I was just reading about a ransomware virus that basically takes control of your computer, activates your webcam and actually takes a picture. The screen comes up with a realistic FBI warning that you have been watching child pornography. They then want you to give them money somewhere around $200 dollars. Obviously the FBI would never conduct an investigation in this way. The wanting of money is definitely a dead giveaway. So do not panic as a poor fellow in Florida did.
You have two choices on what course of action you take. The first is if you have access to another computer you could download the free hirens 15.1 and 15.2 iso files and burn them to cdr disks. The download tdsskiller.exe, combofix, free malwarebytes, spybot (current portable version), Eset online scanner portable version and super anti spyware portable, clamwin portable and a-squared. Download these to a usb flash drive that is at least 4gb. First on the infected computer try to boot to the safe mode with networking by pressing the F8 key during the post test. If you can get to the safe mode, copy the programs from the flash drive to the desktop. I usually keep them in a folder called virus cleaners. Run them in this order rebooting if necessary. Tdsskiller.exe, Combofix.exe, Malwarebytes, SuperAnti Spyware, Eset, Clamwin and A-squared. Most of these can be downloaded from bleeping.com . Clamwin and Super Anti Spyware Portable may have to come from their own websites.
If you can not enter the safe mode, boot off of the hirens 15.1 disk, choose mini windows environment and copy your virus cleaning programs to a folder on the root drive. I should note that super anti spyware will have to be started first from the hirens disk. It is in the programs list under virus cleaning or something to that effect. If you try to run your downloaded version first the computer will bluescreen and you will have to start over. When all virus cleaning programs have been run you can try rebooting to the normal mode. Also note that Combofix does not run yet in windows 8.1, but runs in windows 8.
Another option is to connect a good known hard drive, install a fresh load of windows. You do not have to activate the software due to only using it to run the cleaning software. Connect your infected drive as a second drive in the system. Run all virus cleaning programs rebooting when necessary. Disconnect the fresh install drive and reconnect your original and try booting up the system. If it still will not run, then the only alternative is to save data, wipe out the hard drive by repartitioning and reformatting. Reinstall the windows operating system and activate windows. Reinstall all software and virus software. Copy all your saved data back to the system. All programs will have to be reinstalled.
If you are not comfortable with doing this your self then I would suggest taking it to a professional computer service shop in your local area. Check out any reviews before taking it to any computer repair shop, so you save yourself any headaches. Avoid any place that says it has to be wiped out before they even try to clean the viruses. There are some places that will do that so they get it out as fast as possible. That is not customer satisfaction. Also watch out for any service shop that quotes one price and then wants to charge more.
Thank You for reading, I hope this helps.
No comments:
Post a Comment