Jump to content
Posted 05 February 2009 - 08:08 AM
Posted 05 February 2009 - 11:38 PM
Posted 09 February 2009 - 12:27 PM
Posted 09 February 2009 - 06:34 PM
You could post it in the HJT-Malware Removal forum for assistance. Read the preparation guide over here if you are going to start a topic.
yea, ive got a machine im working on that has this problem.... and im at a loss as to how to fix this one
Posted 09 February 2009 - 10:22 PM
Posted 09 February 2009 - 11:05 PM
Edited by DTech, 09 February 2009 - 11:07 PM.
Posted 10 February 2009 - 04:32 PM
Posted 10 February 2009 - 05:47 PM
Posted 10 February 2009 - 05:56 PM
Yes, that is correct, I have seen this infection around too a few times. Wdmaud.sys in the Windows\system32 directory is a bad file, that causes the frequent Google redirects, but it is not a rootkit.
The latest flavor of this attack attaches code to EXE files, infects every HTM(L) file, .SCR file, downloads and installs numerous rootkits including, for the first time I have seen, legitimate and necessary files such as NDIS.SYS and WDMAUD.SYS.
Links? Information on this?
It is not VIRUT; but, rather a newly morphed flavor that is partially detected by numerous anti-bad guy apps though none of them is complete nor can they effect a cure!
Posted 10 February 2009 - 07:10 PM
Posted 10 February 2009 - 10:41 PM
Edited by DesolataX, 10 February 2009 - 10:42 PM.
Posted 10 February 2009 - 11:54 PM
Edited by DTech, 10 February 2009 - 11:59 PM.
Posted 11 February 2009 - 07:15 AM
Posted 11 February 2009 - 11:28 AM
Posted 11 February 2009 - 12:52 PM
Breaking Virus & Security News
Only the latest news about Virus and Security issues.
Forum Led by: Global Moderator, Moderator, harrywaldron
0 members, 0 guests, 0 anonymous users