Wow...crazy heavy malware calls today!

Patch22 said:
I had this exact same thing after removing the initial Security Fortress infection. Multiple root-kit infections left in place. Like you, I tried a lot of rootkit scanners and malware removal tools. Luckily it was an XP machine and combo-fix found and removed the rootkits. I then had to repair the TCP/IP stack manually, and all was good!! I'm not sure what I would've done if it had been a Vista or 7 P.C as I think combo-fix doesn't work on these O.S's.
Click to expand...

Combofix runs on Vista and 7

http://www.bleepingcomputer.com/combofix/how-to-use-combofix
 
Martyn said:
Combofix runs on Vista and 7

http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Click to expand...

Whoops!!..I stand corrected...Thanks for the info. Martyn... Not sure why I thought Combofix couldn't be used on Vista & 7. :o Do you know if there is a way to isolate the tool within Combofix that removed the Rootkits? It would be good to know what it was and to possibly use it in isolation to get more control over the malware removal process. I tend to us Combofix as a last resort as it doesn't give much flexibility in the processes it applies to the infected machine.
 
Ended up being an MBR that kept reloading a rootkit.
TDSS was always blocked...once the MBR got removed (used Easeus partition manager to reload the MBR)...TDSS was able to run and kill it. Finally cleaned.
 
You must log in or register to reply here.

Similar threads

HCHTech
Alerts!
Replies
10
Views
2K
Sky-Knight
Sky-Knight
lan101
Why do HP printers suck so bad lol
2
Replies
33
Views
3K
britechguy
britechguy
thecomputerguy
Adding EDR to my stack and how to sell it.
Replies
6
Views
1K
Sky-Knight
Sky-Knight
thecomputerguy
It's been a week.
Replies
11
Views
3K
brandonkick
B
thecomputerguy
It's the clients, they just kill me.
Replies
16
Views
3K
frase
frase
Back
Top