Cannot run ANY programs even in safe mode

January 23, 2012 at 06:22:35
Specs: Windows 7, amd turion 2/ 4gigs
I've been having issues with some kind of browser hijacker I can't seem to get rid of. Yesterday it downloaded what is apparently the mother of all viruses- it immediately restarted my computer, whereupon I could not run ANY programs at all. I tried restarting in safe mode and in safe mode w networking- no dice. I tried system restore- appeared to work, but the virus was still there.

I cannot run any programs, either from the hard drive or from a usb flash drive. When I try, the process comes up briefly in task manager, and then it's almost immediately killed. Either "svchost. exe *32 (winrscmde in the description column)" or the windows error manager pops up before the process is killed, not sure if that's connected.

When I boot into safe mode, the following processes are running: csrss.exe, ctfmon.exe, explorer.exe, lsass.exe, lsm.exe, services.exe, smss.exe, about six copies of svchost.exe, system, system idle process, taskmgr.exe, wininit.lexe, winlogon.exe

At one point I was miraculously able to get firefox open in safe mode with networking, I was able to download avg and to run malwarebytes- it detected the svchost trojan and deleted it, but when I restarted the computer again (big mistake) the whole mess was just the same.

I strongly suspect a rootkit but I have no idea how to go about fixing this, since I can't run any programs at all, even in safe mode. I downloaded avg's boot disc (the usb version) but I'm not sure what to do with it, I just have the rar sitting on my usb drive. I did not make a recovery disc when I got this laptop. I currently have internet access through a work computer- I can use it to download programs to my usb drive and transfer them to the infected laptop.


See More: Cannot run ANY programs even in safe mode

Report •

#1
January 24, 2012 at 03:26:47
Try running the Autoruns,try to find out any wierd processes

http://www.filehippo.com/download_a...

Also try running the process explorer

http://www.filehippo.com/download_p...

btw may I know which AV Program are you using?


Report •

#2
January 24, 2012 at 05:24:20
AVG free, but I didn't download it till after the infestation, so.

I can download those programs but it's not going to help, because as I said the virus is blocking me from running ANY program, even in safe mode.


Report •

#3
January 24, 2012 at 06:29:18
you may want to physically remove the drive, attach it to another PC/Laptop and run some virus and malware scans in that case.

Some HELP in posting on Computing.net plus free progs and instructions 7 Medals


Report •

Related Solutions

#4
January 24, 2012 at 07:30:00
Not sure that's an option unless I take it to someone- My desktop needs a new power supply and I can't hook up an infected hard drive to my networked office pc, my employer would kill me.

I've recovered all the important files from the drive (docs, pics, etc) so honestly I'm happy to do whatever needs to be done, no matter how drastic, as long as I've some guarantee it would work. If I had made a recovery disk when I got the laptop I would have probably already reinstalled the operating system.


Report •

#5
January 24, 2012 at 22:11:01
I restored the computer to factory settings and that seems to have done it.

Report •

#6
January 25, 2012 at 18:11:48
Just for my knowledge ... did you try to run rkill in safemode before trying to install and run the other programs???

Report •

#7
January 25, 2012 at 18:13:42
I didn't. But I doubt it would have worked...no programs were working at all.

Report •

#8
January 26, 2012 at 09:35:50
That is what RKILL was designed for. It comes in 7 different formats hopefully one will get by the defences of the rogue program and kill the process thats stopping your other programs from running.

May not have worked on this particular virus but then maybe it would have.

http://www.bleepingcomputer.com/dow...


Report •

#9
February 21, 2012 at 16:38:36
CaptainBlue: Can you glance at my issue and tell me if its the same thing that happened to you and if so maybe help me out?

http://www.computing.net/answers/wi...

ScoobyDoo: I have tried everything. I downloaded rkill on my wifes computer, and everyone says its free but its obviously not. Either way, I tried to run it in safemode once downloaded and it didnt work. I even renamed it and put it on a share drive and nothing. I cant figure this out.


Report •

#10
February 21, 2012 at 16:47:29
You didnt get RKILL .. RKILL is free.


Report •

#11
February 21, 2012 at 18:19:31
Tried everything from the site. The top 3 downloads on this site: http://www.bleepingcomputer.com/dow... wanted a register fee. I dont even care at this point. But I clicked on the 7 links below in blue and all 7 I "Save"d instead of "Run"ing it and then copied to my portable drive and plugged into my laptop. Pulled them up in safemode and boom. Nothing, I click on it and nothing opens... This is killing me.

Report •

Ask Question