Thread: Ransomeware
View Single Post
Unread 2011-05-24, 6:10   #1
Chuck's Avatar

May 6 2003
16,563 posts
Age 63
The real America not that part where you live.

If you haven't had the displeasure consider yourself lucky, if you have dealt with it not an easy job to get rid of so I hope this helps.
This time for me was MS Removal (not me personally, co-workers times 2), basically like others a phony antivirus that holds your system hostage saying it is infected and you must pay to fix it. Well don't and you darn sure shouldn't.
The fix
You may need to be in safemode with networking to even get started since some of these bastard programs don't even allow you to open a browser window.
Step A. Download rkill from one of these links.
Step B. If you don't have it download malwarebytes from here.
Step C. If you aren't in safe mode get there, you know the f8 key on startup, safe mode with networking.
Step D. Once to the desktop run rkill, it will shut down the malware/ransomeware to allow for removal.
Step E. Once rkill is done run a full scan of malwarebytes, view results and remove infected. If you are online or can get there update malwarebytes if not run it anyway and keep your fingers crossed.
Step F. Quit clicking random porn links and ask for advice on the sites that are safe.

As a footnote I keep a thumbdrive loaded with all the tools I can to fight this stuff. Get one, load it up and keep it handy.

Last edited by Chuck; 2011-05-24 at 9:08.
Reply With Quote