Sign in with
Sign up | Sign in
Your question
Closed

FYI when cleaning rootkit.zeroaccess

Last response: in Windows XP
Share
June 10, 2011 9:51:24 PM

found this while trying to clean a computer:

ComboFix 11-06-10.08 - owner 06/10/2011 16:08:28.2.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.955.349 [GMT -5:00]
Running from: c:\users\owner\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\c_21993.nls
c:\windows\system32\config\ogejidap
.
Infected copy of c:\windows\system32\drivers\rassstp.sys was found and disinfected
Restored copy from - The cat found it :) 

(combo fix has a cougar as an icon)

I hate virus writers...
a b 8 Security
June 10, 2011 11:58:49 PM

Thanks for the info!
Score
0
a b 8 Security
October 10, 2011 2:09:09 PM

This topic has been closed by Area51reopened
Score
0
!