Home > Troubleshooting > Viruses/spyware on the uptick!

Viruses/spyware on the uptick!

I’ve had three calls on infestations in the last two days from non-managed customers.  From what I could tell, they all acquired the malware from “normal” websites that took advantage of systems that were not fully patched.

Yesterday afternoon had several trojans and the TDSS rootkit.  The following was my process for removal:

1. Ran scan with MalwareBytes (my current goto software for this sort of thing.  It identified and removed lots of stuff, but of course it wasn’t able to remove the rootkit.  Fortunately, it WAS able to identify the files containing the rootkit even though they were hidden.

2. Manually cleaned up the registry run entries and the HOSTS file.

3. Booted to Bart’s CD to remove the rootkit files.

4. Updated AVG and ran scan that identified a few holdover files.

5. Ran a final MalwareBytes scan to make sure I got everything.

6. Installed XP-SP3 and all the rest of the updates to bring the system current.

Whew!  Total 4 hours of scanning/rebooting.  $$$ in my pocket, but rather boring.  I need to remember to bring a good book to these jobs.

Categories: Troubleshooting
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: