You boot to the recovery partition and now see a login screen. The username is not provided. This may seem weird when you’ve never seen a login partition screen.

About that Weird Login Partition

When you use any combination of user names or passwords you see the error message The domain specified is unavailable.

This message may be alarming if you are on a laptop that is not joined with a domain. Laptops exhibiting these symptoms are most likely rootkitted and must be formatted using alternative CDs or DVDs.

Of course you can try to clean the infection up but why waste the time? You can’t be sure scanners will remove it anyway. Besides your security policies most likely not allowing you to attempt to fix it, starting over just saves time.

If you do not have recovery discs, reinstall Windows using a Windows disc and install the laptop drivers found on the manufacturer’s support site.

Wiping the Hard Drive

I like to wipe the hard drive before I install Windows when I suspect a rootkit. One of my favorite tools is Darik’s Boot and Nuke, or DBAN for short. It works really well and has a small footprint.

I also like to have this on a recovery USB stick just in case. Even if reformats or rebuilds aren’t that often, decommissioning or re-imaging happens quite often. In that case I always wipe the drive first to be safe.

Pin It on Pinterest