Hello all, this is Captain Robert of the SS PC Fixer. Another day, another virus extinguished. I cant help but feel that this will not be the last time. There was trouble getting out the door and rescheduling for a client who I dont think remembered his appointment today. Eventually I ended up at Mulholland Security where I fought with a nasty infection. This infection took over his system and disabled so many different things. For example, it disabled the control panel, it disabled the all programs on the start menu, it disabled the c drive under my computer, it disabled the task manager too! In fact, all of these were disabled in safe mode even. It even put a little “Virus Warning” text message next to the time. Nice touch. As if there were not enough, it repeatedly displayed popup messages proclaiming that the computer was infected. Well no kidding. It infected the client’s computer and then held the computer ransom by popping up messages trying to sell a cure. What a racket. I see this digital distortion all of the time. At any rate, the fools who coded the malware forgot one thing. They left the address bar. All I had to do was type c: into the address bar and I had access to the c: drive. From there I downloaded Spyware Doctor 4 (the best version of this software by far IMHO) from the www.pcsfixer.com website. From there I installed and updated it and prepared to run it. But first I used a program called whats running and killed every unnecessary process. Then I downloaded SUPERantispyware from http://www.superantispyware.com/ and updated it and ran it. This little free program is starting to grow on me. I really like the interface and it does a good job at removing certain (but by no means all) types of infections. Time will tell if it makes it to the final cut in the PC Fixer master application arsenal. 498 infections were removed. After running this program twice I set loose Spyware Doctor 4.0. Spyware Doctor removed 162 infections and after I rebooted all that was left was to edit the registry. Luckily the task manager was now available and a simple regedit command allowed me to edit the registry. I navigated to HKEY_LOCAL_MACHINESoftwareMicrosoft WindowsCurrentVersionPolicies to removed the blocked control panel, c drive, all programs etc. by changing the values from 1 to 0 and rebooted. The only thing left was to search the registry for the exact wording of “VIRUS WARNING!”. I found and deleted one entry and changed the time format of the other to remove the message. Whew! This took about 1.5 hours to complete. What a battle. Not the worst I have seen by any means but still, the coders are getting trickier.
What else did I do today? I unlocked my Cingular 8925 phone made by HTC. I helped a client capture some video for a court case with Camtasia Studio and a loopback adapter for my sound card. I helped a 97 year old Holocost Survivor with her new laptop. I posted a video of her on YouTube. You can check it out here: http://www.youtube.com/watch?v=9m47SqFts-M Then I installed Firefox 2.0 on an older Mac PC as the new 3.0 does not seem to work with the non intel machines. Then I helped another client with his AOL settings and then went to one more client’s home to reset his cable modem and install new security software! It was a full day. It was a good day.