Posted 13 March 2011 - 08:10 PM
by downloading an executable that looked like a freeware program from the internet my trouble started. It wanted to open the command prompt repeatedly and didn't let me do anything else than clicking on no buttons. All of a sudden a kind of fake security application was installed. When I tried to clean it by running drweb cureit, a rootkit was detected and just when drweb cureit tried to delete it, the machine stopped working. It doesn't even restart in safe mode but stop all the time with a bluescreen during the boot process. I spent my sunday trying to fix it but no success so far. I was replacing the master boot record with ultimatebootcd4win, but didn't help, I was running drweb livecd which took more than 20 hours when it stopped with a segmentation fault. It discovered few things but not the rootkit anymore. Hitman Pro gave a hint to Alureon/TDSS but didn't solve the problem. I also tried the other av software coming with ultimatebootcd for windows. I was discovering the article on bleepingcomputer.com about combofix and wanted to give it a try - ok, it's risky, but what can I loose - I mean otherwise if I don't get my machine clean I have to spend a day reinstalling the system, all software and so on.
So in the article and on the download site it was saying it's running with windows 7 64bit. However when I tried to run it from ultimatebootcd 4 win it says only 32bit, and that only windows xp and 2000 are supported (the basis for ubcd4win is win xp 32bit, but the system affected was a windows 7 64bit). So how to get combofix work? or what else could I do?
Thanks for ideas, help, guidance, advice.
And have a good (better) start into the new week.