A client called me because one of the office computer “was not working.”
Well, the problem was much severe than described. It suffered from multiple malware infections. As usual, I used numbers of applications to detect and remove the malware. I also noted that this computer is unable to download any Windows Update.
- Microsoft’s Malicious Software Removal Tool
- Microsoft’s Safety Scanner
- Malwarebytes AntiMalware
- Combofix
- Spybot – Search & Destroy
- Hitman Pro
So, the system is infected with TDSS Rootkit.
The next step is to download Kaspersky Anti-rootkit utility TDSSKiller.
I made sure to “Change parameters” and select the option to detect TDSS file system.
After a reboot, Windows is able to download and install updates.