Remove-Malware.com » rootkits

Removing Rootkit.Boot.SST.a leaves you with unbootable Windows 7

malwarekilla — Mon, 14 May 2012 20:56:29 +0000

Last night I had to deal with one very nasty rootkit. It’s called Rootkit.Boot.SST.a. Removing the rootkit is pretty easy (used the kaspersky rescue disk), however after it’s removed Windows 7 becomes unbootable and you’re left with a 0x0000007b. If you try to use a Windows 7 disc to repair the mbr using bootrec.exe [...]

Thanks for reading the feed for Remove-Malware.com !!! This post was originally published here: Removing Rootkit.Boot.SST.a leaves you with unbootable Windows 7

Picture of Rootkit that Prevents Windows 7 from Loading

malwarekilla — Thu, 26 Apr 2012 15:09:52 +0000

Following up on my last post, here’s a picture of the rootkit that causes Windows 7 to lockup / freeze.

Thanks for reading the feed for Remove-Malware.com !!! This post was originally published here: Picture of Rootkit that Prevents Windows 7 from Loading

Rootkit Causes Windows Not To Boot – Freezes at Windows Load Screen

malwarekilla — Thu, 26 Apr 2012 14:20:32 +0000

Hi Guys, just an FYI here. I’ve had 3 rootkits this week that prevent Windows 7 from loading. Basically when you start the PC Windows starts to load and then freezes on Windows screen (black background, before the colored spinning balls). This is easy to resolve. Just download the latest Kaspersky Rescue Disk, burn the [...]

Thanks for reading the feed for Remove-Malware.com !!! This post was originally published here: Rootkit Causes Windows Not To Boot – Freezes at Windows Load Screen

Rootkit Zero Access Removal Notes

malwarekilla — Tue, 27 Dec 2011 15:51:05 +0000

This post is split up in a few sections. It’s mostly my notes on dealing with rootkit zero access (a.k.a – rootkit.zeroacess, w32/Sirefef or Max++) Methods of Infection for Rootkit Zero Access (max++) Outdated Java (this seems to be the #1 way) .exe’s that have random porn type names. They are made to look like [...]

Thanks for reading the feed for Remove-Malware.com !!! This post was originally published here: Rootkit Zero Access Removal Notes

TDL4 Rootkit Video – Being Used as a Proxy

malwarekilla — Tue, 12 Jul 2011 15:44:34 +0000

In this video you get to see how the TDL4 rootkit uses your PC as a proxy server. The tools used in this video are Comodo Cleaning Essentials and the Windows Task Manager.

Thanks for reading the feed for Remove-Malware.com !!! This post was originally published here: TDL4 Rootkit Video – Being Used as a Proxy

Microsoft Security Essentials – Rootkit Followup Video

malwarekilla — Thu, 10 Dec 2009 18:07:16 +0000

In this followup video to the Microsoft Security Detection and Removal tests video I show you what rootkit was present on the PC, what apps couldn’t even detect it and what finally removed it. http://www.youtube.com/watch?v=aRfnBjTCG4I

Thanks for reading the feed for Remove-Malware.com !!! This post was originally published here: Microsoft Security Essentials – Rootkit Followup Video

Skynet Rootkit – When Malware with Movie Names Attack!

malwarekilla — Thu, 13 Aug 2009 14:39:56 +0000

No, the global A.I. network of man killing machines from the Terminator movie is not on your computer, it’s just a browser redirection rootkit. Figure 1 – The Skynet Rootkit I went over Tom’s house last night on the report that he couldn’t run a quick scan with SuperAntiSpyware (his box blue screened with a [...]

Thanks for reading the feed for Remove-Malware.com !!! This post was originally published here: Skynet Rootkit – When Malware with Movie Names Attack!

Free Rootkit Removal Programs

malwarekilla — Tue, 07 Jul 2009 14:27:06 +0000

This is a quick post on free rootkit removal. I get 5-10 emails a day on how to remove rootkits, so I’m hoping this will answer a few of those. Rootkits can be removed for free with: 1. A Bootable AntiVirus Disc (like the Avira free rescue cd). Rootkits reside in the system32 folder, so [...]

Thanks for reading the feed for Remove-Malware.com !!! This post was originally published here: Free Rootkit Removal Programs

New Generation of Rogue Antivirus Prevent Browsing

malwarekilla — Fri, 13 Feb 2009 21:00:00 +0000

As you can see by the screen shot below, a rogue antivirus program called Spyware Protect 2009 has blocked my attempt to browse the internet either by direct URL navigation or via search engine queries. Spyware Protect 2009 is just one example, I’ve seen over a dozen rogues that come bundled with TDSSERV rootkits (the [...]

Thanks for reading the feed for Remove-Malware.com !!! This post was originally published here: New Generation of Rogue Antivirus Prevent Browsing

Malware Customer Call – Notes from a real appointment

malwarekilla — Wed, 19 Nov 2008 17:58:24 +0000

Ms Hager: “Hi Matt, my computer is giving me a little fit…I don’t know what my husband has been doing” Matt: “What’cha got going on?” Ms Hager: “Well, when I turn the computer on I either get a blank desktop or a big alert saying my antivirus is not registered” I’m thinking it’s malware or [...]

Thanks for reading the feed for Remove-Malware.com !!! This post was originally published here: Malware Customer Call – Notes from a real appointment