recently my friend had his facebook hacked and it was used to distribute a "site"
that repointed you several times and downloaded a version of the rootkit "blind
dragon" from somewhere in the netherlands.
this installed many files on my machine causing these symptoms:
1 - unable to access task manager by crtl+alt+del
2 - unable to use cd/dvd drive
3 - unable to load windows version in safe mode
4 - severe popups in all installed browser windows on or off line
5 - re-installation of everything msconfig told NOT to use
6 - ability to cloak files from search
7 - inability to access registry thru folder paths
in short, anything you could do to try and find it WITH another program was
not working and i tried a bit thru the command window and gave up...
i was going in circles with various anti EVERYTHING ware programs and still
no results until i google.co.uk'd:
which fixed everything...
this worm was pretty smart. it grabbed my browsers and took me to gala.com
instead of google.com, it even repointed me to another google when i arrived
there so it was in german... and even then it was a fakey. i got off lucky
by searching google.co.uk for my intel to find unhack me.
it's a free demo program. it flipping rocks.
it is NOT for noobs.
here are some files it installed
it's gonna ask you if you want to keep certain "unknown files" such as
"win.sys" and other such uberimportants... however when all ELSE fails,
if you need to uninstall a rootkit, go here.
tools i used to no avail to uninstall rootkit:
tools that uninstalled it:
tools i use everyday and will continue using:
glary registry cleaner
abexo registry cleaner
crap cleaner (ccleaner multifunctional cleaner)