I've got a Sophos protected PC infected with TDL rootkit. I guess TDL 3.23 came out a couple days ago. It's probably what I have since Sophos, GMER, and Malwarebytes can't detect it. Do you have anything out yet that will find TDL 3.23 or know where I should go? Hitman 3.5? Combofix? I'm getting lots of search engine click redirects, my host file is ok. I've seen this before and was able to get rid of it with GMER. Not this new one though. It really is a piece of work.
http://virusvn.com/download/video-tutorial/tdl3_analysis_paper.pdf
- Joe
This thread was automatically locked due to age.