HP ProBook 4540s (Energy Star) repair case study

I was recently handed a Hewlett-Packard ProBook 4540s Energy Star edition with Windows 7 Professional x64 on it. The problem had come from a lack of computer knowledge and some troublesome downloads.

The client had been informed that torrented movies were safe, legal, and easy.

Instead of downloading a movie, however, the client downloaded a pretty nasty piece of ransomware that I determined to be TeslaCrypt 3.0. 

In addition, the computer had a few other problems, and I’m not sure which caused what, but here’s everything that was wrong:

HP ProBook 4540s Problems
  • Encrypted Files by Ransomware
  • Lack of Administrative Permissions
    • Inability to install or remove software
    • Inability to update Windows
  • Disabled/non-functioning WiFi

This computer was absolutely trashed on a software level. The initial reason I was even given the computer was to recover some documents from the encryption, but I soon realized it needed more than that.

At first, I was just going to nuke the HD, wipe it, and install windows again.

Clean Start.

That was a no-go, however, as the client desperately needed some of the documents on the computer, and (if I could) the pictures as well.

Thankfully the infection that locked the computer down was TeslaCrypt. It’s a pretty malicious piece of software, but very well documented.

Essentially what TeslaCrypt does is lock down all of your files with a 256 encryption, changes their file extension to something obscure (.zzz,.vvv,.ccc.,.vrz, etc.) and makes them unusable.

The hackers are kind enough to autorun a text file and HTML file on start up to inform you that you can buy the private key off of them for the low, low price of a lot of money, and with this key you’ll be able to decrypt your files.

I assume the software to decrypt is also located somewhere either already on the pc at this point, or given to you with the key.

How to remove TeslaCrypt (.ccc, .vvv file types)

We were in luck here as the specific ransomware software used on the computer was TeslaCrypt. 

This is fortunate for us because the dicks behind TeslaCrypt had a weird and mysterious change of heart last year and released their master decryption key.

This allowed Bleeping Computer’s BloodDolly to fully update his TeslaDecoder software.

If your computer is infected with ransomware and your file types match TeslaCrypt file types, just click this link and follow the instructions.

TeslaDecoder is easy to use and straightforward. I managed to decrypt everything on the PC over a 3 hour run and delete all of the encrypted files.

Removing Malware from the 4540s

The next stage after decrypting everything was to immediately back up the desired files to a sterilized USB drive and keep it far away from any other computer. I don’t even want my computer looking at that USB drive.

Then I had to remove all of the malware. This was a problem because the computer – as I would later find out – had 864 different malware and virus infections (pulled from AVG, Malware Bytes, & Hitman Pro).

One of those, or maybe a few of them (who knows?), impacted the registry in a significant way. All administrative positions and powers were stripped from the computer.

This removed the ability to install any kind of software or update Windows (which had either been rolled back or never updated).

I didn’t have system restore records that went far enough back to try and undue any of these changes, either. The built in HP repair and restore tools were unable to make any meaningful change, and the Windows repair tools were blocked off.

I booted the computer in safe mode and after 4 or 5 different attempts, Malware Bytes installed (somehow, for some reason), but no other software would.

I ran Malware Bytes, removed a significant amount of malware, and attempted to debug the registry, but there were more problems than I had answers.

Eventually I decided that the only way to get the computer clean and free was to use the cloud boot disk tool from HP to create a Win7 Pro install stick on a thumb drive and then wipe the computer.

The first go at it, I was informed that Windows on the computer was corrupted (lol) and that it could be repaired. So I gave that a shot. Didn’t work. 

I went at it again, but this time departitioned and formatted the whole HDD, and re-installed Windows clean.

I used a different computer and (third) USB stick to download some essential drivers (kb, monitor, ethernet), and then installed them on the 4540s.

From there I had wired internet and was able to update Windows (248 updates altogether), download and install anti-virus and anti-malware software, a safer browser than IE (chrome), and some office tools.

The final piece of the puzzle was IOBit’s Driver Booster 4.2, which reads your hardware, finds the appropriate drivers and installs them for you. For free.

It’s great.

Fixing disabled wifi HP ProBook 4540s Windows 7 Professional

This was the only thing I couldn’t do because I didn’t have the time or resources.

The wifi was enabled, but off. And nothing could turn it on. Not the Windows Mobility Center, nothing in the devices list, not the HP Wireless Assistant, not the BIOS, nothing.

But just in case you’re having problems with your Windows 7 wireless not working, here are some things you can do to remove that red X over your WiFi icon:

Is it plugged in?

This is the most basic step. Most computers are going to have a ‘button’ to turn your wifi on and off. It could be a function key, it could be it’s own key. Have you tried pressing that button to make sure the wifi is on?


Head to your control panel, view it in icon mode, and open up your device manager.

Find your wireless adaptor, right click it, and disable it.

Count to five.

Re-enable it.

Uninstall / Reinstall

Back in the device manager from the previous step, right click your wireless adapter and click ‘properties’. From there, go to your driver, and uninstall.

Now reboot your system and let it reinstall the driver on its own.

Check Your BIOS

On boot, before Windows starts up, press your F9 key (or F10, or F2, or F12, or ESC – you know what, just press them all) and enter your system BIOS.

Find your hardware settings and make sure that your wireless card is actually mounted and enabled.

You’ll also want to disable LAN/WLAN switching, as the OS should take care of this, and your system would just get in the way and muck it up.

Reseat your card

Open up the back of your computer, find your wireless card (google for a diagram if unsure), and remove it. Then put it back. Make sure it’s in there good.

None of that worked!

Yeah, none of it worked for me either. But most people’s laptop wireless problems will be solved somewhere in that list.

After poking around some more and reading through logs and sheeeeeuht, I determined that the wireless card was attached, enabled, and working, but not on.

I was surprised to find that the computer was making a distinction between “enabled” and “on“.

For the life of me I couldn’t figure out why the card would be installed, enabled, but not functional. I spent about an hour searching around without finding any answers.

Ultimately, I settled on probably needing to test the hardware (as wired connections worked just fine) to come up with an answer, but was due to return the computer.

If you have any thoughts on the wifi thing, let me know.

Leave a Reply

Your email address will not be published. Required fields are marked *