Two related questions I'd appreciate help on.
I'm running Windows 7 Home Premium (64-bit), 8Gb RAM, which has been running perfectly for nearly a year.
Firefox has always been my browser of choice.
I use the add-on 'AdBlock Plus' among others in FF. This blocks out ads on sites.
I have two 500Gb hard drives in my system. Disc 0
: System Reserved 100Mb + D: drive (System, Active, Primary Partition) Disc 1
: C: Drive - (Boot, Page File, Crash Dump, Primary Partition)
In all my computing life, I've always been careful re: virus blocking etc and have never been hit by a virus or malware that hasn't been detected well in advance by my system's defences whether in XP or Windows 7 - till now, that is!
However, a few days ago I was suddenly hit by 'ransom malware' which hijacked my system, covering the monitor screen completely,demanding payment etc. to 'unlock'.
Of course, I ignored it for the clear scam that it was.
I restarted my computer in Safe Mode and using CCleaner
noticed and deleted an unknown 'exe' file.
'Msconfig' did not appear to be compromised via Start Up tab.
I then flushed DNS and cleared Prefetch. That seemed to do the trick, the system started again as normal.
Just to be on the safe side, I decided to do a Windows System Restore to a previous date (if only I'd chosen Paragon!!...read on...)
The restore ran perfectly. Next stage, as you'll know, is a restart...but my computer then just refused to start normally.
Never had that problem before...
I couldn't get into Safe Mode
(via the F8 key) again or do anything to remedy the situation.
Any selection I chose: 'Last Known Good Configuration', 'Safe Mode' etc just went into the interminable Startup Repair mode that purported to 'fix any problems it found'. All it did was tell me..finally...that it couldn't fix anything!
Now, my normal procedure before any backup is to run a full system scan using my up-to-date Avast Anti-Virus
Assuming these run perfectly, I then do the backup.
I run TWO
backups: one via Windows Backup & Restore and one using the system image software 'Paragon'
Both of these have worked perfectly before now.
Had I been able to get into Safe Mode, I could've run the Paragon image but....well, see above.
I tried loading my System Repair disc but it simply wouldn't load either.
If I restarted the computer, all it did was automatically go to Start Up Repair again
with the same result!
After endless frustration, I was forced to take the computer to where I bought it (custom built by local shop).
They told me a crucial Windows boot file had been, as they put it, 'obliterated' and was the reason the damn thing wouldn't start. They couldn't tell me why that had happened.
Whether the malware did the obliterating I do not know. Again they could only guess at the reason.
Anyway, they reinstalled Windows. I considered leaving the C: drive completely 'clean' and then going through the process of installing all other software.
However, since I didn't know for certain what had actually caused the malware to 'enter', I instructed them to go to a past Paragon image (which was now possible) and restore from there.
So far, then, so good. All is back to 'normal'.
However, when I went to do fresh backups as before, the Paragon backup image ran perfectly but the Windows backup, just wouldn't complete.
It registered an error code: '0x81000002'...Your last backup did not complete successfully...
Now my questions:
1. Since it appears this backup problem is a known issue (without a straight solution as far as I can see) should I just ditch Windows backup altogether and stick to the reliable system image of Paragon?
2. As I said, I use Avast
and also have Spyware Blaster
Yet clearly this 'ransom malware' managed to get through all of the above.
So, can anyone recommend any other software that might sit 'real-time' and defend me even more from such scumbag malware...or is that just a flight of fancy?
Any other suggestions on what I should have done or indeed should do if this ever happens again?
Many thanks for your patience