Root Kit
I was being infested by adwares so i decided to run the old-trusty Spybot to clean it up.
Spybot and adware clashed in a mortal kombat!
The counter started from 0.. 50.. 1000.. 3000.. until it ends somewhere at 30,000+ checks. Damn, why does it always takes so long to scan for adwares?
A slight freeze as Spybot finishes then it reports that New Dot Net and Cydoor trojans were found on my fuc*** pc, well it's my fault because I used a P2P application to download Manny's epic fight last time (you can't really blame me and it was worth it!). So I opted to remove them but New Dot Net persisted, I tried to schedule it for removal on boot then restarted my PC. I re-scanned but its still there; the fuc*** trojan is still there! Time for some drastic measures.
The only time you can't clean up a trojan is when it's rooted (it means it installed a "rookit" to stealth it totally), so i fired-up my "not-so-recommended for noob" Autorun and Rootkit Revealer from Sysinternals.com. I found that it has installed to .sys file called cert32 and cert64 including some other files that high-jacked some legit image entries in the registry, so all i needed to do was delete the entries then reboot.
* deleting..
I have just deleted the entries and the files, im going to reboot now. If you don't hear from me it means i fuc*** up my OS and I have to spend an entire day fixing it. Oh well, ill just boot Linux for a while until its fixed, too bad that some of my tools runs on MS Windows only, if not i would totaly junk MS.
Pray for me, im going to say hi first to some people online since it's going to be a long silent day for me if this doesn't work :((
0 comments:
Post a Comment