PDA

View Full Version : Removing ransomware from a laptop



kookicat
May. 8, 2011, 10:17 AM
I'm not a happy camper right now. My big laptop is infected with ransomware. I'm not sure how it got on there (I have a good firewall, and up to date protection) but I need it off so that I can use the laptop.

Can I remove it myself without wiping the computer? What program is best?

Thanks!

cheektwocheek
May. 8, 2011, 10:44 AM
Malwareremoval.com sign up for the forum and experts can help you remove the threats. Every time you open up that virus page it will download more junk onto your laptop.

kookicat
May. 8, 2011, 10:47 AM
Thanks, I'll check that out. :)

It's been turned off since it was infected, so hopefully there's not too much crap to remove.

CobJockey
May. 8, 2011, 12:51 PM
I work in Information Technology, and my users have gotten tons of these. Unfortunately they are extremely difficult to eradicate because they put entries in the most random places from which they can regenerate any deleted files, so you really have to know where to look to get rid of it fully, and you have to use some beefy tools. That forum could help, but usually they take too much time to get rid of manually so we just wipe the computer and start fresh from restore disks. Since it's your personal computer that may not be worth it to you (though it should be done about once a year anyway) but it may come to that, so have your files backed up just in case.

horsepoor
May. 8, 2011, 01:59 PM
My mother had this happen just recently and just took it in to some local computer shop and it cost about $100 to get it all removed. Might be worth doing that rather than mess with it yourself as you really have to know what you are doing with some of these sneaky and messy ones. Plus they can set you up with a program to prevent it in the future (hopefully!).

brightskyfarm
May. 8, 2011, 03:09 PM
if you are still able to download, go to malwarebytes.com and download their free version. You will have to do the updates daily and manually, but thats the price of free --- :D
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

Do regular updates (suggest daily) and FULL scan. This product can find fractured virus's in your files.

If your computer is in *hostage*.... start and repeatedly hit the f8 key to put your computer in *safe mode* and then do a full scan.

If you cant dowload, as suggested, take it to a reputable computer shop and have them clean it up and ask their opinion of malwarebytes. My computer geeks did this for me and I've been safe ever since.

good luck!

littleum
May. 8, 2011, 03:55 PM
The best thing to do is to wipe the disk. Pain in the butt but oh well.

Do you have a cryptoworm or you can't just boot? If you don't have a cryptoworm salvaging the data is easier before the wipe, although it requires a 2nd computer to accomplish. Or you can go buy a 2nd laptop drive (depending on your mode of laptop installing a new harddrive can be stupid easy to stupid hard), format that and use that to boot, then hook up the old drive for data salvage.

Up to date protection is fine and good (i, but there are so many ways to get a bug these days it's really not a matter of "if" but "when". Even downloading a PDF or image is a risk.

Guin
May. 8, 2011, 04:48 PM
I've never heard of ransomware. Is it a virus?

I've been using FREE Malwarebytes for five years and have never gotten spyware or a virus.

JanM
May. 8, 2011, 05:23 PM
I just use the Microsoft Security Essentials, it's free and I like it better than Norton. The Norton always seemed to be running and slowing down my computers.

Kookicat-do you know how you got it? Or have you not been downloading the updates? Years ago when I had dialup and it took forever to download I got a virus that kept shutting down my computer. I hadn't been keeping the security ware up to date. A friend got the same one also, and we both had to download the worm remover at work and then put it on the home computer.

Don't beat yourself up over this, it can happen to anyone and the bad guys are so sneaky about this stuff that it's hard not to get infected with this stuff sometimes.

kookicat
May. 8, 2011, 05:32 PM
I just use the Microsoft Security Essentials, it's free and I like it better than Norton. The Norton always seemed to be running and slowing down my computers.

Kookicat-do you know how you got it? Or have you not been downloading the updates? Years ago when I had dialup and it took forever to download I got a virus that kept shutting down my computer. I hadn't been keeping the security ware up to date. A friend got the same one also, and we both had to download the worm remover at work and then put it on the home computer.

Don't beat yourself up over this, it can happen to anyone and the bad guys are so sneaky about this stuff that it's hard not to get infected with this stuff sometimes.

I think it came in an email- I download and open lots of files every day, so it seems like the most likely way.

I really don't want to wipe it if there's any other way. There's files on there that I'd like to keep (they're all backed up, but it would be a PITA to update them all).

I can't get online, so I can't download anything. I was thinking of downloading it on my netbook and saving it to a flash drive to upload it. Not sure if that would work.

JanM
May. 8, 2011, 05:45 PM
Yes, that should work just fine by using the netbook and flash to transfer it. ANd if it doesn't you haven't lost anything. I would only reformat as a last resort.

And if the netbook flash doesn't work I would take it to a pro. It might be expensive to go to a pro, but it would be worth it to get your computer back.

gieriscm
May. 8, 2011, 07:41 PM
I was hit once last year. The MalwareBytes free version wiped it out, but I had to download it to a thumb drive from another computer, then run Windows in Safe Mode to install it and get rid of the virus. I also immediately dumped Internet Explorer and installed FireFox as my browser, and haven't had a problem.

For some reason DH can't get FF to work properly on his laptop. He got hit twice last year and once this year. I managed to get rid of it each time with a combo of RKill, MalwareBytes, and some very, very careful registry changes using instructions from bleepingcomputer.com (this is not something you want to tackle unless you are well versed in configuring your computer). We have since purchased MalwareBytes so it constantly scans our network traffic for malware, and haven't had any issues since (knock on wood). DH is also careful to only store the OS on his "C" drive in case we have to dump it and start over. All data is on a separate drive and backed up regularly.

Bank of Dad
May. 8, 2011, 09:32 PM
I got hit with the Win 7 AntiVirus trojan or spyware or whatever. I asked for help on my travel forum and this was the advice I received. I followed it exactly, paid $9.99 for the spyware program and it fixed my computer.

"First try to open Firefox in Administrator mode. To do that, right click on the Firefox icon in your start menu, and select "Run as Administrator". If that works life will get a bit easier.

Try either of these sites, following the directions exactly as shown:

http://www.virusremovalguru.com/?p=6871
http://www.spywarevoid.com/remove-wi...val-steps.html

If you are blocked trying to go to those sites, then enter one of the addresses below directly in the address bar, then hit the 'enter' key to navigate directly to the website and begin download of the removal tool. Do not click on the link; copy it and paste it into the address bar.

http://www.virusremovalguru.com/download.php
http://www.spywarevoid.com/download/sdsetup.exe

You may get a message saying this is malware. That message is probably the rogue trying to keep you from downloading the removal tool."

Good luck.

Velvet
May. 9, 2011, 12:28 AM
I agree with the method of booting from a start up disc and rebuilding your system from scratch. It's the only way to really get rid of everything. Reformat the hard drive, reload your OS and go from there.

Then again, I'm from the school of thought that if you don't know how to work with reloading an OS from scratch, you shouldn't have a PC. You should have a Mac :lol: