PC help: Suspicious files

Q A friend’s son opened a zip file from someone he’d met in a chat room – video clips.

He then received a message from that person saying that he now had access to his computer and could open files etc.

The computer is now not working correctly as they cannot use System Restore or Task Manager.
Carol Hoare

A Recovering a computer after this sort of attack is very difficult, especially when there is no hint of what software has been used to make the attack.

It is also hard to know whether files have been infected; if any remain the computer may be attacked again after you think it is safe. Always be very careful when you receive files from the internet. Run a virus scan on the file and watch out for spoof file extensions.

A normal file extension is the last three letters of a file name after a full stop, for example photo.jpg. Some hackers try to fool Windows by using two full stops and lots of spaces to obscure the change, such as ‘photo.jpg. exe’.

Although Windows will show this as a picture is it is really a program and could damage the computer. Always check the full name of a file before opening it.

Right-click on the file and select Properties to view the file type. To be on the safe side, change the folder options to display full file extensions at all times. To do so, press the Windows key and E to open Windows Explorer. From the tools menu choose Folder Options. Under View, uncheck the box marked Hide extensions for known file types.

The first and most important thing to do is to disconnect the computer from the internet and not reconnect it until you are sure that the computer is clean.

If a recovery disc was supplied with the computer, now is the time to use it. These discs overwrite the hard disk and return the computer to how it was when it was first set up. The disadvantage is that any software and documents created and installed since the computer was purchased will be lost.

Ideally you should have a backup of these documents so you should use this instead of attempting to rescue existing files.

In the event of having neither a backup nor a recovery disc, the best thing to do is to ask a friend to download the latest versions of anti-virus and antispyware software as well as a good-quality firewall such as Zone Alarm. When downloading the first two, make sure that you also download the latest updates.

We would recommend downloading AVG Antivirus and Spybot Search and Destroy. Install both of these programs and run a full scan of your computer. This may take some time but it is worth it.

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!