fatdcuk Posted February 1, 2007 Rustock A,B variant's Please download the following software>>> http://www.rku.xell.ru/?l=e&a=dl **Do not take any action unless instructed too,this is a very powerful rootkit forensic tool and on one hand has got some neat capabilities but also if misused can do crazy stuff. Please generate me a report by using far right tab and making sure all box's are ticked before running scan/report. Copy & pste the log file generated to a reply post Ps don't panic about the amount/type of data generated as this tool will identify legitimate objects/process's as well as the suspect one's.Its just looking in all the right places Share this post Link to post Share on other sites
Guest Posted February 1, 2007 this tool is easy and safe to use http://www.uploads.ejvindh.net/rustbfix.exe Share this post Link to post Share on other sites
fatdcuk Posted February 1, 2007 this tool is easy and safe to usehttp://www.uploads.ejvindh.net/rustbfix.exe That is the canned fix for Rustock A& B but that would not allow the OP to retrieve the driver from ADS so i can get it forwarded to Nick@SAS HQ for research & software update where as my tool/solution dose Now the question is do we want a copy of this trojan variant that is bypassing SAS ??? Share this post Link to post Share on other sites