A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » General XP issues or comments
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Computer Attacked



 
 
Thread Tools Display Modes
  #1  
Old July 6th 12, 06:04 PM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
Searcher7
external usenet poster
 
Posts: 63
Default Computer Attacked

I was looking up a wrestler via Google image links when some malicious
software took over my system. (Which is why I'm writing this from the
library).

Now when my system is connected to the internet the only page that
will display is a mock FBI page attempting to extort money from me via
"Moneypack". And I'm unable to get to my desktop, right click, or even
use my keyboard keys outside of numbers and letters.

I have AVG for all the good that did, and would appreciate advice on
how to correct my problem.

Can someone recommend a free anti-Malware app I can download onto my
flash drive at the library and install on my home pc?

I'm not sure I can do this, but just in case does anyone have the step-
by-step instructions for system restore? (I have WIndows XP).

Thanks.

Darren Harris
Staten Island, New York.
Ads
  #2  
Old July 6th 12, 06:09 PM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
Bruce Hagen[_2_]
external usenet poster
 
Posts: 985
Default Computer Attacked


"Searcher7" wrote in message
...
I was looking up a wrestler via Google image links when some malicious
software took over my system. (Which is why I'm writing this from the
library).

Now when my system is connected to the internet the only page that
will display is a mock FBI page attempting to extort money from me via
"Moneypack". And I'm unable to get to my desktop, right click, or even
use my keyboard keys outside of numbers and letters.

I have AVG for all the good that did, and would appreciate advice on
how to correct my problem.

Can someone recommend a free anti-Malware app I can download onto my
flash drive at the library and install on my home pc?

I'm not sure I can do this, but just in case does anyone have the step-
by-step instructions for system restore? (I have WIndows XP).

Thanks.

Darren Harris
Staten Island, New York.





Download the free version of this tool. Check for updates first and then
run a full scan.

Malwarebytes Anti-Malware
http://www.malwarebytes.org/products/malwarebytes_free
--
Bruce Hagen
MS-MVP Oct. 1, 2004 ~ Sept. 30, 2010
Imperial Beach, CA



  #3  
Old July 6th 12, 06:54 PM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
Rick
external usenet poster
 
Posts: 53
Default Computer Attacked

On 7/6/2012 12:04 PM, Searcher7 wrote:
I was looking up a wrestler via Google image links when some malicious
software took over my system. (Which is why I'm writing this from the
library).

Now when my system is connected to the internet the only page that
will display is a mock FBI page attempting to extort money from me via
"Moneypack". And I'm unable to get to my desktop, right click, or even
use my keyboard keys outside of numbers and letters.

I have AVG for all the good that did, and would appreciate advice on
how to correct my problem.

Can someone recommend a free anti-Malware app I can download onto my
flash drive at the library and install on my home pc?

I'm not sure I can do this, but just in case does anyone have the step-
by-step instructions for system restore? (I have WIndows XP).

Thanks.

Darren Harris
Staten Island, New York.



If malwarebytes does not do the job try hijackthis or stopzilla. then
leave malwarebytes on your computer and enable protection.







  #4  
Old July 6th 12, 07:10 PM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
Paul
external usenet poster
 
Posts: 18,275
Default Computer Attacked

Searcher7 wrote:
I was looking up a wrestler via Google image links when some malicious
software took over my system. (Which is why I'm writing this from the
library).

Now when my system is connected to the internet the only page that
will display is a mock FBI page attempting to extort money from me via
"Moneypack". And I'm unable to get to my desktop, right click, or even
use my keyboard keys outside of numbers and letters.

I have AVG for all the good that did, and would appreciate advice on
how to correct my problem.

Can someone recommend a free anti-Malware app I can download onto my
flash drive at the library and install on my home pc?

I'm not sure I can do this, but just in case does anyone have the step-
by-step instructions for system restore? (I have WIndows XP).

Thanks.

Darren Harris
Staten Island, New York.


System Restore is not guaranteed to fix anything.

A well-designed malware, especially one expecting to extort money
from you, will attack the restore points as one of the things
on it's "to-do" list.

A full backup would be the thing to restore from.

Or, a clean install.

Depending on the outcome of MalwareBytes.

It's pretty recent, so good procedures may be harder to find.

http://www.bleepingcomputer.com/forums/topic458412.html

This was a guided help session, where the helper on the
other end, was reviewing the tool output.

http://forums.majorgeeks.com/showthr...40#post1750340

Their "first step" includes this README.

http://forums.majorgeeks.com/showthread.php?t=35407

As you can see, MalwareBytes is on their tool list.
Some of the other tools, are for their personal guided help.
Note the "Step 4: Toggle System Restore", which flushed all
the restore points, the backup copies of the registry in
there, and so on. Step 4, is because of the known
infection of SR by malware.

http://forums.majorgeeks.com/showthread.php?t=139313

"We only toggle System Restore *after* you are clean because
keeping even infected restore points around while we are
fixing things may prove useful if something goes wrong during
the process. An infected restore point could be better than
none at all!"

HTH,
Paul
  #5  
Old July 6th 12, 07:16 PM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
Elmo[_2_]
external usenet poster
 
Posts: 1,260
Default Computer Attacked

On 7/6/2012 1:04 PM, Searcher7 wrote:
I was looking up a wrestler via Google image links when some malicious
software took over my system. (Which is why I'm writing this from the
library).

Now when my system is connected to the internet the only page that
will display is a mock FBI page attempting to extort money from me via
"Moneypack". And I'm unable to get to my desktop, right click, or even
use my keyboard keys outside of numbers and letters.

I have AVG for all the good that did, and would appreciate advice on
how to correct my problem.

Can someone recommend a free anti-Malware app I can download onto my
flash drive at the library and install on my home pc?

I'm not sure I can do this, but just in case does anyone have the step-
by-step instructions for system restore? (I have WIndows XP).

Thanks.

Darren Harris
Staten Island, New York.


Two things to try:

1. Restart, press the F8 key till you get the Startup menu. Cursor down
to "Last know good configuration" and press the Enter key. Run a virus
scan if this works.

2. Restart, press the F8 key till you get the Startup menu. Cursor down
to "Safe Mode". Press the Enter key. When it loads, click "No", wait
for SR to load, and pick a System Restore point a couple of days before
the problem started. Run your A/V software scan.


--

Joe =o)


  #6  
Old July 6th 12, 08:38 PM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
Paul
external usenet poster
 
Posts: 18,275
Default Computer Attacked

Paul wrote:
Searcher7 wrote:
I was looking up a wrestler via Google image links when some malicious
software took over my system. (Which is why I'm writing this from the
library).

Now when my system is connected to the internet the only page that
will display is a mock FBI page attempting to extort money from me via
"Moneypack". And I'm unable to get to my desktop, right click, or even
use my keyboard keys outside of numbers and letters.

I have AVG for all the good that did, and would appreciate advice on
how to correct my problem.

Can someone recommend a free anti-Malware app I can download onto my
flash drive at the library and install on my home pc?

I'm not sure I can do this, but just in case does anyone have the step-
by-step instructions for system restore? (I have WIndows XP).

Thanks.

Darren Harris
Staten Island, New York.


I found specific instructions for removing W32/Reveton here.
The first step, is to disable the part that takes control.
Apparently a soft link in the Startup folder.
Then, regular AV software can be used to clean up afterwards.

http://www.f-secure.com/v-descs/troj..._reveton.shtml

Paul
  #7  
Old July 6th 12, 09:29 PM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
David H. Lipman
external usenet poster
 
Posts: 4,185
Default Computer Attacked

From: "Searcher7"

I was looking up a wrestler via Google image links when some malicious
software took over my system. (Which is why I'm writing this from the
library).

Now when my system is connected to the internet the only page that
will display is a mock FBI page attempting to extort money from me via
"Moneypack". And I'm unable to get to my desktop, right click, or even
use my keyboard keys outside of numbers and letters.

I have AVG for all the good that did, and would appreciate advice on
how to correct my problem.

Can someone recommend a free anti-Malware app I can download onto my
flash drive at the library and install on my home pc?

I'm not sure I can do this, but just in case does anyone have the step-
by-step instructions for system restore? (I have WIndows XP).


That's a Ransom Trojan.

Read the following post "I'm infected - What do I do now?"
http://forums.malwarebytes.org/index.php?showtopic=9573

Then you can create a new post indicating being infected with a Ransom
Trojan.
http://forums.malwarebytes.org/index.php?showforum=7



--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp

  #8  
Old July 6th 12, 09:38 PM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
Yousuf Khan[_2_]
external usenet poster
 
Posts: 2,447
Default Computer Attacked

On 06/07/2012 1:04 PM, Searcher7 wrote:
I was looking up a wrestler via Google image links when some malicious
software took over my system. (Which is why I'm writing this from the
library).

Now when my system is connected to the internet the only page that
will display is a mock FBI page attempting to extort money from me via
"Moneypack". And I'm unable to get to my desktop, right click, or even
use my keyboard keys outside of numbers and letters.

I have AVG for all the good that did, and would appreciate advice on
how to correct my problem.

Can someone recommend a free anti-Malware app I can download onto my
flash drive at the library and install on my home pc?

I'm not sure I can do this, but just in case does anyone have the step-
by-step instructions for system restore? (I have WIndows XP).

Thanks.

Darren Harris
Staten Island, New York.


Yes, this is a new piece of malware that's been getting a lot of
attention lately. The malware will usually have the name of various law
enforcement agencies throughout the world attached to it, like the FBI,
RCMP, etc.

Metropolitan Police malware warning issued – beware the ransomware
attack! | Naked Security
http://nakedsecurity.sophos.com/2012...lware-warning/

Best thing is to simply keep your anti-virus uptodate. In the meantime,
you should run an anti-virus scan from an offline virus scanner. Most
antivirus software come in standalone versions that run outside of
Windows through a separate boot CD.

Yousuf Khan
  #9  
Old July 7th 12, 05:48 AM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
Flasherly
external usenet poster
 
Posts: 10
Default Computer Attacked

On Jul 6, 1:04 pm, Searcher7 wrote:
I was looking up a wrestler via Google image links when some malicious
software took over my system. (Which is why I'm writing this from the
library).

Now when my system is connected to the internet the only page that
will display is a mock FBI page attempting to extort money from me via
"Moneypack". And I'm unable to get to my desktop, right click, or even
use my keyboard keys outside of numbers and letters.

I have AVG for all the good that did, and would appreciate advice on
how to correct my problem.

Can someone recommend a free anti-Malware app I can download onto my
flash drive at the library and install on my home pc?

I'm not sure I can do this, but just in case does anyone have the step-
by-step instructions for system restore? (I have WIndows XP).

Thanks.

Darren Harris
Staten Island, New York.


Welcome, conceptually, to backups.
  #10  
Old July 7th 12, 06:35 AM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
Red Cloud
external usenet poster
 
Posts: 2
Default Computer Attacked

On Jul 6, 1:38*pm, Yousuf Khan wrote:
On 06/07/2012 1:04 PM, Searcher7 wrote:









I was looking up a wrestler via Google image links when some malicious
software took over my system. (Which is why I'm writing this from the
library).


Now when my system is connected to the internet the only page that
will display is a mock FBI page attempting to extort money from me via
"Moneypack". And I'm unable to get to my desktop, right click, or even
use my keyboard keys outside of numbers and letters.


I have AVG for all the good that did, and would appreciate advice on
how to correct my problem.


Can someone recommend a free anti-Malware app I can download onto my
flash drive at the library and install on my home pc?


I'm not sure I can do this, but just in case does anyone have the step-
by-step instructions for system restore? (I have WIndows XP).


Thanks.


Darren Harris
Staten Island, New York.


Yes, this is a new piece of malware that's been getting a lot of
attention lately. The malware will usually have the name of various law
enforcement agencies throughout the world attached to it, like the FBI,
RCMP, etc.

Metropolitan Police malware warning issued – beware the ransomware
attack! | Naked Securityhttp://nakedsecurity.sophos.com/2012/02/13/metropolitan-police-malwar...

Best thing is to simply keep your anti-virus uptodate. In the meantime,
you should run an anti-virus scan from an offline virus scanner. Most
antivirus software come in standalone versions that run outside of
Windows through a separate boot CD.

* * * * Yousuf Khan



I don't use anti-virus thing it's slow down the speed. I rather
reinstall OS again.
  #11  
Old July 7th 12, 10:32 AM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
glee
external usenet poster
 
Posts: 1,794
Default Computer Attacked

"Searcher7" wrote in message
...
I was looking up a wrestler via Google image links when some malicious
software took over my system. (Which is why I'm writing this from the
library).

Now when my system is connected to the internet the only page that
will display is a mock FBI page attempting to extort money from me via
"Moneypack". And I'm unable to get to my desktop, right click, or even
use my keyboard keys outside of numbers and letters.

I have AVG for all the good that did, and would appreciate advice on
how to correct my problem.

Can someone recommend a free anti-Malware app I can download onto my
flash drive at the library and install on my home pc?

I'm not sure I can do this, but just in case does anyone have the
step-
by-step instructions for system restore? (I have WIndows XP).



Follow the Automated Removal Instructions exactly, he
http://www.bleepingcomputer.com/viru...pak-ransomware

--
Glen Ventura
MS MVP Oct. 2002 - Sept. 2009
CompTIA A+

  #12  
Old July 7th 12, 01:43 PM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
David H. Lipman
external usenet poster
 
Posts: 4,185
Default Computer Attacked

From: "Red Cloud"

On Jul 6, 1:38 pm, Yousuf Khan wrote:
On 06/07/2012 1:04 PM, Searcher7 wrote:

I was looking up a wrestler via Google image links when some malicious
software took over my system. (Which is why I'm writing this from the
library).


Now when my system is connected to the internet the only page that
will display is a mock FBI page attempting to extort money from me via
"Moneypack". And I'm unable to get to my desktop, right click, or even
use my keyboard keys outside of numbers and letters.


I have AVG for all the good that did, and would appreciate advice on
how to correct my problem.


Can someone recommend a free anti-Malware app I can download onto my
flash drive at the library and install on my home pc?


I'm not sure I can do this, but just in case does anyone have the step-
by-step instructions for system restore? (I have WIndows XP).


Thanks.


Darren Harris
Staten Island, New York.


Yes, this is a new piece of malware that's been getting a lot of
attention lately. The malware will usually have the name of various law
enforcement agencies throughout the world attached to it, like the FBI,
RCMP, etc.

Metropolitan Police malware warning issued – beware the ransomware
attack! | Naked
Securityhttp://nakedsecurity.sophos.com/2012/02/13/metropolitan-police-malwar...

Best thing is to simply keep your anti-virus uptodate. In the meantime,
you should run an anti-virus scan from an offline virus scanner. Most
antivirus software come in standalone versions that run outside of
Windows through a separate boot CD.

Yousuf Khan


I don't use anti-virus thing it's slow down the speed. I rather
reinstall OS again.


LOL - YOU will be the object of Identity Theft. Prevention is better then
cure and restoring an image or reinstalling the OS is reactive and not
proactive and leaves you vulnerable to data and monetary theft where
restoring an image or reinstalling the OS will NOT help.

--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp

  #13  
Old July 7th 12, 02:09 PM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
J. P. Gilliver (John)
external usenet poster
 
Posts: 5,291
Default Computer Attacked

In message , David H.
Lipman writes:
[]
LOL - YOU will be the object of Identity Theft. Prevention is better
then cure and restoring an image or reinstalling the OS is reactive and
not proactive and leaves you vulnerable to data and monetary theft
where restoring an image or reinstalling the OS will NOT help.

Nor does the above post.
--
J. P. Gilliver. UMRA: 1960/1985 MB++G.5AL-IS-P--Ch++(p)Ar@T0H+Sh0!:`)DNAf

I was court-martialled in my absence, and sentenced to death in my absence, so I
said they could shoot me in my absence. -Brendan Francis Behan, playwright
(1923-1964)
  #14  
Old July 7th 12, 02:31 PM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
(PeteCresswell)
external usenet poster
 
Posts: 1,933
Default Computer Attacked

Per Red Cloud:

I don't use anti-virus thing it's slow down the speed. I rather
reinstall OS again.


Try Avast. I'm a borderline lunatic when it comes to response
time and find Avast tb no problem on my regular PC.

On my netbook, it gets in the way a little when the device is
first booted as it downloads the latest updates - and taxes the
pitiful little Atom processor. But even I can live with that.

As far as running bare goes, what about the time between your PC
getting infected with malware and your discovering the infection?

Lotta Bad Things can be done by the malware perpetrators during
that time. Your address book can be harvested, making you a PITA
to anybody unfortunate enough to be in it. Keystroke monitors
can harvest your UserIDs/Passwords... and so-on...
--
Pete Cresswell
  #15  
Old July 7th 12, 02:38 PM posted to microsoft.public.windowsxp.general,alt.comp.hardware.pc-homebuilt
David H. Lipman
external usenet poster
 
Posts: 4,185
Default Computer Attacked

From: "J. P. Gilliver (John)"

In message , David H.
Lipman writes:
[]
LOL - YOU will be the object of Identity Theft. Prevention is better
then cure and restoring an image or reinstalling the OS is reactive and
not proactive and leaves you vulnerable to data and monetary theft
where restoring an image or reinstalling the OS will NOT help.

Nor does the above post.


???



--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 01:35 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.