i really hate microsoft sometimes
sometime last night, my desktop got rooted. I'm guessing when i was browsing the DragonAge wiki (which means it could of been on a page or from an ad). I'm pretty sure it was from there because I noticed that the java console had popped up, then the "fun" started. Lets see, spybot is saying virtumonde.prx and PWS.LDPinchIE and a bunch of things disabled (like system restore which I can't get to re-enable). booting from cd into recovery console, I noticed a service called 4dw4r3 which is a rootkit. I disabled that but not sure how disabled it or other things are (I also tracked down two files which are running from a temp directory which also keyed me in that files are now hidden from view and the virus will probably thwart my attempts to unhide them by registry hacking since the normal way to unhide is not available). After giving spybot another go at removing this (last time was before i disabled the rootkit), I'm going to uninstall java since i don't really need it and i suspect the virus uses it.
but basically, WTH Microsoft. only you would design a OS where not only can recovery programs be turned off without even a prompt, but they can also be turned off without a prompt in a way where an admin account can't reactivate directly (and the indirect registry hack keeps getting undone by the virus).
all I know is once i get this taken care of, its time to install noscript as well as permanently cripple IE (I wonder if I can force windows firewall to deny IE a path out).
but basically, WTH Microsoft. only you would design a OS where not only can recovery programs be turned off without even a prompt, but they can also be turned off without a prompt in a way where an admin account can't reactivate directly (and the indirect registry hack keeps getting undone by the virus).
all I know is once i get this taken care of, its time to install noscript as well as permanently cripple IE (I wonder if I can force windows firewall to deny IE a path out).