Hi Barry and Welcome!Originally Posted by barry80
i'm also having this threat b4 & successfully using the same tool combofix provided by sifu sUBs. the final solution is reinstall tcp/ip protocol once the combofix had deleted the infected dll files. so far, i didn't encounter any problem yet
I agree that most of the visible components of this malware can be removed via Combofix when it is run in Safe Mode as per earlier instructions.
-- Of course, whenver you are dealing with a rootkit, there is always a question of whether you removed everything. . .
-- I also wonder whether combofix removed the registry keys associated with the infection. The fix I put together adresses this as well as the connectivity issue all in one fell swoop (I have not been able to test it yet, though) I wonder if remnants remain in your registry?
-- Also, greenfish has a few other malware issues I neglected because I made the mistake of assuming they were Chinese language plug-ins. The lesson for me is to never assume!!!
Merry Christmas & Happy New Year!
pp
Reply With Quote