Jump to content

Archived

This topic is now archived and is closed to further replies.

fatdcuk

Trojan.Rustock/LZX32 Not clearing from drive.

By fatdcuk, in General Questions

Recommended Posts

fatdcuk   

fatdcuk
Posted

Rustock A,B variant's

Please download the following software>>>

http://www.rku.xell.ru/?l=e&a=dl

**Do not take any action unless instructed too,this is a very powerful rootkit forensic tool and on one hand has got some neat capabilities but also if misused can do crazy stuff.

Please generate me a report by using far right tab and making sure all box's are ticked before running scan/report.

Copy & pste the log file generated to a reply post :)

Ps don't panic about the amount/type of data generated as this tool will identify legitimate objects/process's as well as the suspect one's.Its just looking in all the right places :)

Share this post

Link to post
Share on other sites

fatdcuk   

fatdcuk
Posted
this tool is easy and safe to use

http://www.uploads.ejvindh.net/rustbfix.exe

That is the canned fix for Rustock A& B but that would not allow the OP to retrieve the driver from ADS so i can get it forwarded to Nick@SAS HQ for research & software update where as my tool/solution dose :wink:

Now the question is do we want a copy of this trojan variant that is bypassing SAS ???

Share this post

Link to post
Share on other sites
Go To Topic Listing
×
×
  • Create New...