Re: Removal and forensics of advanced rootkit employing Shadow Walker technology - help needed!!!
- From: "karl levinson, mvp" <levinson_k@xxxxxxxxxxxxxxxxxx>
- Date: Sat, 15 Jul 2006 09:17:57 -0400
"Polanski24" <infodate@xxxxxxxx> wrote in message
news:1152955474.459968.263370@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello!
Last week one of my home systems was seriously compromised with than
brand new and undetected Trojan-Downloader.Win32.Small.dey. I got
bitter credit from KasperskyLabs for discovering malware but they did
not manage to provide any solution to removing all payloads installed
by it. Due to fortunate errors made by rootkit programmer which allows
for easy spotting of its presence with system abnormal behaviour
symptoms I coul easily spot presence of malware on compromised system.
Question, I'm curious what was the name of the file you submitted to
Kaspersky?
You're certain there's no chance the SVV could be incorrect? It doesn't
look like there are any guarantees made with that tool. You don't have a
similarly configured system you could run SVV against and compare the
results, do you?
.
- Follow-Ups:
- References:
- Prev by Date: Re: Short List of Security Questions
- Next by Date: Re: Short List of Security Questions
- Previous by thread: Removal and forensics of advanced rootkit employing Shadow Walker technology - help needed!!!
- Next by thread: Re: Removal and forensics of advanced rootkit employing Shadow Walker technology - help needed!!!
- Index(es):
