Posted 14 February 2009 - 01:43 PM
Forgive me if this isn't posted in the right place, I'm a newbie on this forum.
One of my machines has a rootkit issue. I have alot of experience ridding viruses and malware, and am familiar with the use of Hijack This, and Combofix.
Once I realized something had hit the machine, I went to run Combofix, but it wouldn't run. I saw the post about re-naming it, and got past that. Now when I run it, it tells me that rootkit acticity has been detected, and it needs to reboot, which of course, it won't.
I downloaded Blacklight, and it finds a Master Boot record Hidden Item. Since the only thing I can do is Rename it, I was looking for some assurances.
I'm assuming that once it is renamed, a re-boot is called for. If I rename it, what happens then? Where does it get the new boot record?
Can't find any documentation on what to expect next, so I figured I'd ask before I destroyed the boot record.