Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI Ransom Virus


  • Please log in to reply
5 replies to this topic

#1 shine1129

shine1129

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:50 PM

Posted 29 November 2012 - 11:54 PM

Hello, I first noticed the virus on my Hp laptop tonight around 5:30pm when I attempted to open my yahoo email. I've confirmed through several sites that this is the FBI Ransom virus. I have the free version of Malwarebytes and a version of Trend Micro Titanium anti virus that just expired last night. I was able to update Malwarebytes in Safe Mode where it found 8 viruses, 6 of which were trojan. It successfully deleted all but 2 which keep returning despite removal & reboot. I eventually backed up all my files & attempted to manually delete the registry file under normal & safe mode. I have located the registry entry responsible under HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load with the corresponding file name from Malwarebytes. However, even in Safe Mode, when I right click & choose Delete it says "Unable to delete all specified values". I have been working on this for 6 hours now & feel I have come so far to give up. Please help!!

BC AdBot (Login to Remove)

 


#2 Darkumas

Darkumas

  • Members
  • 112 posts
  • OFFLINE
  •  
  • Local time:12:50 PM

Posted 30 November 2012 - 12:51 AM

Hi and welcome to the forum. I suggest moving this topic over to the Virus, Trojan, Spyware, and Malware Removal Logs forum. Once there please follow the -->Preparation Guide<-- and someone will be able to help you with the infection.

#3 shine1129

shine1129
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:50 PM

Posted 30 November 2012 - 01:25 AM

I was able to successfully restore my computer to a prior session without the virus. Thank you.

#4 Darkumas

Darkumas

  • Members
  • 112 posts
  • OFFLINE
  •  
  • Local time:12:50 PM

Posted 30 November 2012 - 07:56 AM

You're very welcome. Glad to hear your issue is resolved, if at any point you need the assistance of the experts here just click the prep guide link and someone will be there to help.

#5 ranchhand1

ranchhand1

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Local time:11:50 AM

Posted 30 November 2012 - 08:36 AM

Good work! Just a suggestion... delete all system restore points in System Restore, then create a new one. Sometimes these viruses will be saved in System Restore and one day you accidentally restore from that date, and your virus is back again.

#6 shine1129

shine1129
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:50 PM

Posted 30 November 2012 - 11:50 AM

Thank you ranchhand, never thought of that.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users