The fake FBI froze my computer and demanded $200 ramson for phony cyber crime offenses!


Joined
Aug 9, 2010
Messages
152
Reaction score
3
Location
North-Eastcoaster with shovels for blizzards
Here's what happened. Out of nowhere unexpectedly, my computer was frozen and locked down by a virus. Fortunately I found free virus-killer-programs through Youtube, and the programs got my computer unfrozen and got me back online to write this warning post. Read all about the virus on Youtube:

 
Ad

Advertisements

addy1

water gardener / gold fish and shubunkins
Moderator
Joined
Jun 23, 2010
Messages
39,266
Reaction score
23,520
Location
Frederick, Maryland
Showcase(s):
1
Hardiness Zone
6b
Country
United States
I have malwares running all of the time, it has caught a few viruses trying to hit my lappy.
 
Joined
Aug 9, 2010
Messages
152
Reaction score
3
Location
North-Eastcoaster with shovels for blizzards
I have malwares running all of the time, it has caught a few viruses trying to hit my lappy.
Me too. I have the McAfee security program running all of the time, but the ramson-virus sneaked through :).

The virus attack may be a blessing in disguise for me. For decades I have relied on McAfee to catch and stop viruses from entering my computers.
However, after the ransom-virus-attack, now in addition to McAfee, I'm using these 2 free anti-virus programs:

This program will catch the ransom-virus and remove it from you computer. (Sadly McAfee failed to do its job even after I had McAfee to scan for the virus.)
http://www.techspot....ti-malware.html


This program will clean up the left-over "skeletons" after the virus is removed
http://www.piriform....leaner/download

To learn how to use the programs, watch the Youtube embedded in my first post.
 

j.w

I Love my Goldies
Joined
Feb 1, 2010
Messages
28,535
Reaction score
17,116
Location
Arlington, Washington
Showcase(s):
1
Hardiness Zone
USDA 8a
Country
United States
Yep I use both Ccleaner and Malwarebytes along w/ Norton as my security program. Also use spybot search and destroy and sometimes use Superantispyware free edition.
 
Joined
Aug 9, 2010
Messages
152
Reaction score
3
Location
North-Eastcoaster with shovels for blizzards
Yep I use both Ccleaner and Malwarebytes along w/ Norton as my security program. Also use spybot search and destroy and sometimes use Superantispyware free edition.
It's better late than never. I wish you had told me about Ccleaner and Malwarebytes before the ramson-virus attack :) I will look into your other anti-virus programs ASAP. Thanks. Oh well, I've learned of the problem the hardway; thus, I posted the warning and info to you ponder guys.
 

j.w

I Love my Goldies
Joined
Feb 1, 2010
Messages
28,535
Reaction score
17,116
Location
Arlington, Washington
Showcase(s):
1
Hardiness Zone
USDA 8a
Country
United States
I wish I would have known that you were gonna need them. Darn that's a shame but glad you figured it out!
 
Ad

Advertisements

Joined
Nov 17, 2012
Messages
5
Reaction score
1
Location
maryland
I have already tried to enter SAFE mode (all three types,) and it bluescsreens on me

any other way to get back into my PC?
I tried using my WinXP CD but couldn't remember the admin password for system repair

THis is what I put together for another tecchie website

my primary PC has blocked windows from me, I am using my #2 PC to request assistance.

My primary PC is a Dell T3500, quad processor, 12Gb RAM running WinXP x64, I use AVG2012 for my Antivirus with scheduled automatic scans, and last MS update was 15Nov.
I am the only user on these PCs and as such the only user logon at bootup is mine. [and yes that logon is the admin)
( I use ccleaner occasionally to clear cache and unwanted start-up apps)


Last night after clicking on a link from a google search , I believe my PC was hacked.

a fake webpage appeared demanding $200 to release my computer, showing that it had captured my browser data .


I took the PC offline and attempted some simple troubleshooting steps, but the START menu would only stay available for ~20 seconds.
my desktop icons never appear, (only the desktop background) so had to navigate as quickly as possible form the START menu to launch
was able to get ccleaner to complete a scan and clean, (before the primary monitor went blank {white} and the app and taskbar disappeared)
likewise when launching AVG, the app window would disappear before the scan completed and after few seconds #1 monitor would go white.
I tried launching in two different SAFE modes, but the bootup would result in a bluescreen.
Was likewise able to navigate to the RESTORE point screen and launch that, but in two efforts {1 day back and one week back)
both came back as "unable to perform restore" and when clicking OK to accept that fate, the screen went white again.


After these multiple efforts the START menu and TASKBAR started disappearing more quickly, like ~5seconds making it impossible to navigate quickly enough to perform anymore troubleshooting efforts.

Presuming now, I'll need a bootable option that will allow me to perform fixes outside my windows (profile) environment.
 

addy1

water gardener / gold fish and shubunkins
Moderator
Joined
Jun 23, 2010
Messages
39,266
Reaction score
23,520
Location
Frederick, Maryland
Showcase(s):
1
Hardiness Zone
6b
Country
United States
Try password for the winxp cd password. or blank
 

j.w

I Love my Goldies
Joined
Feb 1, 2010
Messages
28,535
Reaction score
17,116
Location
Arlington, Washington
Showcase(s):
1
Hardiness Zone
USDA 8a
Country
United States
passthekoi
Sorry you are having computer headache problems
 
Joined
Nov 17, 2012
Messages
5
Reaction score
1
Location
maryland
really getting frustrated here,
tried using windows 7 native image burner
no joy
tried imgburn
no joy
and finally
iso burner
and still getting nowhere
refuses to burn to etiher CDs or DVDs
from both my new Windows 7 machine and an old win XP (PIII machine)
 
Ad

Advertisements

addy1

water gardener / gold fish and shubunkins
Moderator
Joined
Jun 23, 2010
Messages
39,266
Reaction score
23,520
Location
Frederick, Maryland
Showcase(s):
1
Hardiness Zone
6b
Country
United States
Joined
Nov 17, 2012
Messages
5
Reaction score
1
Location
maryland
Thanks for your input.
I ended up finding a reputable online tech service that was able to walk me through loading an external windows environment from a flash drive and fix the issue remotely VERY early Sunday morning.

for anyone else falling victim to this FBI ransomware virus.
it dumps a file called .directory into your desktop folder and likewise loads it into your startup list... which then of course usurps your desktop control as soon as the startup is launched.
It likewise disables task manager.
if you can get to the startup listing before the screen goes white, just select and delete the file from startup ... (hopefully it isn't savvy enough to reload itself) and then reboot and navigate to your desktop folder and delete the actual file. might also be worthwhile to edit registry [regedit] and do a specific search on that file name and delete the entire string.

My problem was after so many personal attempts at troubleshooting that required HARD COLD boots, my safe modes would come back as bluescreens indicating I needed to run chkdsk, which of course I had no access to perform. so with no safe mode all the usual fixes were moot in my situation
 

addy1

water gardener / gold fish and shubunkins
Moderator
Joined
Jun 23, 2010
Messages
39,266
Reaction score
23,520
Location
Frederick, Maryland
Showcase(s):
1
Hardiness Zone
6b
Country
United States
Thanks for the info! I am going to print it out, cause if the computer is gone sure won't be able to read it! I have multiple layers of stuff protecting my puter, so maybe it won't make it here.........maybe

Can you share the online service? It would be nice to know a reputable group to get hold of it we have issues.
 
Joined
Aug 9, 2010
Messages
152
Reaction score
3
Location
North-Eastcoaster with shovels for blizzards
Thanks for your input.
I ended up finding a reputable online tech service that was able to walk me through loading an external windows environment from a flash drive and fix the issue remotely VERY early Sunday morning.

for anyone else falling victim to this FBI ransomware virus.
it dumps a file called .directory into your desktop folder and likewise loads it into your startup list... which then of course usurps your desktop control as soon as the startup is launched.
It likewise disables task manager.
if you can get to the startup listing before the screen goes white, just select and delete the file from startup ... (hopefully it isn't savvy enough to reload itself) and then reboot and navigate to your desktop folder and delete the actual file. might also be worthwhile to edit registry [regedit] and do a specific search on that file name and delete the entire string.

My problem was after so many personal attempts at troubleshooting that required HARD COLD boots, my safe modes would come back as bluescreens indicating I needed to run chkdsk, which of course I had no access to perform. so with no safe mode all the usual fixes were moot in my situation

I'm sorry for failing to answer your posts because I have not seen your posts until now. Congrats for getting rip of the virus.


Anyway, I do 2nd Addy1's request. Please share with us the contact info of the reputable virus-buster/FIXER. I will need his service because my computer has gone "power off" automatically once awhile while I'm surving the net.
 

sissy

sissy
Joined
Jan 17, 2011
Messages
32,745
Reaction score
15,368
Location
Axton virginia
Showcase(s):
1
Hardiness Zone
7A
Country
United States
I have been using a free anti virus for years called avast .
 
Ad

Advertisements

Joined
Aug 9, 2010
Messages
152
Reaction score
3
Location
North-Eastcoaster with shovels for blizzards
Last resort, if all the usual online assistance is unsuccessful or not relevant
http://www.yoocare.com/
basic assistance is ~$70
Seasons Greetings and Happy New Year for a prosperous lucky 2013 to you all.

Thankyou for the info. I've checked out the shop, and it looks good. Well at least I'm going to get some options:

1) buying a new computer from Costco for $500+
http://www.costco.co....100015144.html

2) paying for the repair at the rate of $70 per hour. (Repair may take hours to find & made because sometime the "automatic power off" never comes about for a whole day.)

3) waiting to see what other options I will get as time goes by.
 
Joined
Jul 11, 2007
Messages
1,191
Reaction score
380
Location
Colorado - zone 5a
Hardiness Zone
5a
McAfee? Someone still runs that piece of crap? Seriously, the last time McAfee was worthwhile was back in the 1990's. Prime example, a lady brought me her computer which had obvious virus problems. McAfee was paid for and up to date, but it couldn't find anything wrong. I removed it and installed AVG, which immediately found 78 major viruses. After getting it all cleaned up and running smoothly again, she took her computer home. I heard about a month later that she was having problems with her computer again after reinstalling McAfee "because that's the program she knew"...

Personally, y'all can keep your Microsoft crapware. I've been running Linux exclusively since 2006. Viruses? Malware? I only know of them because I get paid to clean them off other people's computers.
 
Ad

Advertisements

j.w

I Love my Goldies
Joined
Feb 1, 2010
Messages
28,535
Reaction score
17,116
Location
Arlington, Washington
Showcase(s):
1
Hardiness Zone
USDA 8a
Country
United States
What's your feeling on Norton that comes free w/ a Comcast account Shdwdrgn? Sounds like you thing AVG is the best.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top