Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

xp laptop will not boot after TDL3 infection


  • This topic is locked This topic is locked
3 replies to this topic

#1 gacki

gacki

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:36 PM

Posted 13 December 2010 - 01:37 PM

I've cleaned up infections successfully before, but got stuck this time. After scanning with kaspersky repeatedly the infection would not go away. I decided to step up to ComboFix. I know, i know, I was warned and used it unsupervised :(
ComboFix detected rootkit TDL3 and as it warned - everything went slow, but smooth, until it hung on the last screen before restarting. I force shut it down after waiting whole night.
Now there is no response. after booting it just displays blank black screen. I tried booting to recovery console - BSOD. I also tried scanning with kaspersky recovery disk now that it does not boot normally - that came out clean, but still does not boot.

Any ideas? thanks for your help in advance.

BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:05:36 PM

Posted 22 December 2010 - 07:00 PM

Hello gacki

Welcome to BleepingComputer :)
========================
Are you still in need of assistance?
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#3 gacki

gacki
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:36 PM

Posted 22 December 2010 - 09:19 PM

no. ended up getting it to boot by deleting 0kb files in sys32/drivers folder, but after numerous passes of scanning and cleaning gmer still found traces of rootkit, while it itself crushed/never finished. I had some logs finally, but ended up just reinstalling today. I was going to upgrade to 7 eventually, so I decided to combine the effort. thanks anyway.

#4 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:05:36 PM

Posted 22 December 2010 - 09:21 PM

You are welcome :)


Since this issue appears to be resolved ... this Topic has been closed.

If your the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users