Computer Tips and Tricks

Got another laptop from a customer with a Fake Antivirus that they inadvertently clicked on to startup that looks like they have 1300 infections and malware wanting them to click to a site for more help, or more importantly to at some point steal their personal info.

This one even had popups down in the lower right corner that is showing that the hard disk has bad sectors and needs to be replaced and that the graphics chip temperature is too hot and the motherboard needs to be replaced as well. Ofcouse this was fake, because I loaded HDTune and the drive tested fine and then loaded Speccy and the temp of the graphics was normal. All the person’s files were hidden so it looked like all the files are gone. Enough to make anyone stress out to the max.

First thing was to run ATF cleaner to get rid of all temporary files so I don’t have to wade through those. Could not install Super Anti Spyware locally in normal mode. Had to boot into safe mode with networking, then install SAS. Ran a fast scan first and removed all the malware. After reboot, ran deep scan with SAS in normal mode and removed some more trojans.

Next, I ran unhide.exe from bleepingcomputer.com or from technibble.com to get personal files to show up again. Now I cant see all the original items in the start menu still such as control panel or the “run” menu item. If you right click on start, then properties, > Customize > Advanced Tab > then in the Start menu Items: I click on the “Display as a link” on all the items that I want to show back up such as Control panel, Run, Printers, etc.

To further work on this cleanup, I install updates for Super Anti-spyware, Installed security essentials because the current security essentials is not even visible in the menus anymore even though it’s on the machine!  I got to ninite.com and install all the pertinent updates for flashes, java, vlc, teamviewer, hulu, reader, firefox, cutepdf, dropbox, everything search and Glary Utilities.

Installed My web of trust on firefox and ie and also did WSUS offline updates to get the latest Microsoft updates to a decent point. Did further updates via the Microsoft website.

Looking at device drivers, I also noticed that the ethernet card was disabled, so went into sysdm.cpl > device manager > right click on card > then enable. Now back in business.

The hard drive looked like swiss cheese and since it’s XP, ran jkdefrag on it till it looked good.

One of my favorite performance boosters is to speed up the start menu bar by editing the registry and tweak the menu show delay. I change it to 90Ms. Set it by regedit > HKey_current_user > Control Panel > Desktop > then modify MenuShowDelay to 90 instead of 400. It really has the effect of speeding up the Start menu clicks especially on XP.

There you have have, another satisfied customer.

Technorati Tags: unhide malware virus

Tags: unhide malware virus