Windows Vista Recovery Malware

I tend to hate working with Windows; especially since I've started working with Unix systems full time.

A friend of mine recently came to me asking for help; she didn't want to shell out tons of money to Geek Squad or similar, and i don't blame her. The other day she "cough" the Windows Vista Recovery malware, and didn't know what to do; nor did she know what had happened. So in a bit of a panic she emailed me (while at work). I told here that I'd help out, and not charge.

I booted her laptop and noticed right away the Windows Vista Recovery malware stating that her Hard drive had errors, AWESOME. Quick reboot and into safe mode I went.

After a quick Google I decided to be lazier than normal and try a tool to remove the issue. I tried Malwarebytes (www.malwarebytes.org). The install was windows simple; the scan took forever, not surprising. And in the end seemed to remove the problem. Sadly it didn't get every remnant, bits were left. I search the system for a few things because I was not familiar with the product. And I found most of the folders left behind, as well as some crippled .exe's; "Shift-del" you are my friend. And no this doesn't make my happy. I was trying to be lazy for once; looks like it bit me, and quickly might I add.

I poked around the system a little to see if there was anything else odd. Sure enough there was. So I grabbed SpyBot S&D (www.safer-networking.org); as well as the latest definitions for it and Windows defender. Ran SpyBot after updating it. And removed a small (read ~30) number of problems. The usual tracking cookie, and a few other items. I notice this as the default IE home page: http://home.mywebsearch.com again a quick Google confirms the site is associated with spy/adware. I noticed that spybot doesn't remove "home pages"; granted I didn't remember doing so.

I rebooted the system, this time starting normally. Again I noticed a few thing that were off. No documents, no pictures... Hummmm. Looked around and didn't see C:\Users\. I told windows to show All files; this worked, they were all hidden. So I unchecked the "hidden" option. Now we are starting to look a little better.

I also decided to dig through the Event viewer; many unique events listed. Sadly looking through 2+ years of logs is a pain. But I did notice that she may be having some issues with the hard drive after all, that and Windows Defender has warned her multiple time regarding adware/spyware...

Except there were a few borked installs of many programs. Kaspersky, iTunes, and some other things. I didn't have many of the disks. Seems that here install of Kaspersky is gone; she says it was installed and running, as she recently paid for continued support. However there seems to no trace of it on the system. So I decided to install Norton. Our employer provides us with a free copy for home use. iTunes was easy, Windows' "Repair" function fixed it's problems. But now I've noticed that iTunes cannot find any of her music. No big, there is only 7,000+ songs to locate. Ubuntu & ntfsundelete(8) almost to the rescue. Only found 50 or so files; shit. SystemRescueCd(http://www.sysresccd.org) is not helpful, nothing new for file recovery. It seams that I'm not having any luck finding any of her music files. Sadly I've ran out of ideas on how to get her music back. I've tried all the tools I know of that were free.

Good news: No more malware.

Bad news: I can't seem to recover her music.

If anyone knows of a way to recover files let me know (free is best for me).

Home built laptop

After a long while and tons of fighting with myself I've decided to for go the home built laptop, for now; mainly because the wife just bought me a Eee PC!

I am now the proud owner of a 10.1" 1.6Ghz Atom 270 Blue 1005HAB Eee PC. Granted the thing comes with Win7 starter edition. In time I plan on loading a few different Linux distros onto it. I'm leaning towards using Ubuntu's Netbook remix and BT4, but this will come in time. I'm not sure that I want to completely remove the win7 OS for the device. The 8.5 hrs of battery life is hard to ignore. And I do know that Linux doesn't seem to be all the way up to par when it comes to battery life.

Google Wave

An invite would be nice. That is if anyone would be kind enough to send one my way (alburnett@gmail.com)

I now have wave; no need for invites.

Research for laptop

The other day I went looking at BestBuy at their Netbooks. I was interested in their keyboard sizes. And during this I found out that my long fingers don't work well with many of the smaller ones (Eee PCs) particularly the Netbooks with screen sizes under 10".

I've also been scouring the Internet for a platform to use as my basis; I've looked at many embeded system boards. And have found that I'm not sure on which to get/use. I'd like to use one based upon AMD CPUs, particulary the Geode.

Crazy Idea (aka Laptop)

I had a crazy idea the other day. Build myself a laptop, it couldn't be that hard, could it? I decided to go semi-embedded, a small LCD screen, CF flash storage and a huge USB for more storage. Sounded quite easy until I started trying to figure out how to use a battery to power the device.

I'll have to write more on this crazy idea when I start working on this more. Until then I'll be trying to figure out exactly what components I want and how to jam the together.

Catch up

So I was busy; blame the monkeys. I've recently decided to catch up on the whole social networking "thing." Facebook and del.icio.us; not a bad way to start, oh and starting my blog again.
Now all that I've got to do is find a way to keep up with some straggling family members that are using mysapce (god I hate that site).

All for catching up.

Megadeth, I want my Megadeth

The other day I picked up a new Megadeth CD, That One Night Live in Buenos Aires.The music is the same that is on the DVD, which by the way is awesome. But there is a "bonus"; each CD has all of the songs in the Ogg Vorbis format, as well as a couple others, and each also has a single file of the whole CD. I hope this trend keeps up; copy paste is a lot easier than Riping.

Desktop upgrade

The other day I finally broke down and gave in; I rebuilt my desktop computer (for something like the 50th time). This time, unlike last time, I decided to do a clean install, which seems to work a lot better than an upgrade; at lest in Fedora Core. All went well, but I must say I miss some of the flexibility in FC6 when it came to package installs.

But then came the glitch. After the install came the reboot; which FAILED! It seems that the DVD that I was using, obtained from Linux Magazine (http://linux-magazine.com/) a UK based magazine, some how decided to not use the correct hardware address for my root partition. The partition that I has set up was on hd0,0 where as the grub config file had hd1,0; last time I checked I was not using a CD-ROM as my /boot partition. Thankfully this is an easy fix. I popped in my Knoppix DVD, umounted hda3(?) and re-mounted it with read/write and edited the file by hand.

This does worry me a bit, I have used Linux for a while now, something like 7 years; and the fact that I also have a glorious job as a Solaris Admin. But the not so experienced user is likely to give up right then and there, pop goes in the XP CD. Just my quick thoughts.

None the less I do like FC7, it works quite nice, even if I am still messing around with what to use, there is 7 "Media players" and a few other packages that will play many formats as well.

cout << ("Hello world!");

Lets get this started.