[akaNaga]

Hi my computer got hacked tonight, and I don`t know how.. probably something I downloaded cause I dl a things that I need everyday.. But this time I fell in the trap. The thing is that I could revert to a backup but I can`t cause it`s not letting me do anything. Everytime I turn on my pc I can`t reach my mobo setups and any of these things. I got to launch it in secure mode once and can`t get it to do it again. When the 'hack' gets started it just turns my screen to a white image and then put up a fake canadian police thing that says that I downloaded bunch of illegal things and let's me pay 100$ fine to get rid of it. How did I knew it was fake? Everytime I reebot my computer the 48 hours deadline restart and the number of tries I get to enter the paysafe card of 100$ value resets. I almost got to revert but I'm not fast enough. Anyways I could do something that would change it? The hack got my IP and the name of my pc, as well as the vague location of where I live. I'm kinda worried about this thing cause I once got hacked on a old computer but all I had to do was to revert a backup from about a week ago. But this time I can't do crap. Could someone help me? Sorry for the bad format I'm not in the mood for this kinda thing...

 

[akaNaga]

And I forgot to add that I kinda had it comming I tought I downloaded a safe file and it was a trapped .exe. I don't know how to take care of it.

 

[mrwesth]

Well it sounds like you just downloaded some malware...

I would load the OS in safe mode and run malwarebytes if you can, Perhaps someone else has better tips on how to deal with your specific malware but I find 75% of the time malwarebytes takes care of it and the other 25 its just as fast to troubleshoot as to backup the user folder, wipe/reinstall and then just drag/drop the old user folder to the desktop. Takes about 1hr depending on the system and can take a few hours depending on the amount of personal data on the drive, really only need to be there for 15-20 minutes though. So grab a beer and get to work.

Out of curiosity what files caused the malware? I haven't run anything other than windows firewall in 10 years and never seem to get any

 

[akaNaga]

I don't know yet.. As crazy as it sounds I,m downloading so much in a day I kinda lose count of it. I guess I let my guard down and got a bad website this time..

 

[Plan9]

back up, format and then reinstall. It's the only way to be sure

 

[TUDJ]

This is quite a common malware/scam here in the UK. As above the best bet is to backup important stuff and then reformat and reinstall the OS. If it's anything like the one I've worked with it can be a huge pain to remove manually, it's the most stubborn malware I've dealt with yet.

 

[ASUSfreak]

Download and install Hitman Pro. (From http://www.surfright.nl/en/downloads --> the setup is English)

In Hitman Pro you can use "Kickstarter" --> that needs to be installed on an FAT32 USB stick.

Boot computer from USB stick and follow the Setup.

It sure works cause I had to do it with 2 of my colleagues.

EDIT: I'm not sure anymore if you had to remove your LAN cable first...

EDIT 2: It's a free to use program that will automaticly scan and delete the common threads. If it's a special one you have to pay OR you can use a 30-day trial key. I bought the program after years of using it for free. It works flawlessly, also with Norton Internet Security

 

[ACM]

That's what you call RansomWare.

Look up RansomWare removal guides, a lot exist.

 

[luckyduck]

Its a varient of FBI moneypack. It can be a pain to remove w/o the right tools. I deal or dealt with it a lot at work (geek squad). There I have a fancy set of tools that gives me easy access to it. Reinstalling windows is definitely one way to fix it but not the only way. Also dont worry you were not hacked. Damn thing though is usually just an exe that poorly discuises itself as programs such as skype or a well known program. It hides in the temp or app data folders. You can definitely take it to geek squad to have it fixed, or do a little google searching, i know people have posted some good ways to remove it. Heck I even believe norton has instructions on how to remove it.

 

[akaNaga]

WOW! I forgot about this thread

! Thanks guys I just saw your answers since the day after I got hacked I found all the info I needed on my old pc. It was excactly what you guys told me, a RansomWare. Thanks for the answers lads!

 

[ASUSfreak]

Nice to hear your problem is solved!

Remember this: if there's something weird, in your PC-hood, who you gonna call?

OCN!!!

 

[Bal3Wolf]

Quote:

Originally Posted by ASUSfreak

Nice to hear your problem is solved!

Remember this: if there's something weird, in your PC-hood, who you gonna call?

OCN!!!

lol good one we are the ghost busters of computers

 

[Plan9]

Quote:

Originally Posted by ASUSfreak

Nice to hear your problem is solved!

Remember this: if there's something weird, in your PC-hood, who you gonna call?

OCN!!!

haha I might steal that!

 

[latelesley]

I removed one of these remotely last week from a machine. It can be done in safe mode. The EXE lands in the temp folder, and it puts an entry in the startup folder in the start menu. The file name is usually random letters and numbers.