Warning: mysqli_num_fields() expects parameter 1 to be mysqli_result, boolean given in /home/merizos/public_html/remove-malware/wp-includes/wp-db.php on line 3182

Warning: mysqli_query(): (HY000/1030): Got error 122 from storage engine in /home/merizos/public_html/remove-malware/wp-includes/wp-db.php on line 1924

Warning: mysqli_num_fields() expects parameter 1 to be mysqli_result, boolean given in /home/merizos/public_html/remove-malware/wp-includes/wp-db.php on line 3182

Warning: mysqli_num_fields() expects parameter 1 to be mysqli_result, boolean given in /home/merizos/public_html/remove-malware/wp-includes/wp-db.php on line 3182
New Rootkit Patches MOUSE.DRV Warning: mysqli_query(): (HY000/1030): Got error 122 from storage engine in /home/merizos/public_html/remove-malware/wp-includes/wp-db.php on line 1924

Warning: mysqli_num_fields() expects parameter 1 to be mysqli_result, boolean given in /home/merizos/public_html/remove-malware/wp-includes/wp-db.php on line 3182
class="post-template-default single single-post postid-2293 single-format-standard unknown alt-style-default boxed-layout two-col-left width-1020 two-col-left-1020">


Warning: mysqli_query(): (HY000/1030): Got error 122 from storage engine in /home/merizos/public_html/remove-malware/wp-includes/wp-db.php on line 1924

Warning: mysqli_num_fields() expects parameter 1 to be mysqli_result, boolean given in /home/merizos/public_html/remove-malware/wp-includes/wp-db.php on line 3182
class="post-2293 post type-post status-publish format-standard hentry">

New Rootkit Patches MOUSE.DRV

I ran across 2 rootkits this week that hid inside of Mouse.drv (in Windows\System32).  Both PC’s had CPU’s pegged to 100% from 2 processes running at 50% each.  The processes were svchost.exe and services.exe.

I tried to run GMER and Combofix in safemode, but neither would finish their scans.  Eventually I had to use my UBCD and Avira found 1 infection…mouse.drv.  I deleted mouse.drv and copied another from the Windows XP disc.

I have no idea what this rootkit did (except to piss me off), I suppose I’ll try and find another and upload it to virustotal.com


Warning: mysqli_query(): (HY000/1030): Got error 122 from storage engine in /home/merizos/public_html/remove-malware/wp-includes/wp-db.php on line 1924

Warning: mysqli_num_fields() expects parameter 1 to be mysqli_result, boolean given in /home/merizos/public_html/remove-malware/wp-includes/wp-db.php on line 3182

Fatal error: Uncaught exception 'wfWAFStorageFileException' with message 'Unable to verify temporary file contents for atomic writing.' in /home/merizos/public_html/remove-malware/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php:52 Stack trace: #0 /home/merizos/public_html/remove-malware/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php(659): wfWAFStorageFile::atomicFilePutContents('/home/merizos/p...', '<?php exit('Acc...') #1 [internal function]: wfWAFStorageFile->saveConfig('synced') #2 {main} thrown in /home/merizos/public_html/remove-malware/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/lib/storage/file.php on line 52