Posted 27 October 2011 - 12:16 PM
I am working on a clients computer and he has(had) a FakeHDD variant on here. I thought I was able to successfully remove it but it either was a more serious infection than I thought or got back on the computer.
The main part of the infection seems to be removed but there is one file that just will not go away that makes me think there is a rootkit on the system.
MalwareBytes picks this up as a Trojan.Agent but nothing will delete it. Well, I can delete it, but it comes right back. I have tried booting into safe mode and running MalwareBytes, again it picks up the Trojan.Agent, but no other files are detected. I tried pulling the drive out and running Antivir and MalwareBytes from another computer and it does not pick anything up.
Please give me instructions on what information to provide so we can find out what this guy is and how to remove it.