That's what an image is for.
Yes, this is true. It's something I've always put off.
locked computer, 48 hours to pay the fine
- Thread starter harvyH
- Start date
Yes, this is true. It's something I've always put off.
Hi guys,
My computer is infected and now it is locked. The warning says I have exactly 48 hours left to pay the fine and that I do not have to try to remove it on my own because it will be automatically formatted, which means I will loose all of my data, files and documents. How do I deal with this situation? What should I do?
1 - Boot into safe mode
2 - run malware anti-bytes and remove the entries
3 - run ccleaner & anti-virus scan (to be safe, just in case) - remove the entries
4 - restart. should be cool now.
Soldato
- Joined
- 14 Mar 2011
- Posts
- 5,443
I've never bothered with images before until my latest machine but having given it some thought here's what I think is (surprisingly easy) and good practice:
1. Install OS (or in my case, both OS of a dual-boot)
2. Let windows download service packs + security upgrades
3. Let the other OS do it's own similar thing
4. Take an image of the whole drive using Clonezilla (awesome program)
5. Install all of your most common programs and utilities
6. If you have space for it, take another image using Clonezilla
7. Start using your machine...
That gives you 2 images which you can use to fall back on, depending on if you want a very clean install (say if your "common programs and utilities" changes significantly) or if you just want a fresh install but with everything setup. It hasn't had to save me yet but I'm sure the day something goes wrong I'll be glad it's there
1. Install OS (or in my case, both OS of a dual-boot)
2. Let windows download service packs + security upgrades
3. Let the other OS do it's own similar thing
4. Take an image of the whole drive using Clonezilla (awesome program)
5. Install all of your most common programs and utilities
6. If you have space for it, take another image using Clonezilla
7. Start using your machine...
That gives you 2 images which you can use to fall back on, depending on if you want a very clean install (say if your "common programs and utilities" changes significantly) or if you just want a fresh install but with everything setup. It hasn't had to save me yet but I'm sure the day something goes wrong I'll be glad it's there
I remember my wife got this message on her laptop and she really thought she had too ... and usually shes pretty smart about those types of things
I got the police/72 hours to pay one recently...quite scary...especially with the events that followed. I didn't pay. But my BT email suddenly stopped working "WE HAVE YOUR ISP DETAILS! WE HAVE YOUR PC USER NAME! WE HAVE..."
I booted into safe mode and used an earlier restore point which got my system up and working again. Do you guys still recommend I download this Malewarebytes?
3 days after the incident, I was woken up by 3 people all knocking at my door, living room window & bedroom window....I was papping myself so much, I couldn't answer.
I really felt a bit ill at work for the next few days.
I got to my parents house this Friday and Mum/Sisters wanted to know if I was sleeping or out shopping when they called earlier in the week
I booted into safe mode and used an earlier restore point which got my system up and working again. Do you guys still recommend I download this Malewarebytes?
3 days after the incident, I was woken up by 3 people all knocking at my door, living room window & bedroom window....I was papping myself so much, I couldn't answer.
I really felt a bit ill at work for the next few days.
I got to my parents house this Friday and Mum/Sisters wanted to know if I was sleeping or out shopping when they called earlier in the week
I had one of these install from downloading Fallout 3 mods from the popular nexus modding site. Massive pain as with Windows 8 it makes it a real challenge to get into safe mode, because safe mode in Windows 8 is activated within the OS and not the classic mash f8 at boot, don't know why MS changed that!?
So when i booted up i had a about 3-4 seconds to hit Windows key + r and type msconfig hit enter and click boot to safe mode and then ok. After spending 30 minutes trying to achieve that, i found the ransomware was working in safe mode too, so that plan was out the window.
Decided to just re-install Windows 8 using the refresh Windows 8 tool, with a Windows 8 bootable USB tool made on another machine.
You can choose the lite refresh option, that worked to clear the ransomware too, but i did the big refresh/install to put my mind at rest.
First time since Windows XP i have had some sort of virus that crippled my machine.
So when i booted up i had a about 3-4 seconds to hit Windows key + r and type msconfig hit enter and click boot to safe mode and then ok. After spending 30 minutes trying to achieve that, i found the ransomware was working in safe mode too, so that plan was out the window.
Decided to just re-install Windows 8 using the refresh Windows 8 tool, with a Windows 8 bootable USB tool made on another machine.
You can choose the lite refresh option, that worked to clear the ransomware too, but i did the big refresh/install to put my mind at rest.
First time since Windows XP i have had some sort of virus that crippled my machine.
I got the police/72 hours to pay one recently...quite scary...especially with the events that followed. I didn't pay. But my BT email suddenly stopped working "WE HAVE YOUR ISP DETAILS! WE HAVE YOUR PC USER NAME! WE HAVE..."
I booted into safe mode and used an earlier restore point which got my system up and working again. Do you guys still recommend I download this Malewarebytes?
3 days after the incident, I was woken up by 3 people all knocking at my door, living room window & bedroom window....I was papping myself so much, I couldn't answer.
I really felt a bit ill at work for the next few days.
I got to my parents house this Friday and Mum/Sisters wanted to know if I was sleeping or out shopping when they called earlier in the week
LOL paranoid.
Are you are asking me?
I got it from downloading a uninstaller for NME texture pack for Fallout 3 http://fallout3.nexusmods.com/mods/12056. The site is fine, its just some of their download mirrors for files seem to be infected.
Last edited:
Did you become infected after you ran the .bat file?
Do you still have a copy of the .rar & .bat?
The file was renamed, so yeah i ran the bat file myself.
I could have prevented the thing, as i was suspicious of the icon, but i had been modding all evening and i was tired.
And no to still having a copy of the .rar & bat, did you want to mess with the file to see how it works or something?
Soldato
- Joined
- 19 Jun 2012
- Posts
- 5,483
This seems like a bit of fallacy to me.
If you are waiting for overt ransomware to be your guide on whether you are infected or not, I dread to think what nasties may be on your system.
I ran a scan only last week that discovered a password stealer on my system. Absolutely no idea where it had come from as I had only done some basic browsing and game playing recently, but it was there, and it was silent. No signs I even had it.
Funnily enough, a few days later I had an unauthorised transaction on my Paypal account...... Coincidence? Maybe. But maybe not.
That is currently being investigated and I am awaiting the outcome, but suffice to say all of my passwords for every site I can think of have been changed.
So not believing in scanners seems to be a bit of nose cutting face spite in my opinion!
Cheers
Buff
Permabanned
- Joined
- 9 Aug 2008
- Posts
- 35,711
This seems like a bit of fallacy to me.
If you are waiting for overt ransomware to be your guide on whether you are infected or not, I dread to think what nasties may be on your system.
I ran a scan only last week that discovered a password stealer on my system. Absolutely no idea where it had come from as I had only done some basic browsing and game playing recently, but it was there, and it was silent. No signs I even had it.
Funnily enough, a few days later I had an unauthorised transaction on my Paypal account...... Coincidence? Maybe. But maybe not.
That is currently being investigated and I am awaiting the outcome, but suffice to say all of my passwords for every site I can think of have been changed.
So not believing in scanners seems to be a bit of nose cutting face spite in my opinion!
Cheers
Buff
I'm a firm believe that to fix the problem a format is best. Rather than trusting software to 'fix' the problem.
Yes they do get rid of most of the problems, however there is always that one time .... it just might not causing all sorts of issues you just never knew about.
Formats also fix configuration issues, registry issues too don't forget and others problems you might not know was even there.
I've had to fix this virus three times now for various people and it is definitely growing in aggressiveness. The first two were reboot in safe mode > install Malwarebytes and it cleaned it straight off.
This time around the virus was running in Safe Mode, rebooted into command prompt only to discover msconfig had gone. Finally had to browse to System Restore directory and launch rstrui.exe manually to get a restore point
Nasty nasty stuff now, I still don't know what they were browsing...
This time around the virus was running in Safe Mode, rebooted into command prompt only to discover msconfig had gone. Finally had to browse to System Restore directory and launch rstrui.exe manually to get a restore point
Nasty nasty stuff now, I still don't know what they were browsing...