Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TDL-4 Infection on 4 PCs and multiple external storage mediums-entire network unsecure-please help us.


  • Please log in to reply
4 replies to this topic

#1 SentientRootkit

SentientRootkit

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 11 January 2012 - 08:21 AM

My wife is getting help for her pc. I would appreciate help for my Toshiba Satellite L305-S5919. I have reformatted and installed a minimal version of Windows 7 but have yet to stop this thing from maintaining its hold on my network. After some 20 hours a day for nearly a month, it has taken its toll on my family. My son's new laptop for Xmas is now infected too. We will fix that very soon tho. Please guide me on how to proceed with this laptop for now. They have already wiped out my bank account once. :-(. Thank you so very much.

SentientRootkit

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,541 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:16 PM

Posted 11 January 2012 - 11:53 AM

IMO...you have waited a long time to seek assistance...and, based on the number of systems you mention and the process of dealing with each one...I would say that you have a serious problem.

If you truly reformatted, deleting previously infected partitions...that should have solved it for a single computer. Having a clean computer networked to an infected one...well, that just starts the whole problem all over again on that system.

I suggest that you follow the prescribed procedures at Preparation Guide, Before Using Malware Removal Tools and Requesting Help - http://www.bleepingcomputer.com/forums/topic34773.html and then submit the requested logs in the proper manner at the forum referenced in the Prep Guide. The folks there will guide you in what approach should then be taken.

Louis

#3 SentientRootkit

SentientRootkit
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 11 January 2012 - 01:00 PM

My wife just notified me that her PC is now clean and is bringing it home with wifi totally disabled. My son can and will bring his infected pc home the same way. This infection seems to be residing in my gpu or bios cache because reformatting to all 0s some 5 or 6 times has not stopped it. I fear my wife's pc may not truly be clean either but, we will see once I check upon her arrival.

If I have not followed protocal, I apologize. I will read the section again and start over. I just knew I wasn't supposed to start running tools and posting logs without being prompted first; at least that is what I thought. Thank you for your response. I will not reconnect any PC to the network until we are sure that all have been cleaned properly one at a time and a new router has been obtained from my provider. I am looking into a 3rd party firewall as well.

Sentient

#4 SentientRootkit

SentientRootkit
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:16 PM

Posted 11 January 2012 - 01:27 PM

This is what I truly suspect that we all(my family) have, Mebromi. Scary stuff....

http://forum.sysinternals.com/gpu-based-paravirtualization-rootkit-all-os-vulne_topic26706_page1.html

Sentient

Edit: Why do I say this? Because my PS3, PSP, phone and more has all come down with bad firmware that seems impossible to format off. No manner of reset or reformat seems to make it go away.

Edited by SentientRootkit, 11 January 2012 - 01:30 PM.


#5 hamluis

hamluis

    Moderator


  • Moderator
  • 55,541 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:16 PM

Posted 11 January 2012 - 03:49 PM

Understood.

I suggest that you follow the prescribed procedures at Preparation Guide, Before Using Malware Removal Tools and Requesting Help - http://www.bleepingcomputer.com/forums/topic34773.html and then submit the requested logs in the proper manner at the forum referenced in the Prep Guide. The folks there will guide you in what approach should then be taken.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users