TechSpot

Cmd won't work after the 8 initial steps

By evercoolman
Jan 28, 2009
  1. Hi,

    The problem began when I downloaded some rogue file. Then msconfig, regedit, services.msc and cmd stopped working. However after carrying out the 8 initial steps outlined in this forum, all the others started working again except cmd.exe.

    When I try to run it, I get an error message saying Windows can't find 'cmd.exe', even though it is in the system32 folder. Now the funny thing is when I renamed the cmd.exe to xcmd.exe, it works just fine, but the replaced file cmd.exe still won't work, and I need it to work. I tried RatsCheddar and that still didn't fix it.

    Please find attached my avira, malwarebyte, superanti spyware and hijackthis logs.

    I'll appreciate all the help I can get.

    Thank you.
     
  2. mflynn

    mflynn TS Rookie Posts: 2,655

    Hi evercoolman

    Run HJT Select and remove the following 3 lines
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O23 - Service: COM+ System Applications (COMSystemApp) - Unknown owner - G:\WINDOWS\dllhost.exe (file missing)
    O23 - Service: MySQL - Unknown owner - G:\Program.exe (file missing)

    Update then run SAS
    Click Preferences
    Then counting down from top do the following entries
    Numbers 6, 11, 12, 13,18, 19 and 24!

    Next...

    Download SD Fix to Desktop among other things Catchme to look for RootKits.

    http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

    On Desktop run SDdFix It will run (install) then close.

    Then reboot into Safe Mode

    As the computer starts up, tap the F8 key several times.

    On the Boot menu Choose Safe Mode.

    Click thu all the prompts to get to desktop.

    At Desktop
    My Computer C: drive. Double-click to open.

    Look for a folder called SD Fix. Double-click to enter SD Fix.

    Double-click to RunThis.bat. Type Y to begin.

    SD Fix does its job.

    When prompted hit the enter key to restart the computer

    Your computer will reboot.

    On normal restart the Fixtool will run again and complete the removal process then say Finished,
    Hit the Enter key to end the script and load your desktop icons.

    Once the desktop is up, the SDFix report will open on screen and also be saved to the SDFix folder as Report.txt.
    Attach the Report.txt file to your next post.
    =================================================================
    Download ComboFix

    NOTE: If you have had ComboFix more than a few days old delete and re-download.

    Get it here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Or here: http://subs.geekstogo.com/ComboFix.exe

    Double click combofix.exe follow the prompts.

    When finished, it will open a log.
    Attach the log and a new HJT log in your next reply.

    Note: Do not click combofix's window while its running. That may cause it to stall

    Mike
     
  3. evercoolman

    evercoolman TS Rookie Topic Starter

    Re: cmd wont work

    Hey Mike, thanks for the prompt reply.

    Ok just a few points.

    When you instructed to run SAS, and count from the top and do 6,11 etc, you meant I should do repairs right? 'Cos that's what I did, repairs for the entried you gave.

    Next thing was SDFix, I did everything like you instructed up to the point of running Runthis.bat, but this failed to run as I got an error saying Runthis.bat could not be found, despite my very clicking on it (as in the case of cmd.exe). I then went through my renamed xcmd.exe to run runthis.bat from command prompt, I was then given the error message cmd.exe not found.

    Refusing to be deterred, I went on to the ComboFix step. I started to run it but stopped when I was informed my machine doesn't have recovery console and it was recommended. I did click yes to download it but stopped the process, since I hadn't completed the SDFix step fully.

    However, despite the uncompleted steps, my cmd.exe is working fine now, even after a reboot. I couldn't get any of the other logs for SDFix nor ComboFix. I have attached the last Hijackthis log made after the whole process.

    Would it be necessary to carry out the steps all over again or just keep using my machine?

    Thanks again.

    M
     
  4. mflynn

    mflynn TS Rookie Posts: 2,655

    Yes that is what I wanted, to count down and do the repairs. This is what fixed CMD.

    Yes I would complete the steps based on what you had.

    Start at
    And do all from there down. Since CMD is fixed all should work now!

    Mike
     
  5. evercoolman

    evercoolman TS Rookie Topic Starter

    Re: cmd now working

    Hallo Mike,

    Ok did as advised. Please find all required logs.

    Many thanks.
     
  6. mflynn

    mflynn TS Rookie Posts: 2,655

    Yep there were more.

    Reboot to Normal Mode then do the below.

    Now repeat the runs on both SDFix and ComboFix. We need to see that they don't find more but come up clean.

    If so then we are finished!

    Run long enough to give me a status of how the computer is running now!

    Mike
     
  7. evercoolman

    evercoolman TS Rookie Topic Starter

    cmd working

    Hey Mike,

    Ok I ran both applications again. I couldn't run SDFix in Normal mode though, so did it in Safe Mode.

    Please find attached the two reports.

    Everything seems to be working fine. But you let me know what you get from those reports.

    Thanks

    M
     
  8. mflynn

    mflynn TS Rookie Posts: 2,655

    Clean! Great job!

    Busy with work now but will post a final closing later today or evening.

    Run MBAM and SAS every so often 10 days/2 weeks. Run them when you are working sleeping etc. The scans are long but these 2 are the best there are. They can be scheduled to not effect computer time.

    Run them anytime you have suspicions or slowdowns or obvious issues. Don't waste your time scanning if you don't update them first!

    If they find something they can not fix/clean you know where I am!:)

    Mike
     
  9. evercoolman

    evercoolman TS Rookie Topic Starter

    cmd

    Hi Mike,

    Thanks for the great help.

    i'll do just as advised.

    Enjoy the rest of your day.

    M
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...