Fixed “Extortionware” Virus on Windows8 machine

The computer said the following (Image below)

The customer did not actually give out money, but the person on the phone was very cryptic, yet was saying your computer is bad, you have to return it etc. (Customer just bought computer-2 months ago)

It says www.repair-warnings.com/computerHelp.html

Please do not go to this site, as it is not reputable in my eyes.

——————————————————————————————————————–

windows8extortionware-small             (click on picture to see 3MB file

*Windows firewall warning

“your computer may be infected with a virus”

What to do:

Call 1-844-811-0123 immediately

For assistance on how to remove potential viruses

More about the virus:

Seeing these pop-up’s means that you may have a virus installed on your computer.

etc. etc.

————————————————————————————————————

Actually I opened task manager, and started ending the processes (I just wanted to see how sophisticated this virus was)

It did allow me to end most of the processes.

Also noticed LogMeIn process running (in msconfig)  So I stopped that and stopped the WLAN process (it will not go on internet, but I want to see how it goes)

the system was not updated when rebooted it required to install 77 patches.

I trained the user to reboot the machine periodically.

After the machine rebooted and the system started fine without any popups.

Reset the WLAN and it now works fine.

I also installed the free Malware bytes version to check for malware.

(Updated 08/13/2015 edited some text)

Advertisements