Sunday, March 4, 2007

The Trojan War

Just came back from Peter's place an hour ago. Thank God, his leg cast's finally off! :D Praise God... trouble is, his knee is extremely stiff from the long time of being stuck in the cast - it hurts his knee very much if he has to bend it. So he has to slowly stretch it over time.

Anyway, spent several hours at his place, and we managed to remove a determinedly pesky Trojan horse from his computer after an epic and protracted battle of over six hours... half a million bytes or so wiped out... of sweat, blood and tears... ok, maybe we didn't shed so much blood. :P

[geek-alert]
Wow. First, we tried the standard tactics of crawling into the Windows registry and editing it by hand... aka hand-to-hand combat. But, we found out that the Trojan program simply reinstalled its references back into the registry after rebooting.

YA: Hey Peter, I sense its presence again. The Force is strong with this one.

So, we decided to unleash a Linux recovery CD called "Trinity Rescue Kit". Sounds like it came out of the Matrix, eh? But its antivirus program, ClamD, simply clammed up when it tried to scan a particular file. Tried again - and it clammed up at the same file. So lame.

Peter: Eh, looks like Linux just got owned by this trojan! Hahaha!
Finally, out of desperation, and much searching, we came across this program called BartPE. BartPE? It stands for:

Bart's Preinstalled Environment (BartPE) bootable live windows CD/DVD


Orh... I see... but after looking through the site, it looks reasonably genuine, not a phishing or spyware site. So tried it out.

YA: Hey man, this is the KWOS.
Peter: KWOS?
YA: The Kin Wee Operating System. His name is Bartholomew mah...
Peter: Ertz.
What BartPE does (to put it very simply) is that it burns a simplified version of Windows XP onto a CD-R and makes it bootable, so that you can use it as a boot CD.

P: Hey, you know what XP in Windows XP stands for?
YA: What?
P: Xtremely Pathetic.
YA: ...
And you can also add F-Prot, an anti-virus software. We used the DOS version, and put it together as a plugin for the BartPE software.

Finally, we booted up the whole contraption.
YA: This is it! It's do or die time!
Peter: The Final Battle!
And... it worked! :D Thank God! The virus was soundly defeated. So we cleaned up all the unwanted antivirus programs (AVG Free turned out to be pretty useless, whereas SpywareDoctor was able to detect the trojan, but you have to pay money to get the removal feature available)... sorta like dragging all the dead bodies from the battlefield after the battle, except that you drag the files to the Recycle Bin.
[/geek-alert]

Very good time tog, really treasure this time of fellowship. We didn't just stare at the comp - though we did stare for a LONG time. Very impressed by Peter's patience with the comp... =) Had a good time sharing about what was on my mind these few days with Peter too.

He reminded me that fighting against sin, including proud thoughts, is a daily battle. So true... =)

Ok... that's it for now...

No comments: