I noticed Avast uploading files to a suspicious URL and then it hit me: I got a nasty rootkit! Of course nothing could detect the frakker except for ComboFix. All these resident AV and firewall apps are no good against some of those rootkits. What info could it possibly have stolen? I don't do financial transactions on my PC and prefer the old fashioned way. My emails aren't that important either.
c:\windows\system32\drivers\ovfsthymnfwabwruwgbobrrnsdknkcpwkwpxbj.sys
c:\windows\system32\ovfsthaisotuibndroqhjqbdqompcpsbxjlgjj.dat
c:\windows\system32\ovfsthcpdcrhroagncpbvobuvrmnhbittadydj.dll
c:\windows\system32\ovfsthepyedijkdaicckfnoyxevvhblqgjlpss.dll
c:\windows\system32\ovfsthlkllxfvemtsorgvxbcxmyowuicdiioag.dll
c:\windows\system32\ovfsthudbmfweufjqoaxenawiiixlvniqsdlkx.dat
Of course the filenames are randomly generated strings but has anyone been affected by this rootkit before? Catchme's log doesn't define the actual rootkit.
