Thread: Security Help needed
View Single Post
  #5  
Old 23rd Feb 06, 04:03 AM
lickablepig lickablepig is offline
BetaONE Supporter
  
Join Date: Oct 2001
Location: PST -08:00
Posts: 261
lickablepig is an unknown quantity at this point
Thank you all for the suggestions, I really appreciate it. Yes spy sweeper is in my arsenal user needs, btw the hijackthis log is clean i've gotten everything except the one RootKit which of course doesn't show cuz it's cloaked imo.

The guy Mark Russinovich over @sysinternals has some good reading & i've used /using RootKit Revealer2 to identify it, the damn thing started changing names it threw me for a loop plus I had been up for a while and wasn't thinking str8. He (Mark) also had some beta's floating around i think then these scumbag authors started using his command line version in such a way that now he's sending only to Security professionals blah, blah, blah when. JacKDynne thanks for the link, RKDetector didn't work for me for one reason or another. Just kept reappearing.
Quote:
Have you tried both ms malware removal tool and the new defender antispyware? Both are good at removing root kits.
Yes was no help at all one of the first group of stuff I tried cableguy.

BUT when you mentioned F-Secure it struck a chord or rang a bell ya might say About 4 or 6 months ago remember reading bout an early beta called blklite.exe

So i searched their webpage & read that the stand_alone version of BlackLight's expiration had been extended until 1st of May 2006. Just what the doctor ordered hehe.

Didn't want to use the F-Secure suite (which has rootkit technology) cause imho it embeds itself too much into ur system & just wanted to avoid if i could. (IT alone hosed one of my boxes when i tried it when it first came out) a while back.

Thanks again cableguy for ringin da bell That's the puppy that worked for me. Had the Rootkit Defender Trojan flavor btw, but Blacklight eradicated it by renaming it in such a way that it didn't return after shutting off the computer.

UnhacKmE also tried to rename & stop the process but it returned after shutting down.

With a hard reboot & then going into safe mode then returning to regular mode and running Blacklight multiple times was how it finally stayed gone.

I would've tried voodoo, walking around my chair 3 times then reboot into safe mode while walking & chewing gum at once if i thought it would rid the rootkit from the system, also that box (did i mention it was a Sony Vaio ) haha, bad Sony bad First 4 Internet!
Attached Files
File Type: rar blbeta.rar (217.5 KB, 0 views)
__________________
jizac_aka_lickablepig
(Y) (jizac)
(':') |/
("(")_)0


Reply With Quote