Aerospace


Home

Company Information

Information Request

Linux How-to Guides

ADSP 21xx
Digital Signal Processing
Tutorials

SW Utilities

On-line Order Form

Aerospace Projects

Commercial Projects

Circuit Boards

Server Support

Bonk

Have you found this site useful? Did we save you time? Did we cure your head-ache? Is your hair growing back now?

Please make a donation to help with maintenance.

Windows Junk Removal How-to Guide

For Windows XP

Scope

From time to time, a client would catch a Windows virus before the common removal tools know how to remove it. This guide presents some tips and tricks for the removal of really horrible Windows Viruses and Spyware.

Finding the Culprit

This is the easy part. Sometimes the virus or spyware scanner will tell you the file name, or you will see it during startup. You can find the file using the standard Windows File Find dialogue available from the start menu. If you then try to delete the file manually and Windows tells you that it won't comply, then the fun starts.

Deleting Undeletable Files

Malware writers sometimes hook a DLL to a common Windows process. This makes it impossible to delete the file, since Windows will always tell you that the file is in use and then won't do anything.

You can try to deregister the DLL, before deleting it, but that approach seldom works, since the malware will re-register it almost immediately:

c:\> regsrv32 /u browsela.dll
c:\> del browsela.dll

There is a special utility called 'killbox' which can set a file for deletion, then delete it after a reboot. This utility is available here: http://www.bleepingcomputer.com/files/killbox.php

You cannot delete Windows files using a normal Linux LiveCD, since Linux doesn't yet have write support for WindowsNT. However, you can try using a Linux CD, such as Austrumi, which uses the Captive NTFS which can write to Windows NT: http://cyti.latgola.lv/ruuni/index_en.html

Finally, you can use BartsPE, a Windows XP LiveCD. Simply boot Bart's, open a console, change to C: and go and do whatever you need to do. Get Bart's PE Builder here: http://www.nu2.nu/pebuilder/

A Bart's CD is very handy, but you need a good XP install CD to begin with and then follow the instructions to make a Bart's PE disc. So there is a bit of work involved, but it is well worth the effort.

Reset Windows Passwords

After a holiday clients sometimes call with the news that they forgot their password, or you need to service a machine and you don't know the password. Linux to the rescue!

To reset a Windows XP Password, boot with Austrumi (http://cyti.latgola.lv/ruuni/index_en.html), then do:

boot: nt_pass

This will launch a console utility that will detect Windows partitions on the hard disk and provide you with a menu to modify any user or Administrator passwords on the Windows system. It will even give access to the Windows registry for recovery purposes.

Another posibility is the Nordahl boot disks: http://home.eunet.no/~pnordahl/ntpasswd/

I have used this boot disk to good effect a few times. It comes in both a floppy disk and CDROM version.

Copyright © 2005-2008, Aerospace Software Ltd., GPL.