A client claimed an infection of AntiVirus2009, so I took the PC back to the lair to remove the malware. Turns out it was worse than that. They had TDSSserv.sys, a very nasty little rootkit that prohibits booting into safe mode and contacting a selection of legitimate security sites.
What to do? Have all your tools on portable media - no Internet necessary. I loaded gmer and SDfix on the machine and they cut out the tumors. All better now. Of course, to get to that point took four hours of trying other remedies first. I do this so you don't have to.
I also have a laptop from another client. This little beast apparently won't hook up with wireless networks outside the home. When we booted it at their house, the keyboard and touch pad buttons were unresponsive. I think that wireless may be the least of the machines problems.
Wednesday, October 29, 2008
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment