All about Mobile, Web, Technology, Politics, Security, E-Commerce and Living in the Philippines.

Tuesday, February 21, 2006

Root Kit

I was being infested by adwares so i decided to run the old-trusty Spybot to clean it up.

Spybot and adware clashed in a mortal kombat!

The counter started from 0.. 50.. 1000.. 3000.. until it ends somewhere at 30,000+ checks. Damn, why does it always takes so long to scan for adwares?

A slight freeze as Spybot finishes then it reports that New Dot Net and Cydoor trojans were found on my fuc*** pc, well it's my fault because I used a P2P application to download Manny's epic fight last time (you can't really blame me and it was worth it!). So I opted to remove them but New Dot Net persisted, I tried to schedule it for removal on boot then restarted my PC. I re-scanned but its still there; the fuc*** trojan is still there! Time for some drastic measures.

The only time you can't clean up a trojan is when it's rooted (it means it installed a "rookit" to stealth it totally), so i fired-up my "not-so-recommended for noob" Autorun and Rootkit Revealer from I found that it has installed to .sys file called cert32 and cert64 including some other files that high-jacked some legit image entries in the registry, so all i needed to do was delete the entries then reboot.

* deleting..

I have just deleted the entries and the files, im going to reboot now. If you don't hear from me it means i fuc*** up my OS and I have to spend an entire day fixing it. Oh well, ill just boot Linux for a while until its fixed, too bad that some of my tools runs on MS Windows only, if not i would totaly junk MS.

Pray for me, im going to say hi first to some people online since it's going to be a long silent day for me if this doesn't work :((


Related Links