can see.
-
July 8th, 2011, 07:19 PM
#5
Intel Mod
Legalegl, I'd recommend following through with the assistance of Broni on VirtualDr. Cross-currents from two streams of advice can be confusing and counterproductive, and Broni is a capable and thorough malware analyst.
While automatic malware removal tools are useful, their actions may leave side issues or variant strains not fully eradicated, and the scan logs requested by Broni are the only way to be completely sure what's happening and to know you're fully clear of the infection.
-
July 9th, 2011, 12:43 PM
#6
I did end up using the Bootrec.exe per microsoft.
bcdedit /export c:\BCD_Backup
c:\
cd boot
attrib bcd -s -h -r
ren c:\boot\bcd bcd.old
bootrec /RebuildBcd
It was suggested to me by a poster on Virtual Dr., and it worked perfectly.
I wish I had posted earlier on VirtualDr, and here as I might not have had the problem in the first place...Alles van die beste
-
July 9th, 2011, 12:48 PM
#7
My apologies. It was a post from Microsoft Answers, not Virtual Dr.
The response from Windrivers and VirtualDr were both rapid and important as I was in a real quandry. Thanks again.
-
July 9th, 2011, 01:36 PM
#8
Registered User
Glad you got your system working, but most Windows 7 Boot issues can be resolved by running the Startup Repair tool. I hope you don't misunderstand me, but many users want to over-complicate the repair process. These days, most third party utilities and tools are either unnecessary, or dangerous.
-
July 9th, 2011, 05:27 PM
#9
I agree. Windows ran many times with startup repair, and failed continually. It would have been successful except for the bad boot entry. System restore failed as well as all other options.
I looked all over for a way to save the changes made with the F10 option on startup, which would have been an easy way to fix the system...but no luck.a
Thanks
-
July 9th, 2011, 09:23 PM
#10
Registered User
TDSS has recently been modified and is reported to be a bit stronger than before. I haven't gotten to test yet since this report but last time I used it Kaspersky's TDSS Killer does wonders on this nasty. I suggest running that and then following slgrieb's advice.
One Script to rule them all.
One Script to find them.
One Script to bring them all,
and clean up after itself.
Similar Threads
-
By PacMan in forum Windows XP
Replies: 4
Last Post: March 5th, 2009, 12:35 PM
-
By Irish Shark in forum Linux
Replies: 1
Last Post: April 18th, 2008, 08:35 PM
-
By Armageddon in forum Windows Vista
Replies: 11
Last Post: September 8th, 2007, 03:05 PM
-
By the_tick in forum BIOS/Motherboard Drivers
Replies: 3
Last Post: April 23rd, 2001, 09:24 PM
-
By format c: in forum BIOS/Motherboard Drivers
Replies: 4
Last Post: May 20th, 2000, 12:34 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Bookmarks