Windows 8 and 8.1 Forums


'Ransomware' tricks victims into paying hefty fines

  1. #21


    USA
    Posts : 689
    Windows 8.1 Pro with Media Center


    Quote Originally Posted by Hopachi View Post
    So it's more difficult than I thought, no Ctrl Alt Delete, Task Manager settings... Since I never encountered it I don't know the difficulty level.
    RESET - FORMAT/RESTORE remains the safest way in the end.

    I don't trust cleaners. If this thing is really complex and well-made, it might trick some cleaners/AV and restore/copy itself back to positions in no time. Should you still use a network or internet connection then it even gets worse. Removing the network connection/cable or stop wifi is the first thing to do after you see the warning screen.
    Well the article did say virus companies are working on it, and hopefully someone has developed a more effective way to get rid of it.

      My System SpecsSystem Spec

  2. #22


    Quote Originally Posted by fafhrd View Post
    I would like to ask which browser(s) were in use when this nasty was caught from people who have experienced/fixed them?
    It was a few months back and my memory escaped me. I need to correct stating it was 7. It was actully Vista and without SP1 or SP2! Ugh!

    This machine was given to him by a friend without disks. He's not computer savvy whatsoever and he's just a "consumption" user. I believe he was using Chrome, but I don't know which version. I'm sure it wasn't updated. I don't think it would've mattered what browser he was using. Nothing was updated, not even the 3rd party AV. This machine was like an open sore inviting viruses in! There was IE8 on it, of course, but eventually upgraded that to IE9.

    Once I rid it of this ransomware virus (thank the lucky stars there were good restore points), the machine ran as slow as molasses in the Artic Circle. Vista + 3rd party AV + 1GB RAM = S.L.O.W. LOL! I don't know how this man used this machine as long as he did! Either he hasn't used a good one before, doesn't know how fast a machine can run, or he has patience of a saint!

    When I opened Programs and Features to uninstall the AV I couldn't believe what I saw! 3 (Yes, three!) AVs and about 40 other programs! I sat there with him and went through the list uninstalling those he didn't use. About 30/35 of them. Rebooted when needed. Ran CHKDSK during one. I downloaded CCleaner and ran the temp cleaner and registry repair. I upgraded IE, downloaded MSE, and ran a scan. Performed a DeFrag. Installed SP1/SP2/updates. The machine ran much, much faster.

    I advised him that he should look into upgrading and max to 2GB RAM and if possible to Windows 7 or 8. I also suggested he find cleaner sites to surf.

    About a solution if no Safe Mode > The article stated:

    Victims shouldn't pay the fine, Harrison said, but they should know that various software tools — including free tools available at Symantec — can rid their machines of the virus.
    I looked on the Symantec site, but cannot find a link to their support? Anyone know?

    Microsoft has Windows Defender Offline. Not sure if it will remove it:

    What is Windows Defender Offline?

    More on the subject:

    Ransomware removal | What is Ransomware | Microsoft Security

    Which has a link to here:

    Ransomware

    Like Hopachi stated, this thing is quite sophisticated. It may take a lot to remove it.
      My System SpecsSystem Spec

  3. #23


    Posts : 30
    Win 8.1 pro / win 8.1


    My daughter had this happen to her laptop, with vista as the os. Malwarebytes pro was useless. Hitman pro free edition took care of it.
      My System SpecsSystem Spec

  4. #24


    USA
    Posts : 689
    Windows 8.1 Pro with Media Center


    Quote Originally Posted by HippsieGypsie View Post
    About a solution if no Safe Mode > The article stated:

    Victims shouldn't pay the fine, Harrison said, but they should know that various software tools — including free tools available at Symantec — can rid their machines of the virus.
    I looked on the Symantec site, but cannot find a link to their support? Anyone know?
    I just posted what the article said, but hadn't looked at Symantec's site. Incidentally I just got Norton Internet Security about 3 days ago for my lappy as I didn't like the fact that MSE under Windows 8 doesn't allow right click scanning like it does under Win 7.

    Plus, for my lappy I feel a bit better with Norton than with MSE since the lappy is more prone to attacks. I like MSE, but when you're in school and sharing thumb drives all over the place, well...

    Anyway I'm sure Symantec like all the others will find a way to handle this latest threat... for now
      My System SpecsSystem Spec

  5. #25


    Hafnarfjörður IS
    Posts : 4,376
    Linux Centos 7, W8.1, W7, W2K3 Server W10


    Quote Originally Posted by sygnus21 View Post
    Quote Originally Posted by Hopachi View Post
    So it's more difficult than I thought, no Ctrl Alt Delete, Task Manager settings... Since I never encountered it I don't know the difficulty level.
    RESET - FORMAT/RESTORE remains the safest way in the end.

    I don't trust cleaners. If this thing is really complex and well-made, it might trick some cleaners/AV and restore/copy itself back to positions in no time. Should you still use a network or internet connection then it even gets worse. Removing the network connection/cable or stop wifi is the first thing to do after you see the warning screen.
    Well the article did say virus companies are working on it, and hopefully someone has developed a more effective way to get rid of it.
    Hi there
    100% effective way to get rid of it: Works EVERY TIME. About 20 mins max and Job Done.

    Wipe the disk and restore from a CLEAN backup image with a BOOTABLE stand alone backup / restore program like acronis.

    Use Partition Magic (bootable) or similar to wipe the disk --don't use any AV software for cleansing -these can never be 100% guaranteed to be effective and the computer is already infected. Don't do the disk re-format / partitioning from within Windows itself as it's already infected so how would you be sure windows was working properly.

    If you haven't got a backup -- "Tough Ladies Accoutrements... " Serves you right so learn for next time.

    Forget Symantec -- It's as about as USELESS in the AV field as GARTNER is in forcasting computer developments. Anyway on Windows 8 you DON'T NEED ANY 3rd party AV - the built in Windows defender is just as effective as ANY of the other ones and if you do install a 3rd party AV software the Ms version stops working and in any case things like Symantec and McAfee (we know it as McAWFUL) are just RESOURCE HOGS.


    Cheers
    jimbo
      My System SpecsSystem Spec

  6. #26


    USA
    Posts : 689
    Windows 8.1 Pro with Media Center


    Quote Originally Posted by jimbo45 View Post
    Forget Symantec -- It's as about as USELESS in the AV field as GARTNER is in forcasting computer developments. Anyway on Windows 8 you DON'T NEED ANY 3rd party AV - the built in Windows defender is just as effective as ANY of the other ones and if you do install a 3rd party AV software the Ms version stops working and in any case things like Symantec and McAfee (we know it as McAWFUL) are just RESOURCE HOGS.
    Ahh, the ole this AV that AV sucks opinion. Everyone's got one I suppose.

    (exits before the house burns down)
      My System SpecsSystem Spec

  7. #27


    Fiji
    Posts : 77
    7HP x64/7 Ultimate x32


    Quote Originally Posted by jimbo45 View Post

    Forget Symantec -- It's as about as USELESS in the AV field as GARTNER is in forecasting computer developments.

    Cheers
    jimbo
    Classic, Jimbo, classic !
      My System SpecsSystem Spec

  8. #28


    Orbiting the Moon
    Posts : 2,975
    Windows 10 x64


    Quote Originally Posted by jimbo45 View Post
    Quote Originally Posted by sygnus21 View Post
    Quote Originally Posted by Hopachi View Post
    So it's more difficult than I thought, no Ctrl Alt Delete, Task Manager settings... Since I never encountered it I don't know the difficulty level.
    RESET - FORMAT/RESTORE remains the safest way in the end.

    I don't trust cleaners. If this thing is really complex and well-made, it might trick some cleaners/AV and restore/copy itself back to positions in no time. Should you still use a network or internet connection then it even gets worse. Removing the network connection/cable or stop wifi is the first thing to do after you see the warning screen.
    Well the article did say virus companies are working on it, and hopefully someone has developed a more effective way to get rid of it.
    Hi there
    100% effective way to get rid of it: Works EVERY TIME. About 20 mins max and Job Done.

    Wipe the disk and restore from a CLEAN backup image with a BOOTABLE stand alone backup / restore program like acronis.

    Use Partition Magic (bootable) or similar to wipe the disk --don't use any AV software for cleansing -these can never be 100% guaranteed to be effective and the computer is already infected. Don't do the disk re-format / partitioning from within Windows itself as it's already infected so how would you be sure windows was working properly.
    Yes. This is what I think as well. You can use the built-in image recovery system. Win8 has 2 ways of imaging, the one I use is the Win7 File Recovery because I'm accustomed to it and never failed me. Third party: I believe Acronis is one of the best available, you also have Macrium and Todo Backup as well.

    If you haven't got a backup -- "Tough Ladies Accoutrements... " Serves you right so learn for next time.
    It's true, always have a backup because the OS is not made of steel and the user's mistakes cannot be predicted by the system.
      My System SpecsSystem Spec

  9. #29


    Posts : 959
    Windows 8.1, 10


    Quote Originally Posted by sygnus21 View Post
    Not saying they deserved it, just saying that I would think sites like those are more vulnerable to this sort of crap; though it can happen to anyone who just happens to open a nefarious file or visit a strange site.
    I agree it's more likely on that sort of site; however even reputable sites get hacked from time to time. Even if you stick to reputable ones, if you're unlucky there could still be something nasty hiding there.
      My System SpecsSystem Spec

  10. #30


    Australia
    Posts : 3
    Win 7 & 8


    I'm a computer tech and with all viruses we remove the hard drive and slave it to antother machine. We then scan the hard drive with a variety of antivirus and malware scanners. Once done we put it back int he machien and again run scans which generally then pickup the various registry entries.
      My System SpecsSystem Spec

Page 3 of 6 FirstFirst 12345 ... LastLast
'Ransomware' tricks victims into paying hefty fines
Related Threads
Hey everyone, I have been having trouble with my network. I recently, (2 days ago), upgraded my cable high speed internet service from 2mbps down and .2 mbps up to 15 mbps down and 2 mbps up. However, even during non peak hours, pretty much all the time, the best download speed I can get is...
Hi there I'm not sure if WMC supplies any meaningful function these days - especially if you have to pay for it. It won't play normal commercial DVD's, and for things like TV you don't need tuners etc any more --broadband these days is fast enough. recently I was in LA and via a proxy was...
Paying for Metro Apps in Software and Apps
Does anyone know how you can set up an account for paying for Metro Apps when you live in Australia? I tried setting up via paypal but only seems applicable if you live in the US.
Pretty much all I use a computer for is gaming and desktop publishing in creative suite. I tend to have tens of thousands of files that I have to search and store as well. So when I want to buy a new game like Battlefield 4 or a new software package like CS 7 I will buy it through the metro...
Eight Forums Android App Eight Forums IOS App Follow us on Facebook