rootkits
rootkit.tdsserv/fake - A Very Annoying RootKit
I had a really nasty experience last night with a rootkit only because I forgot my bootable antimalware disc. Root.TDSSERV/FAKE (as identified by SuperAntiSpyware) performs 100% search engine query redirection to go.google which then serves up malvertised websites (like info.com).
Once I used my bootable SAS (i had too run home and get my disc) [...]
A Weekend Of RootKits: Figaro.sys Rootkit
I took a few appointments this weekend and witnessed the same infection over and over again…Figaro.sys. The Figaro.sys rootkit is dropped in c:\windows\system32\drivers (on vista) and on XP i’ve seen it in the DLLCACHE folder.
I don’t know exactly what it does but I can give you the symptoms:
Random reboots
Virtumonde drops
Very slow logins
I removed Figaro.sys [...]
Worst Worm…
Ugggg…I just got my first USB stick worm and let me tell you….it SUCKED!!! This worm created or infected autorun.exe on my usb flash drive. Once you insert the USB stick into a PC it drops the files below into the following folders:
C:\windows\system32\ftp32.dll
C:\windows\system32\drivers\spools.exe (boy is that little .exe annoying)
C:\Documents and Settings\user\ctfmon.exe
Once these [...]
MBR Rootkit Removal
The new MBR rootkit can be very hard to detect and removal is a manual process. MBR removal instructions are below:
1. Locate you windows xp or vista bootable operating system cd/dvd.
2. Boot your to the CD/DVD
3. Choose to load the recovery console (for xp) or the repair tools for vista.
4. [...]
Rootkits - Free Detection and Removal How to
What is a rootkit and how to remove them.
Rootkits are becoming more and more common these days. For all of you who don’t know what they are I’ll try to explain it in simple terms.
What is a rootkit?
A Rootkit is a malicious program that is completely hidden from traditional anti-virus and anti-spyware [...]
