I recently worked on a notebook computer that had been infected with a version of Ransomware (AKA FBI Virus) I have removed this virus on many a computer in the past however, when I completed the same removal process (A combination of PXE Malware Removal
tools [Kaspersky, Norton, Webroot, TDSS Killer, PowerEraser, etc...] and manual removal [Locating randomly named .exe files) the computer seemed clean. I restarted it, ran updates, ran the original Anti Virus (Malwarebytes / Security Essentials.) programs
reported 0 infected files. I put this in the hands of another technician who then brought in back to the client, connected it back to their network only to have it play random music and launch random programs on the computer.
In summation Are computers that have been added to a domain affected by malicious software in different, specific areas? If so, what areas? I only noticed that the malware entry added itself into the users "Roaming" folder. Aside from that, the malware
seemed to infect identical to that of a non-domain connected machine.
Are there tips from techs who have done many successful removals on domain machines that may be able to supply me with a guide?
**** I have read other post, I would like to know if "Emsisoft Emergency Kit" and "HitmanPro" are legit.
Thanks for your help
View this thread
tools [Kaspersky, Norton, Webroot, TDSS Killer, PowerEraser, etc...] and manual removal [Locating randomly named .exe files) the computer seemed clean. I restarted it, ran updates, ran the original Anti Virus (Malwarebytes / Security Essentials.) programs
reported 0 infected files. I put this in the hands of another technician who then brought in back to the client, connected it back to their network only to have it play random music and launch random programs on the computer.
In summation Are computers that have been added to a domain affected by malicious software in different, specific areas? If so, what areas? I only noticed that the malware entry added itself into the users "Roaming" folder. Aside from that, the malware
seemed to infect identical to that of a non-domain connected machine.
Are there tips from techs who have done many successful removals on domain machines that may be able to supply me with a guide?
**** I have read other post, I would like to know if "Emsisoft Emergency Kit" and "HitmanPro" are legit.
Thanks for your help
View this thread
