 |
|
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||
 |
  |
|||||||||||||||||||||||||||||||||||||||||
|
|
||||||||||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||||||||
 |
||||||||||||||||||||||||||||||||||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
My Almost-daily Journal |
|
| About I love trying out new things, especially when it comes to internet technology. I never really kept a journal, but it's something that I've always wanted to do. Now, everybody will get a chance to look inside my twisted, and somewhat-warped mind.
I've also subscribed to Audio Blog, so a few times a week, I'll leave actual voice blogs. Very cool!XML Newsfeed Previous Posts
 |
Saturday, September 27, 2003
The Doctor is In!! I'm a special forces surgical strike team when it comes to removing viruses. Get a load of what I went through on Josh's computer tonight... Earlier tonight, I spent hours updating his f'ing operating system. It took me hours because I literally had to load each update in pieces because the viruses on his system were overwhelming his internet connection where it was timing out in the middle of the download. What a nightmare. Still, his ctrl-alt-delete and regedit would fire up for one second, then automatically close. Arrrrrrrrrrrrrggg! I was able to install Norton v 7.51, and I was even able to find the XP patch to enable real-time virus protection (which in turn actually caught two more viruses coming through... for where, I don't know). Getting this version to work on XP was a mild victory. Now, while in Norton, the W32.Spybot.Worm and Backdoor.Sdbot.Worm viruses were all quarantined and I was able to delete them... except for one m'f'er: winlodr.scr. I couldn't delete it for the life of me, probably because it was a running process (which I later find out it is). The only way to kill the winlodr.scr process is to fire up Task Manager with ctrl-alt-del. But winlodr.scr PREVENTED me from being able to fire the Task Manager, since that's one of it's side-effects that really FIRED ME UP! Arrrrrrrrrrrrg! And you think I could get into regedit? Nope. That automatically closed too, so I couldn't search for that key. Double ARRRRRRRRRRRGGG!!!!! I know! I'll f'ing change the name of taskmgr.exe to taskmgr1.exe in the system32 directory. Son-of-a-bitch! It worked! Finally, Task Manager stayed open! Rejoice m'f'er! And there it was: winlodr.scr sitting there as a running process. So I killed it, changed the name of taskmgr1.exe back to taskmgr.exe, tested it, and it worked. And I also deleted the m'f'ing file winlodr.scr from the system32 directory. So I decided to reboot. Guess what? Ctrl-alt-del didn't work after the reboot, and the m'f'ing file, winlodr.scr was BACK! ARRRRRRRRRGGG! I did the same thing again, changing the name of taskmgr.exe, killing the winlodr.scr process as well as deleting it from the system32 directory. I then went into regedit and found three different instances of winlodr.scr, and deleted those m'f'ing keys. I fired up Norton, and now I WAS ABLE to delete the virus from quarantine. What a nightmare!! And from reading about the W32.Spybot.Worm on the internet, there's many variants. It causes DDOS attacks (denial of service), which was obvious to me, just as another computer on the network. It sends out personal information, keystrokes, history, etc, continuously to IRC channels. It also opens up your P2P shared folder on the Gnutella P2P network. I'm a f'ing surgeon. There's more than one way to skin a cat. And just think, if he had anti-virus software loaded in the first place, this never would have happened. posted by Dino at 5:13 AM (permanent link) |