Held ransom by malicious spyware? Just pay up, FBI says

originally posted by: Kuroodo
How to remove ransomware programs:

-Boot up PC as normal.
-When you are logged in and ransomeware pops up, press ctrl+shift+esc. If that does nothing, then try ctrl+alt+del
-You should now be back at your desktop. Use the taskmanager to close the malicious application
-Immediately download a PC malicious program cleaner (anti-virus, anti-malware, etc). I STRONGLY suggest Malwarebytes.

If you are unable to boot up your PC as normal, or opening the task manager as instructed:

-Shut down your PC by holding down the power button.
-Reboot
-When prompted, start in safe mode with or without networking.
-Immediately download a PC malicious program cleaner (anti-virus, anti-malware, etc). I STRONGLY suggest Malwarebytes.
-If anything, download the software from another PC and add the installer to a USB.


This worked on my friends PC who had the whole FBI ransomeware. It's easy to remove.

Steps to prevent you getting infected by anything at all:
- Have anti-virus and such scanners on your PC. (I suggest Malwarebytes and Windows Defender/Security Essentials).






Edit:

If on a web browser, simply use task manager to close the web browser.

Usually these websites have a pop up each time you try to close the tab or browser via the usual x button. The pop up prevents you from leaving. I don't know about other browsers, but on chrome, you will get a checkbox that specifies whether you permit the site to be able to send you these pop ups again.

You forgot to detail how to get all the encrypted files back in shape.
There's an awful lot of difference with Ransomware and some punks web-locker that impersonates as Ransomware.

Since the data files are encrypted with 128+ bit encryption it becomes rather hard. But I'm willing to learn.

The OS is not the important stuff with Ransomware. It's the missing data. Which is why FBI recommend you pay of (if you can't live with the encrypted files).

a reply to: pl3bscheese

No it won't encrypt cloud files, and I learned the hard way to always disconnect my external backup. Lost the lot. Only files that were not replaceable were my personal pics and video.

I recently herd of a variant that also goes after ISO images and game data, luckily I seem to have dogged that particular bullet to date.

originally posted by: Bybyots
Would it be too much to ask for which members it would be a hardship to immediately change out their OS in the case of attack by ransomware?

I mean, it would be interesting to get a rough idea of how many folks reading this would feel totally stuck.

BTW this question comes from a place of compassion, not ridicule.

Thanks In Advance,

Changing out an OS is easy. But if you have downloaded many large applications such as 3DMax, Maya, SoftImage, video editors, kept your OS up to date with the latest patches, video codecs, then having to reinstall from scratch would be a
serious pain (even if with all project data is backed up).

Many gaming laptops just come with the OS and vendor applications pre-installed. They don't even have reinstall CD-ROM's.
The first thing the system tells you to do is to make multi-DVD backups or archive to an ISO file.

a reply to: stormcell

You don't have to change your OS. You can have both, so when one fail, you take the other to repair the first.

a reply to: Kandinsky
This exactly the first thing that came to mind when I heard the part; the FBI says just pay up.

I have a serious phobia of storing my personal and financial information in "the cloud".

OP asked what does the FBI get out of it; easy pickings if everyone starts storing their information in the cloud.

Another case of lost to the lie of security.

a reply to: NightSkyeB4Dawn

Yesterday it was a Nigerian clown looking for easy pickins. Tomorrow it is your livelihoods sold to the FBI and any corporation that wants it.

Today is just an enigma.

a reply to: Navieko
I understand what you are saying but really; what would anyone have on a computer that is so valuable and not reproducible, that they would risk putting on a single computer with no back-up?

I know there are are different situations for everyone. I personally think that most things of convenience or pleasure can be destroyed in the blink of an eye. People have lost valuable treasures to war, fire, natural disaster, etc., if you can't retrieve, you rebuild. Hopefully, from a position of more wisdom and stronger.

To allow yourself to be held for ransom places you beyond the position of victim, it lowers you to the level of a disposable toy.

I truly believe that only "you" can determine your worth. I believe if you allow someone else to define you, you lose more than any item you can ever possess.

Of course this is probably just the Scorpio/Keyser Söze side of my brain talking.

a reply to: interupt42

Yes I think I went over that topic like 3 times but I don't think most people know what vmware or virtual box is. The questions of what is an ISO image and mounting process takes some time to understand. most people know dual boot but like i said you can have like 8 or more different operating systems on vmware. However you can still get infected if the settings are incorrect but you have to really try hard to get that to happen.

originally posted by: stormcell

originally posted by: Bybyots
Would it be too much to ask for which members it would be a hardship to immediately change out their OS in the case of attack by ransomware?

I mean, it would be interesting to get a rough idea of how many folks reading this would feel totally stuck.

BTW this question comes from a place of compassion, not ridicule.

Thanks In Advance,

Changing out an OS is easy. But if you have downloaded many large applications such as 3DMax, Maya, SoftImage, video editors, kept your OS up to date with the latest patches, video codecs, then having to reinstall from scratch would be a
serious pain (even if with all project data is backed up).

Many gaming laptops just come with the OS and vendor applications pre-installed. They don't even have reinstall CD-ROM's.
The first thing the system tells you to do is to make multi-DVD backups or archive to an ISO file.

yeah since Maya alone is like 3,000 dollars and like 700 for the light version. LOL I messed up someones auto cad the program was $1,400 had to find a fix and did or else i would of had to pay 1,400 dollars.

there are some programs you just don't want to lose at all.

originally posted by: mysterioustranger
a reply to: trollz

It is not the FBI....it ransomeware using an official logo.Folks have paid these hackers by money card or store card because....they are NOT the FBI....and it won't turn back on if one is stupid enough to pay.

We have discussed this here many times.... buy a SATA cord, remove hard drive, plug USB Data in, view your files and save to an external drive. It works.

You OS has been hijacked not your files....they can be retrieved the above way.

And pay NO $$$$$$$....and or call your local FBI.We did.....

please explain how your process un-encrypts the data? all you have done is transfer the data to a thumb drive.

The best defense against this 'ransomware' is to do regular backups of your boot partition(s) to an external drive that is only connected when backing up or restoring and I'd never ever consider using the 'cloud' for safe keeping of those backups.

I use Acronis which boots directly from a CD so no chance of that ever being infected but I do keep backups of that as well in case the disk gets damaged. Ransomware is not the only possible disaster that could ruin your day: Twice I've had a HDD just die suddenly so all partitions and data lost forever in the blink of an eye due to electrical/mechanical failure. Full recovery took about 1 hour or less by replacing the bad drive with a new one, booting up Acronis and restoring the most recent backup to the new drive. There's also the possibility of the simple user error of formatting the wrong drive - happens more often than you might think

If you have anything on your PC you wouldn't like to lose you need to back it up to a secure location - a drive that's never connected to the system when it's online or, even better, a drive that's only connected when running your offline backup/recovery software that runs independently of any OS on your HDDs (runs in RAM only). Live Linux distros on CD or USB can be handy for fixing simpler issues (also runs in a ramdisk but can 'see' all your HDDs).

I always back up my computer to a flash drive once a month with one of the good drive cloning software's.
It take less time to just format and reload then to deal with Cryptowall.

www.macrium.com...
www.paragon-software.com...

Get CryptoPrevent Malware Prevention as if used right Cryptowall 2.0/3.0 can not install on your computer.
plus CryptoPrevent blocks many other forms of malware and viruses and will save you time and money even if you are not hit by Cryptowall
www.fooli.../cryptoprevent-malware-prevention/

if you can go into your startup folder they hide in there and if you can see it delete it and after that reboot and it will stop.

For most entrepreneurs taking a company public would be enough of an accomplishment for one year but not for Cameron Chell.

What a load of horse#! Never ever ever pay these ransoms, you would most likely be targeted again in the future. This is why backups are soo important!! If you have a good/up to date backups, you can just revert to one of those and try to cleanup your system if need be.

I have worked with customers, who stored all their important data in a free Dropbox account. And that shared drive on their PC became infected with CryptoWall... Luckily they had MOST of the data, but lost a solid 1-2 months worth of information.

BACKUP YOUR #, DAILY, EVERY 12 HOURS, OR EVERY HOUR. ONLY YOU CAN PREVENT COMPUTER FIRES.

Paying Ransoms is now Business As Usual
a reply to: trollz
Hi Trollz,

According to the Help Net Security website
in a June 13 article, 53% of corporate executives are paying the ransom!

And 20% paid the ransom and lost their data anyway.
Are we supposed to feel sorry for these idiots?
Corporate executives who pay the ransom are exhacerbating the problem for everyone. This tells me they're too clueless and stupid to implement Best Security Practices and backup their servers.

Oh, I know, the ransomware is injected days or weeks ahead of the attack. Even so, maintaining older backups and employing anti-malware countermeasures ought to suffice; but they're to inept to do it. Example: They could just archieve everything over to a test server, run the date ahead and see if malware triggers; but ohhhhh Nooooo, they're too damn stupid to think of such as that.

Recommendation. Identify, publish, and then boycott businesses that pay ransom, they are the problem.

Duplicate

Two years ago i bought a laptop with a HDD drive when my old laptop died.

Since my old laptop had a new solid state drive i cloned my new computer HDD drive to the solid state drive and installed it in my new computer.

And after that i would clone my drive on the old HDD drive about once every two months and keep a flash drive for weekly back ups.

I got hit with ransomware and formatted my drive and cloned from my back up drive and was back on line in less then a hour.