Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TDL3/TDL4 Rootkit infection - Sorry, not sure which one


  • This topic is locked This topic is locked
2 replies to this topic

#1 jammy_basturd

jammy_basturd

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:37 PM

Posted 12 December 2010 - 10:27 AM

This is on my Mum's Sony Vaio laptop, she got a warning that looked like it was from AVG (free version was installed), telling her that some program had to be installed to clean an infection. After that the computer became unresponsive and once rebooted, AVG kept finding viruses upon running a full scan. I un-installed AVG and installed MSE, which seemed to take care of all the 'normal' viruses, but I keep getting a Windows crash error reporting message saying that the Generic Host Process for Win32 Services has crashed. After running combofix, DDS and GMER it seems that the laptop is infected with a rootkit.

Really hope you guys can help me remove it, and many thanks for any help in advance.

Attached Files



BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:07:37 PM

Posted 12 December 2010 - 03:24 PM

Good evening. :)

ComboFix creates a log when it is run - C:\Combofix.txt. Will you post the contents of this in your next reply.

So long, and thanks for all the fish.

 

 


#3 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:07:37 PM

Posted 17 December 2010 - 02:53 PM

As there has been no response for five days this thread is now closed.

So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users