More and more recently I have been given computers with
mass Rootkit infections. Each unable to connect out to the net, performing painfully slowly and most advertising the infection and attempting to spread using the instant messenger network.
Although I always treat these infections on an individual basis and work my way down my predefined tool set, I am finding 1 particular tool is rapidly making its way up my list as the first tool try. ComboFix is a free spyware remover created by sUBs
“Combofix was designed to scan a computer for known malware, spyware (SurfSideKick, QooLogic, and Look2Me as well as any other combination of the mentioned spyware applications) and remove them.
ComboFix allows the manual removal of spyware infections . It ‘s a specialized effective cleaning tool, which is useful compared to other malware and spyware removers.
After Combofix finished,a report will be created. You can use this report to search and remove infections which are not automatically removed.”
ComboFix is really easy to use even my nana could start fixing these infected PC’s..
How to use combofix:
- Disable or Close all anti-spyware, anti-malware antivirus real-time protection, which may affect ComboFix.
- Download the latest version of ComboFix (2.8mb)save to you desktop
- Close all programs of you computer
- Double click ComboFix.exe on you desktop
- When Combofix finished, it will create logs for you.
Some infected PC’s I have had the pleasure of working on have prevented ComboFix from running, which is also quite easy to get around. Simply rename the ComboFix exe, I tend to use 123.exe. Then try running it again!
I am yet to come across a Rootkit infected PC requiring this and then other tools before it’s back running normally!
Obviously I would still recommend using an AntiVirus application such as McAfee and perform regular updates and scans!