Results 1 to 10 of 128

Thread: [ROOTKIT INFECTION] PUP.BitMiner: kwrd.dll

Hybrid View

  1. 12-28-2011, 12:33 AM #1
    jholland1964's Avatar
    jholland1964
    jholland1964 is offline Administrator
    Join Date
    Aug 2006
    Location
    The Middle
    Age
    80
    Posts
    4,079
    Here is your Trojan/Rootkit by the way, 2011-12-17 16:20:11 -------- d-----we C:\Windows\system64
    Installed on December 17, 2011 at 5:20 PM

    And DO NOT TRY to manually remove it because it cannot be done. That isn't even the real location of it.
    Hopefully combofix will get it, I have seen it remove it before when other tools do not.
    Reply With Quote Reply With Quote
  2. 12-28-2011, 12:48 AM #2
    KamikazeKarrot
    KamikazeKarrot is offline Member
    Join Date
    Mar 2007
    Posts
    95
    Quote Originally Posted by jholland1964 View Post
    And DO NOT TRY to manually remove it because it cannot be done. That isn't even the real location of it.
    Hopefully combofix will get it, I have seen it remove it before when other tools do not.
    No worries there. I've come to the understanding that if there are special programs dedicated to deleting them, it's not going to be as easy as that to remove them.

    I ran ComboFix, and it restarted the computer. It removed two files (consrv.dll and some .exe with "java" in the name) as well as the System64 file. Right now the computer is running a scan. It says the C: disk needs to be checked for consistency.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules