| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 103921 | 2009-10-10 12:29:00 | virus problem | sazd1 (15338) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 819084 | 2009-10-16 07:50:00 | Your problems might be from a bad hard disc, but you'd most likely be getting messages to alert you that data is corrupted. I believe it is FAR MORE LIKELY that you have one of those viruses that encrypts your files, and then essentially holds your data for ransom - demanding money in exchange for the key that will unlock your files. Problem being - would you trust these bast*rds with a credit card number? Would they really care if your files are dead? They just want your ccard or money. You need to stop booting up from this drive immediately. Ideally, get another computer. Make sure the assisting machine is loaded with up to date antivirus, and has the likes of MalwareBytes installed and up to date BEFORE you go any further. Once you start this process you need to be prepared to continue it without taking that computer online or onto any other network (keep your woes to your own drive!) I'll assume the infected drive is an IDE drive (has a very wide ribbon cable attached to it). You need to remove this drive from the infected machine. You must also set this drive to SLAVE (or risk infecting your disinfecting computer). There are 'jumpers' - little plastic connectors at the rear of the drive that connect two pins together. Determine from the label on the top of the drive where the jumper needs to be (one of 4 positions) in order to make the drive a SLAVE. Also take note of the original jumper position, which is most probably MASTER or CS (Cable Select). Slide the jumper into the new position for SLAVE. Tweezers may help. In the disinfecting computer (which is fully shut down and turned OFF), remove the IDE ribbon cable from the DVD/CD drive. Connect it to your infected drive. Do the same with the 4-wire power cable attached to the CD/DVD. Take care that your infeceted drives circuitry is not against any other metal, electrical or magnetic parts. Boot up the disinfecting machine into Windows. Your infected drive should show up as a drive letter other than C: (probably D: or E: unless the disinfecting drive has numerous partitions) Run the antivirus and anti malware apps on your disinfecting machine. You can save time by having them check your infected drive only, rather than their own C: drive in addition to your trouble drive.. Don't be tempted to open a single file on your old drive until the anti vir / anti malware have done their job. Say your prayers. Once the apps have rendered the drive as clean as they can get them 1) Copy the antivirus programms installers to the infected drive. 2) Copy the malwareBytes installer to the infected drive 3) shut down the disinfecting machine. Remove your troubled drive, and set it back to MASTER. Replace it in your trouble machine, reconnect the cables, and fire it up, but stay offline and off any networks. Use the pre-existing antivir / antimalware apps (if they still work) to do further checks. Run the installers for the Antivir / anitmalware that you added from the clean machine, and let them run - and risk an update online (then promptly go offline again) Let them do their thing, then try opening your files. You also have a duty to check that the disinfecting machine is still ok. Reconnect it's optical drive, boot it up and scan it with everything you can find (from reputable sources only - beware, coz there's so much crud posing as a solution to your problems, that only adds further to your infections). |
Paul.Cov (425) | ||
| 1 2 | |||||