Malware removal

I’ve spent a fun evening1 trying to get rid of some insidious malware on the house gaming PC. I think it’s mostly gone, though I’m not certain (and I don’t have the day’s time to reinstall everything). However, I did find some useful stuff along the way.

Firstly, even though googling for something related to the malware will turn up some information about it, chances are that it’s a bloody rootkit that’s thrust itself into the windows kernel like a rhino in heat. So you won’t be able to see, or delete the files it’s talking about.

Finding out problems that are being covered up by the rootkit is greatly aided by the wonderful sysinternals utilities. In particular RootkitRevealer successfully found a number of hidden registry entries. Later on, AutoRuns helped me to find a few other things lurking around my boot process.

But the real pièce de résistance was ntpasswd: a miniature bootable Linux, only 3Mb, which made finding and removing those troublesome files (even though they’re on an NTFS partition) a snap. I like it a lot. Plus, it’ll let you change the admin password on people’s PCs, so I may have to take it in to work. 🙂

Anyway, the end result is that I’ve spent a couple of hours working on something I don’t particularly care about by somebody on the other side of the planet who doesn’t know me from Adam. Isn’t the Internet a sheer bloody marvel?

Now. Work or bed?

1 as in “not fun at all.”


Getting Vista?

When this is the best argument a pro-microsoft person can come up with, you know it’s time to abandon all hope.

10. Face it, you have no choice. When Microsoft brings out a major renovation to Windows, you can choose to ignore it for a year or two, but then the device drivers start drying up for older versions of Windows, your friends start asking questions about their new PC that you can’t answer, and even if you use Linux, you’ll inevitably need familiarity with Microsoft’s latest interoperability blockers. Face it: your arse belongs to Redmond. —10 reasons to upgrade to Vista