1.

Solve : New trojan in mass DNS hijack?

Answer»
Researchers have identified a new trojan that can tamper with a wide array of devices on a local network, an exploit that sends them to impostor websites even if they are hardened MACHINES that are fully patched or run non-Windows operating systems.

LinkI dealt with this exact rootkit a few days ago. It's a nasty bugger!! I'm HIGHLY suspicious it is a new variation of the TDSSSERV rootkit which is wrecking MANY a PC.

Here is a shortened version of what to do. Note I had to use The Avenger to finally delete the driver.

c:\windows\system32\drivers\ndisprot.sys <- Delete bad driver

Then use the IPCONFIG /flushdns command and possibly even reset your router.

Now use malwarebytes and then your antivirus to remove the REMAINING infections.


Discussion

No Comment Found

Related InterviewSolutions