Posted 02 October 2009 - 11:10 AM
Brought to me this morning is an XP system which has a brand new, undetectable variant of either Virux or Virut.
I have restored the registry to 9/10/2009 (thank you ERUNT!), deleted several trojan (.SYS) files using a Dos boot CD, and scoured the system; even running AVG's Virut removal tool (V1.22+) and nothing is detected (period) But; even in Safe Mode, running Sysinternals Autoruns, it starts to load, dissapears, and the Autoruns.exe file is then corrupted. Even better, it has been set so I can't copy it to send out for analysis!
The owner of the system was initially attacked on 9/30/2009.
Computer dinosaur, servicing PC's since 1976