Remove White Screen Virus that Blocks Computers Published on November 5, 2013
What Is White Screen Virus The white screen phenomenon can either be dysfunction of computer or white screen virus . If one encounters white screen after the appearance of Windows logo, it can be ascertained that the white screen is caused by ransomware virus. Such white screen virus can be one of the variants of FBI virus or of Metropolitan police virus.
Because of some reason which can be tight and intact security defense blocking runnings of some vicious parts or the incomplete payloads being loaded on to a machine. If you are not sure whether the white screen is caused by ransomware or system failure, feel free to contact VilmaTech online support for analysis to get the answer.
How Does White Screen Virus Affects Computer? The popular dissemination routine for virus is the World Wide Web. Reasons are: • • • • •
New started web sites are generally vulnerable to be susceptible to deadly virus. There are many sites, especially porn sites and spam sites, are willing to help spread virus after receiving large amount of commission. Vulnerability can be found on web applications. There are thousands of terminals can be used as backdoors to help other virus in for easy money. The Internet connects computer across the world, giving more chances to affect computers.
Of course, there are other ways to help spread the vicious codes of white screen virus, the most commonly seen among which is through fraudulent popup messages telling the requirements of downloading/ updating Adobe/ Flash Player.
Dangerous White Screen Virus Though white screen virus is not like any other ransomware with a threatening message accusing victims of laws violations, it is still as dangerous as others. Given the fact that white screen virus is manipulated by Trojan that binds its payloads to originally built system services, it is capable of escaping installed securityutilities as well as compromising secure coefficient. As of the successful injection of white screen virus, it starts scanning all the catalogues and drivers that used by the victim mostly before overwriting the selected ones with its payloads and
transmitting the original data to hidden folder or encrypted folder made by it, resulting in installed anti-virus programs being disabled to some extent. It then modifies database by either adding or deleting the values under some entries associate to the kernel functions on a computer, such as startup, keyboard, Safe Mode, etc.. With random modification, a target computer will be compromised to the extent to be easily affected by other virus, which well explains why some victims reported that after the removing white screen virus, they were still in troubles by other virus: • • • •
Pop-up advertisements that ceaselessly occupy browsers (e.g. IE, Mozilla Firefox, Google Chrome). Search redirect virus that hijacks default homepage, web search tool and search results. Toolbar virus that takes over the original one to give unrelated search results and doubleunderlines in-text words. Rogueware that takes up resources to slow down the overall computer performance.
The fact is the longer white screen survives over solutions, the more residual damages will be seen after final removal. What’s worse, more build-in functions, especially those anticipated to help remove virus such as Safe Mode, will be disabled by white screen one by one. The same goes for another functional user account. Obviously that immediate action should be taken to remove white screen virus. But take the fact that the whole screen is locked down by the virus and removed items by installed anti-virus programs return into consideration, the top option should be manual method. To remove white screen virus manually can be efficient. However, it requires computer skills to appropriately and accurately make changes to the kernel part of a machine; otherwise some permanent damages will be imposed on the system over time or instantly without the possibility to be repaired completely. If you know little about computers, it is advisable to contact VilmeTech online support to ensure the correctness when going through the steps given hereinafter.
Self-help Guide to Remove White Screen Virus Remove white screen virus from “Safe Mode with Networking” One
Log into ”Safe Mode with Networking”: Windows 8: 1. Press Ctrl, Alt and delete key together when the white screen virus is locking down the whole screen.
2. Please hold shift key and click on power button with your mouse at the same time to select Restart.
3. Select Troubleshoot with arrow keys
.
4. Select Advanced options till the next screen comes up. 5. Hit Restart button before hitting F5 to get into safe mode with networking.
Windows 7/XP/Vista:
1. keep tapping on “F8″ key as the computer is booting but before Windows logo appears.
2. Under “Windows Advanced Options Menu”, highlight “Safe Mode with Networking” option and hit Enter key.
Two
Disable related startup items to stop white screen virus from popping up automatically as well as improve the boot speed. Windows 8: 1. Hover your mouse to the lower part of the Start screen to type ‘Task’ on the popup Charms bar. 2. Hit Enter key to find and tick unwanted items on the pop-up window.
3. Press ‘Disable’ option to finish.
Windows 7/XP/Vista: 1. Launch Search/ Run box from Start menu. 2. Type ‘msconfig’ there before hitting Enter key.
3. Find and tick unwanted items on the pop-up window. 4. Press ‘Disable All’ option to finish.
Three
Make modifications in Database. Windows 8: 1. Type ‘regedit’ in Search charm bar and hit Enter key. 2. Press and hold Ctrl+F to search for Winlogon.
3. Locate key labeled Shell in the right pane.
4. Right click on it and replace it with ‘explorer.exe’ to hit OK button.
Windows 7/XP/Vista: 1. 2. 3. 4.
Put ‘regedit’ in Run box. Press and hold Ctrl+F to search for Winlogon. Locate key labeled Shell in the right pane. Right click on it and replace it with ‘explorer.exe’ to hit OK button.
If one has duplicated Winlogons and don’t know which one to replace with ‘explorer.exe’, it is recommended to consult online professionals from VilmaTech Online Support in case any undesired consequences happens.
Four
Show hidden files to remove items realted to white screen virus so as to avoid its reimage.
Windows 8: 1. Open Windows Explorer by clicking on Windows Explorer application from Start Screen.
2. Select View tab to tick ‘File name extensions’ and ‘Hidden items’ options. 3. Navigate to Roaming folder and Temp folder respectively in Drive C to remove files with abnormal name, such as serial numbers with random letters.
Windows 7/XP/Vista:
1. Search for ‘Folder Options’ after accessing ‘Control Panel’.
2. Under View tab to tick ‘Show hidden files and folders and non-tick Hide protected operating system files (Recommended)’ and then click ‘OK’. 3. Navigate to Roaming folder and Temp folder respectively in Drive C to remove files with abnormal name, such as serial numbers with random letters.
Five
Remove all temp folders under System32 1. 2. 3. 4. 5.
Double click on Temp folder under System 32 under C:\\Windows. Press Ctrl and A key together to select all contained files. Release the combination key and right click on one of the selected items. When a drop down list shows, press Shift and D key together. Click OK to confirm the removal.
Six
Remove unwanted add-ons/ plug-ins/ extensions/ cookies from browsers.
Internet Explorer: 1. Click on Internet Explorer Tools and select “Manage add-ons” on the drop down list. 2. Find unwanted items including the ones related to white screen virus in ‘Toolbars and Extensions’ section. 3. Make the same modifications in ‘Search Providers’ section then.
Mozilla Firefox: 1. Open Mozilla Firefox Tools menu to choose Options. 2. Select ‘Add-ons’ option then to bring up a new tab on the browser. 3. Click on ‘Plugins’ panel tab to find unwanted items including the ones related to white screen virus before selecting ‘Never Activate’ in its drop down menu.
4. Follow the same procedure in Extension tab after finishing the modifications under ‘Plugins’ tab.
Google Chrome: 1. Click on the spanner icon on the top right of the browser to select “Tools”.
2. Go to ‘Extensions’ to find and select unwanted items including the ones related to white screen virus.
3. Hit the dustbin icon to finish.
Remove white screen virus from another user account. Be sure that the another user account has admin rights; if one doesn’t have another workable user account, one need to create one from cmd by accessing “Safe Mode with Command Prompt” first. One
Log into Safe Mode with Command Prompt. Windows 8: 1. Please press Alt,Ctrl and delete key together as the white screen virus is blocking the whole screen. 2. Please hold shift key and click on power button together to select Restart. 3. Select Troubleshoot then with arrow keys and hit Enter key. 4. Next choose Advanced options. 5. Hit Restart button to hit F6 to get into safe mode with command prompt.
Windows 7/XP/Vista: 1. Keep tapping “F8 key” as the computer is booting but before Windows logo appears.
2. Highlight “Safe Mode with Command Prompt” option when “Windows Advanced Options Menu” comes up.
3. Press Enter key.
Two
Create a new user account from cmd. 1. Type ‘explore’ when “System32″ appears with a slash flashing after it.
2. Hit Enter key to get another desktop. 3. Created a new user account with administrator right.
Three
Remove white screen virus from the newly created user account.
1. Restart the computer normally and enter into the newly created user account. 2. Navigate into C disk to find the folder named after the infected user account. 3. Follow step Two to step six depicted above in the ‘Safe Mode with Networking’ section.
Prevent from Getting White Screen Virus As we have learned from the preceding paragraphs that white screen virus spreads itself through Internet, we are able to prevent the infiltration of white screen virus with effect by enhancing the secure coefficient of browsers, websites and terminals: • • • • • • • •
Turn on Popup Blocker on the browsers. Disable ServerSignature and ServerTokens. Disable banner that shows what is actually running on a target computer Disable directory index to avoid junks that can be easily exploited by virus. Turn off request from TRACE HTTP to prevent online conversation from being hijacked. Disable WebDAV, a file access protocol of HTTP, to assure that potential attackers cannot modify files to upload vicious codes. Activate website monitor and Firewall to help filter junk sites and sites with sensitive content so as to decrease the possibility to be locked down by white screen virus. Impose access restrictions on Apache server that offers open source code which can make the site mostly visited by you affected by virus after it finds vulnerability on the site.
One should also follow good PC practice all the time after removing white screen virus: • • • • • • • •
Delete spam emails rather than open it up. It is better not to use freeware/ shareware. Employ disk partition to install programs in other disks rather than C disk. No visiting to unknown websites and no randomly downloading suspicious plug-ins/ addons/ extensions. Apply programs that are capable of repairing bugs to remedy them by downloading correspondent patches. Never accept suspicious files through instant messages and to select the Security Level of instant chat tools as high. Install genuine and powerful anti-virus programs, Firewall and programs providing Internet security aids on to the computer and update them regularly. Download and update programs by accessing official web sites rather than random messages pop up from nowhere.
•
Always give priority to custom installation to avoid automatic installation of third-party programs.
Conclusion: One should guarantee that another user account should have admin rights, or else modifications will be blocked to help remove white screen virus. If all user accounts are guest type, one should come to VilmaTech Online support for help configure the system to gain the maximum privilege from cmd since the procedure requires advanced computer technology, otherwise, computer may crash down for slight mistake. Should it be the case where none of the forms of Safe Mode are functional and computer will not repair itself completely and automatically, it is advisable to ask online professionals here to implement appropriate solution to the concrete situation.