Nasty Ransomware!! I surrender.

Leave a comment

My friend got a locked screen and a notice from “Microsoft Tech” asking to call a 1-800 number so that they could fix the problem…

Long story short, he was attacked by a ransomware, and the asking price to unlock was $200 cdn. The biggest mistake was that he gave the “Tech” permission to remotely access his computer. Microsoft should know and obviously do that – I would say – more than 80% of people using WinOS are not savvy and au courant of all the XXXwares that could attack their PCs: ransomwares, malwares, viruses, worms, trojans,… The worst of it all his system was “protected” by Norton, but it didn’t catch it…at all.

So I got a call to see if I could savage the carnage. When I got there, I was happy to see that the OS was still “functional”, but lurking behind the system and unbeknownst to me traps were set already, so I started with what I normally would do: a full scan with Norton. The second defence was to upload and install Malwarebytes and started cleaning adwares, and malwares, … And Success! So I thought.

A moment of blissfulness quickly descended into Dante’s Inferno literally: HELL. As common practice it is imperative to run Malwarebytes and Norton again in Safe Mode to totally eradicate any remnants of these nasties; however, with Win 8 and 10, you cannot boot into Safe Mode directly by pressing F8 key anymore. What?!! Instead WIN10 – in my case -required that I went through Startup Settings to get to Safe Mode boot. Of course some gremlins had disable the selection of Safe Mode  (I was sure the developer(s) of the ransomeware see through my defensive logic). So I shut down the computer and pressed On/Off Key to do a full reboot. Wrong again. I triggered more gremlins and additional levels of Dante’s Hell. At this point after rebooting in to WinOS it asked for a password, a syskey’s password to be specific (all those private key and public key that could make your head spins.) Sadly at this stage the computer was completely hijacked. I was reluctant to give up, so I did a quick search on Google- eureka- I cracked syskey’s problem, I was able to log-in to the OS again. Now I must be able to go into Safe Mode. Damn you!!!

As their last assault, they used an old school boot-time virus to control the computer entirely: blue screen of errors. In my time, it was called MBR virus; this current one affected the BCD to the same effect. In that era, I had to boot with a “FLOPPY” with an antivirus app loaded, F-Prot, to kill the MBR virus, but I had no idea how it worked now. with the BCD error. Nevertheless, I kept trying and searching for solutions. Although I was able to get into the Command Mode in C:/ prompt, none of the things I tried work. The only option left was to do a full reinstall. HaHa, you wish! The ransomware was so virile that I couldn’t complete a full re-install. Of course, it didn’t allow me to re-install using the recovery partition either.

The very very last thing I did was to install Ubuntu (a Linux OS), hoping I could check, at least, the disk with Linux OS running: Nope! It basically shut out any sort of installation to the hard drive.

After 8 hours struggling with this thing, it was time to surrender. My final thought, never get yourself in a pickle like my friend’s. Be vigilant, be skeptical, be aware!

P.S. my friend took his laptop to a local computer store and had it repaired; now it’s good as new. Thankfully he has made backups.

Frozen Windows…

Leave a comment

Microsoft Windows wordmark

Microsoft Windows wordmark (Photo credit: Wikipedia)

By now, all people have experienced frozen screen when using Windows (whatever version), and it is the most frustrating experience, cause nothing moves, no sound, no hourglass, just nothing-less. Yes, you can try the three-finger salute (Ctrl-Alt-Delete) to “Shutdown“properly,but sometime that does not even do anything. Well, the only thing to do is to shut your computer down with the actual on/off button, and hope for the best.

Wait, there is one thing you must do when you turn it on again, it saved my laptops many times, that is to do a “Safe Boot“! If you know about this, good for you. I bet some people have no idea. Essentially, “Safe Boot” is to boot up Windows with minimal components, and it is most useful with the above scenario. Here is the how: when you turn your laptop or computer on again, shortly after the brand prompt (HP,Acer,..), Press and Hold F8, until a blue screen shows up with Safe Boot choices. I usually pick without network connection. Use your up-down button to select a choice, I usually choose “1”. Windows will boot up, and once it finishes, use your Start menu like usual and Shutdown properly.

Whenever I suspect my laptop has virus, worms, malware, adware,… that causes problem, I will also do a Safe Boot and use my virus/malware scan at that level, if things are detected, it will be cleaned, which may be the reason your Windows having problem shutting down in the first place.

I wish Windows 8 would finally resolve all these issues, and I am a dreamer!

Cheers.