Jump to content

Updated and ran MWB, "3 trojans" detected, proceeded, now BSOD in Normal and Safe mode

Recommended Posts

Backstory is I had a TDL4 bootkit that Maniac/Borislav walked me through removing last weekend. Our work seemed to get the computer all cleaned up, but it shook me up a bit because it was so nasty, and I still have no idea how I got it. I have extensive bookmarks and tabs in firefox that I save and tag, so there's the (very, very, very remote) chance a saved tab might have an infected page. As soon as we fixed it up, I installed the free version of Avira. I update it daily, and have MWB updated as well. I have a new router I haven't hooked up yet, too, but the current one has a firewall.

I noticed weird behavior today, in one case AcroRd32 was taking up 700mb of RAM, so I ended it. It does have a bug where in Firefox, if you have a PDF open but then shutdown Firefox, the Acrobat process continues to run anyway. Never seen Acrobat take that much RAM, though. I do work that includes quite a few research paper PDFs, and I've often wondered if it was possible to exploit one. It seemed very suspicious. On with the story.

A little while later, Avira said it had detected and "guarded" a few things. I ran MWB, and it detected "3 trojans," I think all named the same, and I think one was in an IE5 temporary folder. I had it remedy the situation, and it told me to reboot. I did reboot, and the PC blue screened. I tried safe mode, and it blue screened. Tried XP repair from CD, which it did, and the PC went to the start of the safe mode screen, but then said "XP setup cannot start under safe mode."

I don't know whether malwarebytes deleted more than it should have to allow my system to boot, whether it's some part of the previous infection coming back, or a new one, or what. I just know I can't even get into safe mode. I'm guessing that means I need some sort of boot CD.

Any advice on where to go from here?

Link to post
Share on other sites

Consider this case closed. I don't think I reinfected my PC after the last cleaning session on this forum--I found bits and pieces of the previous TDL4's Whitesmoke garbage on the PC during my cleanings this time. Borislav and I hadn't killed it dead all the way, somehow. Thanks to Ultimate Boot CD 4 Windows I could do cleaning when I wasn't able to boot XP from Normal or Safe modes.

Malwarebytes Expert staff and others may want to be extra thorough with these TDL4 bootkits, it's ridiculous how much crap it injected throughout my PC. Not sure I have it 100% clean, but I've learned so much the past couple days trying to get my PC running that I should be able to handle anything new on my own.

UBCD4Win is pretty sweet stuff.

Good luck to everyone, and Seasons Greetings.

Link to post
Share on other sites

Glad we could help. :rolleyes:

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.