I’ve just finished eradicating the Trojan.TDSS rootkit from a clients XP machine - what a pain.
Originally the machine was running McAfee but was running incredibly slowly. Replacing it with AVG Free made things a bit quicker but other things then started going wrong.
The browsers were not redirecting properly and some Blue Screen of Death’s were ocurring. The final straw was a failure to boot up properly - some hours wasted trying out different msconfig settings before finding the ‘root’ cause.
Upon runing Malwarebytes mbam the trojan was detected but it took a few renaming of binaries to get it to run and update.
The final fix was
1. Safe mode - run mbam (renamed)
2. Run combofix
3. Run SDFix
4. Reboot again and re-run mbam.
5. Update AVG and run full check
6. Install Superantispyware and run
7. Run Spybot search and destroy and install tea-timer.
Hopefully that will stop it happening again - one very happy client, although I did recommend they get all their online banking, paypal and email passwords changed…
Leave a Reply
ABOUT
UNIX, PC and Mac Engineer - Based in Trowbridge, Wiltshire, UK
RECENT POSTS
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Feb | ||||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | ||||