When I wrote about Cleaning Your PC With ComboFix a short time ago, I had not run into a problem that ComboFix did not fix.
Well, that changed over the weekend. I had a REALLY infected PC to clean, it had rootkits and all.
First problem was that it would not boot into Windows Safe mode so I could run ComboFix. The malware had attached itself to iastor.sys, the Intel hard disk subsystem file.
So I had to do a Windows Repair Install, then run ComboFix.
ComboFix reported that the file “ACCWTROL.DLL” was trying to attach itself to ComboFix and that it would be disabled and that I should write down the name of that file in case we needed it later.
I was never informed by ComboFix that we needed it, but some things still were NOT working right.
After searching around a little, I finally renamed ACCWTROL.DLL in C:\Windows\System32 and gave it an extension of “.suspect” to disable it.
Voila, PC fixed.
So, yes ComboFix tipped me off, but no, it did not clean the PC completely by itself. But, hey, whaddaya want for free?