Malware Removal Concoction

If your computer is acting different, and yes, you know what we mean. It’s doing weird things, slow, you can’t open applications, freezes up. Somethings wrong with it and you need to get it fixed.

Came across a client with 21 nasty ass Trojans, 3 Rootkits, IE 8 wouldn’t open, couldn’t down load Chrome, rebooting it constantly and who knows what else before they called me. You know it’s been going on for more than that day.

I really don’t know if I got all of it, because you techs know, that C:\Format is what we would do on our own system if we let it get that infected.

Your Bonus Tip today is to check the Scheduled Tasks. This system had 40-50 bogus tasks scheduled to help crap out their system.

Here is the tools I used to get it cleaned up:

TDSSKiller (which “Cured” one of the Rootkits)

Malwarebytes Anti-Malware (Scrubbed out most of the Trojans and 2 Rootkits)

Microsoft Security Essentials (Eradicated another Trojan)

Kaspersky Virus Removal Tool (Bonus Tool!)

Did a follow up call with the client, never heard back. Which in the tech world, is a real good thing.

2 Responses to “Malware Removal Concoction”

  1. teknophilia Says:

    You might also try running a Linux distro from a live CD or USB drive. That way, Linux won’t be infected, and you can work off of that platform to scan the drive. If it’s really bad, use Linux to back up the user files (and scan them of course). Then reformat, install Windows, and restore the files.
    I’m also in awe of your patience, I’d probably pull out all of my hair with a computer that bad.

    • Annie B. Says:

      I would have pull that system out of production, formatted and re-installed Windows. However, the user sat there and waited for it. Yes, even after I explained that it was super infected and that “Best Practice” would be to do so. Ah users, if only they listened to good tech advise.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s