Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI Ransom ware infected my Pop's laptop


  • Please log in to reply
5 replies to this topic

#1 Jeepz72

Jeepz72

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:37 PM

Posted 03 August 2013 - 07:05 PM

Hi, all. Found this forum from the Wilders Security forums.  Hoping you can help.

 

My Pop's computer has an FBI ransom ware virus. I tried following the HitmanPro,Kickstart directions, but it won't work from the USB (the default never loads).  So after reading some of the WS forums, someone said you guys could help where HitmanPro.Kickstart can't.

 

Anyway, what I know:

HP Pavilion g7 laptop with i3 processor running Win7

Infected with an FBI ransom ware virus

Have tried logging into safemode and it worked, but I didn't know what I was doing, so just shutdown from there.  Oh, and he's got a Windows login screen with a user/admin password, which worked when I logged into safemode.

 

Hope you can help.

Thanks!

 

JP



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:37 PM

Posted 03 August 2013 - 08:44 PM

Hi Jeepz

It appears then we should get a deeper look. Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Jeepz72

Jeepz72
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:37 PM

Posted 03 August 2013 - 09:08 PM

So I'm a tad confused and need some clarification. If it's ok I'll just run through the Prep Guide steps:

 

1. Too late to back up now. And yes, I've talked to my Pop about backup many times before.

2. It's definitely malware, craziest thing I've ever seen. Can't. Do. A. Thing.

3. I'm here and registered.

4. Notifications now set.

5. Firewall was enabled when the laptop was functioning, not sure what it's doing now.

6. This is where I'm stumped. Am I supposed to download and run the DDS from the infected laptop?  Do I attempt this in safe mode? Will I have access to my wifi in safemode? If I'm downloading this from my working PC, how am I getting DDS to the infected laptop? Through a USB?



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:37 PM

Posted 03 August 2013 - 09:21 PM

If you can run and post DDS (Normal Mode if possible) then do that. If you can not do the steps. Just repost your info above in a new topic and state you cannot do the Prep Guide. We'll take it from there.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Jeepz72

Jeepz72
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:37 PM

Posted 03 August 2013 - 09:38 PM

Ok, will do. I can say for certain that I can do nothing in normal mode.  And the damnedest thing ... I saw all the malware removal guides off of the Prep Guide, so I went to turn on the laptop to see which one it was.  I am certain that when I saw this at my Pop's place, it said something about FBI, but maybe it was something else?  Regardless, now all I get is a white screen, nothing about any ransom, nothing about any locking of the computer or paying of fine.  Just a white screen that I can do nothing from.  I swear I saw the other stuff the first few times I turned his laptop on, now nothing.

 

Anyway, boopme, thank you I'll post a new topic soon.  Perhaps tomorrow as I'm trying to get my kiddo into bed and I need a break after the hours I spent reading forums before finding yours.  At least I'll be going to bed with more hope than I had earlier in the day.  Thanks for being responsive!



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:37 PM

Posted 03 August 2013 - 09:45 PM

OK, no problem.. we'll find it. If you can post it soon the better as it will probably take a day or two for analysis and a reply.
You're welcome,
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users