It’s been a busy Thanksgiving weekend – I spent a lot of time on Thanksgiving working on a relative’s EEE netbook which had “problems”. That was about as technical as you get for the error report but on seeing the “windows security center” program that popped up on initial login I knew I was in for some fun.
The fake av software Antivirus plus was removed with the help of the BleepingComputer Antivirus plus removal guide but there were a few oddities in the process.
One of my favourite tools is a removable usb thumbdrive with a write protect switch so I can update the thumbdrive, set it to readonly and then use it on an infected pc without worrying about infecting my thumbdrive – incidentally I tried to find another one of these on Black Friday at Microcenter but was unable to do so. Anyway, prior to going to Thanksgiving dinner I updated my Ketarin Whatsmypass setup so I would have all of the av tools I needed (or so I thought)
Following the removal process I needed to download the rkill.com file which killed the virus process’ and malwarebytes was installed. I needed to download the random filename for malwarebytes and oddly enough the documentation doesn’t mention that if you download this on the infected pc then you are likely to kick off the antivirus plus program due to it’s hooks into ie that have not been cleaned up yet. I know this is common sense for the seasoned av cleaner, but newbies following the steps blindly may get reinfected during the process.
It would be really nice if malwarebytes would include the latest definitions as part of the install when you download the original file but I guess they don’t want to rebuild their setup program every night. After a bit of research today I’ve found that you can get the latest definition updates online so I’ll be updating the ketarin for that too.
After the virus was removed it was time to update the pc for windows updates. The first round was 72 windows patches. I couldn’t use my autopatcher/offline patcher cd as the eee pc did not come with an external drive so I had to wait about an hour to install them. After a reboot, there were another 34 to download – by this time my relative had to leave to drive home so I gave her instructions on what to do – the first two were to buy a router so her pc is not directly attached to the internet and to boot the machine up and leave it on overnight at least once a month for the windows updates to install.
Hopefully she’ll get used to firefox as her default browser 😉
The funny thing is I was asked how much they owed me for the work… I spent 5 hours (on and off) on the machine all told – they purchased it for $150. I know it would be hard to find it for that price again, but they could have purchased 2 of them and had change left if I had charged them the going rate.
As to the pc itself, this was my first exposure to the eee pc – I was pretty impressed. It wasn’t too slow (although the scan took forever) so would make a good portable pc for web browsing use. At this point I didn’t have my Chromium OS thumb drive or I’d have given that a go to see how Chromium performed on the machine.