Encontra-se em: Panda Security > Home Users > Support > Product Knowledge Base

Que tipo de ajuda necessita?
(Exemplo:“Panda AdminSecure”, “erro 2093”)

How to disinfect Police Virus Trj/Ransom.ab 

Information applies to:

Products -

Below are the instructions to identify and solve the incident.

Symptoms

When I restart my computer, instead of my regular desktop, a message, supposedly issued from the Police Corps, warns of illegal activity detected on my PC. What’s more, payment of a fine is required in order to retrieve full access.

Cause

If you are experiencing these symptoms, you have been infected by Trj/Ransom, commonly known as the Police Virus.

Solution

In order to fully disinfect Trj/Ransom.ab, you need to create and scan your computer with a rescue disk. Please follow the steps below:

Step 1 - Download PandaRescueDisk.iso

Download and save the PandaRescueDisk tool from a virus-free computer.

Step 2 - Boot the infected computer with PandaRescueDisk.iso

You have 2 options to boot the PC with the PandaRescueDisk.iso, either from a CD or from a USB stick:

Booting from a CD-ROM

  1. Once you have downloaded the file, open your CD burning software program.
  2. Burn the PandaRescueDisk.iso image with your usual CD burning application.
  3. Remember of course that each application has its own instructions.
  4. Once you have created the CD, start the computer from your CD-ROM drive and check whether your system is infected.

Booting from a USB stick

  1. Download UNetbootin.
  2. Save the file to your hard disk. You can create a folder called C:\panda to save it.
  3. Insert an empty USB stick into a USB port.
  4. Double click unetbootin-windows-xxx.exe, where xxx match the UNetbootin version number.
  5. Select the option Diskimage, click the button, select the PandaRescueDisk.iso file, and click OK.

  6. Wait until the process is completed.
  7. Once the bootable USB stick has been created, start the computer from the USB stick.

NOTE: If you have problems upon rebooting from the CD-ROM drive, refer to How to boot from a CD-ROM.

Step 3- Scan with Panda RescueDisk

  1. Once you have started the system from the CD USB, you will see the Panda RescueDisk screen. Select the Live option and press Enter for the scanning and disinfection process to begin.

  2. When the process is finished, remove the disk and press Enter to restart the computer.
  3. Open your antivirus program and carry out a full scan of the computer in order to verify the full disinfection of Trj/Ransom.ab.

Running PandaRescueDisk will disable all items that are loaded automatically at Windows startup except for the antivirus. To enable any of these items again, follow these steps:

  1. Click the Windows Start button, select Run, type msconfig and press Enter.
  2. Click the Startup tab.
  3. Select the programs you want to be loaded at Windows startup.

Step 4 - Prevent future infections

These types of virus usually exploit system or software vulnerabilities. In order to prevent future infections, don't forget to take the following cautionary measures:

  • Avoid visiting unsafe websites. You can use the Internet safely, for example using a browser sandbox such as Panda Safe Browser.
  • Disable Java from your browser. For further information, refer to how to configure Java and how to disable Java.
  • Always have your Operating System up-to-date, for instance, by carrying out Windows updates.
  • Never open emails coming from unknown senders, they could contain virus.
Help nº- 20130307 1673 EN
survey

Ajude-nos a melhorar o nosso serviço partilhando a sua opinião.

As suas sugestões ajudar-nos-ão a resolver as suas questões de forma mais rápida e eficaz.

Esclareceu a sua questão com este artigo? SIM NÃO Obrigado pela sua resposta

De que modo poderíamos melhorar este artigo?

Pretende contactar o Suporte Técnico?