Blog‎ > ‎

Tales of Viruses, Trojans and Rootkits

posted 14 Sep 2012, 17:29 by Alistair Hamilton   [ updated 14 Sep 2012, 17:29 ]
viruses, trojans and rootkits
Well, it's well past midnight and into the early hours of Saturday morning and here I am repairing a client's Windows XP based laptop after a particularly nasty infection.... but I'm getting ahead of myself.

Earlier on Friday I called at a client to investigate what sounded like a minor malware infection. Her PC was a little slow - but that could be put down to the various applications that were running from start up - and her browser was suffering from a peculiar redirect that only seemed to send google.com/google.co.uk to a blank page.

She was using Avira anti-virus software (I'd never heard of it, but it seems to be legitimate on subsequent investigation). Anyway, I was supicious of it and removed it and installed Microsoft Security Essentials. Which Magazine in the UK recommend this and it seems to get good reviews, but I always have an ironic smile while installing it. The idea of Microsoft having to provide their own security software to protect infestations on their operating systems amuses me. If only they'd secure their OS from the start.

Subsequent scans and other checks indicated that there was nothing there. Her browser was behaving the way it should and after 90mins or so, I left leaving another satified customer behind.

An hour later, the problem had returned. So I promptly picked up her machine and brought it home for an indepth inspection.

Booting into Linux Mint on USB, BitDefender quickly identified the problem. Numerous Windows system files had been infected with trojans and rootkits. A simple delete got rid of them, but, as expected, Windows wouldn't start as some of its important files were now missing.

So here I am, having done a Repair Install from the installation CD, and I'm now going through the re-installation of service packs and updates to get the machine back to were it was. This is what really ticks me off about Windows. This process takes an absolute age, especially with Windows XP.

I'd actually convinced my client that wiping the lot and installing Linux would be the sensible thing to do - especially since Windows XP will be dumped by Microsoft in a little over a year along with any security updates and patches, as I've reported elsewhere. Against my better judgement, and because I cannot resist a challenge, I decided to run the risk of doing a Repair Install, knowing that if it went wrong, my client was happy to try Linux.

The re-installation of service pack 3 is just finishing as I type. Just a few more things to do now, so I should get to bed by 3:00am. There'll be no extra charge for the client though. All costs agreed in advance, which is always a risk when offering malware removal services as sometimes the process can take an inordinate amount of time. Thanks for that Microsoft!

Night night.