I run everything up to date EVERY session.

Picked up a ransomware virus from clicking on facebook baby pictures.

It locks the computer. demands $$ and almost no way to get around it.

Great scam, freakin' geniuses that could cure cancer by noon if
they used their talents for good and not evil.

I have NO suggestions on how to prevent.
Microsoft has a downloadable boot disc for security essentials
which works but does NOthin to the virus and can't even find it.

Did you get rid of it ? I've had it twice , had to remove it . Got it again , and logged off and back on , and the browser was un locked .

Did you get rid of it ? I've had it twice , had to remove it . Got it again , and logged off and back on , and the browser was un locked .

How did you get rid of it?
My tech guy said I'll have to reload the operating system.
Might as well go from xp to 7 anyway but
I'll lose ALL my stuff and pictures etc.

Did you find a way around it?
Thanks
ps - I bought this extra laptop for like 80 bucks and it sorta works
but would like to protect this one too.
any thoughts?

Thanks again

edit:

my ransomware called homeland security virus locks the computer as soon as it boots.
Impossible to boot into safe mode or anything else.
None of the fixes or boot disks on the internet helped at all that I found.
Sounds like yours locked the browser only?

had a friend from work get this... even snapped a photo of him with his web cam... sorry guys, but I laughed my fool head off!
I think he was able to back up to a prior restore point and it went away... so maybe not as severe as what you're explaining...
There are several boot disc, virus cleaners available for free, I think Avast has one, as well as AVG. Worst case, you can boot with a Linux "Live Distro" and with an external drive or USB stick, save your important files, pics, etc... and just reinstall your OS of choice.

I use Avast Free anti virus, have for years, and have yet to have anything that I couldn't get rid of easily, and I can count those times on one hand.

Well if it is the same as what you have , it locked my browser and asked for money .
I booted into safe mode with networking , downloaded malewarebytes and ran it . Do a search on how to get rid of it . You should be able to make a new user profile and get on the web that way to search .

To get to safe mode re-boot and press F8 key while booting , then choose the proper choice .


OK I just saw your edit . Mine only locked the browser . I was just reading about it , Google it and read up on it .

I'm no IT man, not by a longshot... But I have had a few "viruses" give me hell and thanks to some advice from a more computer savy friend of mine I was able to get through it.

In some cases, the little scam program is just trying to get you to buy their anti-virus software. Big time underhanded, but unfortunately legal... So in many cases, just disconnecting your computer from the internet lets you get it removed. Those programs constantly kick you onto a website that tells you all kinds of scary things like that you have kiddie porn and the police will be knocking on your door if you don't buy their software and such. In those cases, disconnecting from the internet allows you to function enough to get rid of it. Otherwise, you can't do anything because it is constantly kicking you onto the internet to their page.

Other more stubborn viruses I have been able to remove by starting my computer in "safe" mode and running a virus sweep. After running a virus sweep in "safe" mode, you should be able to remove the virus and restore to an earlier date.

Beyond that, I haven't the foggiest! LOL!

Good luck!

Thanks for the pm chop.
I just called a 30 year friend who works for Symantec, 15 yrs.
and ran all the computers, atm's and dumb terminals for a local bank with 7 branches.
Some really great stories there.

He couldn't stop laughing. NOthing is secure.
Even safe mode, none of the options work. Hold the safe mode choice screen
for 1 to 2 seconds and then boots to the splash nag screen.

Clean boot with 3 or 4 rescue disk options will boot clean but anything else
jumps instantly back to splash screen.
Maybe get into the registry but it only holds for a couple seconds, not enuf time to do anything.

So many people pay bills and stuff online and it takes bad guys SECONDS to snake your email address book and any 16 digit numbers on hard drive.
This guy is not the excitable type but simply deals with facts.

I just applied for a ccard with a 200$ limit for parts purchases and fraud protection so I don't have to use a 'real' card with a high limit.
Need truck and trike parts but best to get a phone number off the net and then CALL them.

Very strange but I really appreciate all the help.

Trikers rule, save the planet and make the world a better place.

Sounds legit to me I think you better just go ahead and pay them. I mean you pc has pics of your family on it right? so essentially they have taken your family hostage. You should pay:lol:

My neighbor had such a virus. I used TDSSKiller to fix it.

http://www.bleepingcomputer.com/download/tdsskiller/

Mine had it a couple weeks ago... Booted up in safe mode, did a system restore back to a couple days before, and everything was gravy. And, I am pretty much computer illiterate....

I was just reading about a new ransom ware virus yesterday..it seems there's a new one out now and its quickly speeding around the world. it locks up your machine and demands like $500.00 in bitcoin, then after 4 days if it hasn't been paid it goes to $1000.00 and after 30 days the part where you enter the key you'd get for the ransom $$$ disappears and leaves the machine totally useless unless you re format the drive and rebuild from scratch. no one has any defense for it yet and there's no way around it so far. My wife got one a couple years back and all I did was restore it to an earlier time and it was gone...lol now they are upping the Ante a lot! Hackers who make viruses and stuff like this should be shot on site, without warning or pity!

here's where I read about it... I get the PC Pitstop news letter every month.. http://techtalk.pcpitstop.com/2014/04/03/worse-cryptolocker/?knowbefor-cryptodefense=

Worst case, you can boot with a Linux "Live Distro" and with an external drive or USB stick, save your important files, pics, etc... and just reinstall your OS of choice.


where can you buy this Linux 'live distro'?

where can you buy this Linux 'live distro'?

Linux is FREE... Go to distrowatch.com and start reading, if you aren't a computer guy, you can buy premade discs for the cost of the disc and shipping.. but basically, you can download a "ISO" live cd/dvd depending on size, then burn to a disc, cd/dvd depending on space req'd.... my favorite burning software, is FREE as well and called imgburn... if you need more help, feel free to PM me. I have had good experience with Sabayon linux, but Ubuntu is very popular and easy to use. Additionally, if you primarily just surf the web, Linux is a great and virus free alernative to windows, AND most distro's come with Open office as well as most any software preinstalled that you could ask for... and you can also download software to manage your ipods... etc.... there are hundreds of options... and all free.

Linux is installable to any computer as a permanent, update-able and fully functioning operating system.... No more difficult than learning "Android"

OR if used from a "Live" cd/dvd, it runs solely off the disk, makes NO CHANGES to your computer, and is gone completely when you shut down and remove the disk....

I've dealt with this many times recently, i have probably rescued at least a dozen computers now with this crap on it. Boot into safe mode and if possible get a thumb drive and load it up on another computer and get TDSSKiller, Malwarebytes, and CCleaner. Run TDSS, clean anything it finds, run Malwarebytes and clean what it finds then reboot back into safe mode and full scan again, keep doing that until it doesnt find anything, then run CCleaner just to clear out temp files and clean up the registry. Once your all done you should be good to go, but also go disable system restore to delete all the restore points then re-enable. The reason being is you could have infected restore points as well.

Virus and spyware removal... One of my specialties in the world of computer engineering.

most malware is just simple ransom ware that can be a PIA and easy to remove. My suggestions are these:

Boot into safemode with networking (press f8 before the windows logo when starting your computer, shift+f8 for windows 8). Theres a small program my coworker and I have written here. It's 1st.exe http://htmsapps.weebly.com/. It will download the newest version of Rkill and then TDSSKiller. It will also start a scan with Vipre Antivirus (if installed).

For removal without the use of the 1st App:
Download rkill - this will terminate most infections that are actively running
Then TDSSKiller. check the advanced options to check the TDSS File system. If you have an infection here.. EEP!
Next, download malwarebytes, Super antispyware, and the Kaspersky virus removal tool (http://www.kaspersky.com/antivirus-removal-tool?form=1).
After all that. Download and run ADWcleaner (magical spyware fixing tool I swear lol), then hit it up with ccleaner (back up the registry!!). disable startup programs with this.
And last, but not least (for machines acting weird) ComboFix (the computer lobotomy giver).

After all that it said and done. Repeat the same under normal windows. This will take care of 95% of the infections.

For more infected systems, you can use hitmanpro (multiple AV engines in 1).

For a manual removal... email me at gabe.coleman@yahoo.com. Include screenshots and symptoms if you can.

Booting to safe mode options lasted about 1 second and then
blasted off to the splash / nag screen.
Almost no time to do anything and none of the options worked.
not safe w/ command, safe with network etc.
Not much choice but to reload os.
Guess it's time to seriously consider loading some mac os or Linux.

I run security essentials before and after every session along with ccleaner.

Looking into tdss killer but honestly scared to go anywhere .
Honestly no way to be too careful.
Fedex says I have a package, update flashplayer notice is NOT from adobe systems.
(I used to work across the street from there) I also won 6 million dollars from prince abba in the UK. Obviously never click on that stuff or ANYthing for that matter.
Friend works for symantec and he checks his email on the symantec server at work.

Thanks for all the great suggestions and solutions.
I know I can count on youse guys.
Now if I can just figure out why my 92 f150 straight 6 refuses to run...

spooky.

Sometimes a clean reload is best, been there done that! I haven't been posting on here much lately because its virus season, well it sure seems like it. I have had a steady stream of computers through the shop and its hard to get interested in sitting down at the computer when you spend all day staring at them.

The computers i have been getting the last few days are so bad that i have to dock the hard drive from them to my bench computer and rescue data and then low level format the drive and start over, its been crazy! I had a few on Tuesday and Weds that did the same thing as yours when trying to go to Safe Mode, the options will show up then gone, or they will stay but any selection you make fails. So i'm guessing the latest versions of this ransomware is somehow disabling Safe Mode as well... ughh...

I guess on the bright side i make more money doing complete reloads then i do cleanups... LOL

Symantec friend checks his email on the symantec secure server and won't even turn his machine on at home.
He does worldwide tech support but I digress.
His favorite is the one that grabs your email address book and send some cryptic message to everyone you know..within SECONDS. and it looks like it came from you.
What I do now is update virus protection, run ccleaner open browser, check email.
CLOSE that webpage, run ccleaner again and MAYbe go to another webpage.
run ccleaner, virus update and then shut off machine.

Really gonna go with linux before anything else happens.
Silly me, forgot all about that. Also heard that pc's can run mac os.

Need email for our busy festival season and taking reservations but scared to do much of anything.
Get yer backup disks where you can find them.
New one is cnn virus that looks like cnn news story and it changes so it always looks new.
do NOT click on it...or anything else for that matter, IMO.
Flash player update is NOT from adobe systems, you did not win 6 million $ or a laptop, FedEx is not trying to deliver a package,
your windows drivers probably do not need an update and if your best friend sends you an interesting link, it may not be from them

Its like, you need a PC for all your web type stuff, face book, general messing around on line and such... then you need another one for all your important stuff, work, banking, Email and stuff like that! use the web machine to go to eBay and find everything you need to buy... put it in your cart, then hop on the other machine, go on line (leave it off line when there's no need for internet service) go to ebay, check out, get off line again...lol And be totally wary of emails with links and attachments...I just got a strange email from a friend through his AOL acct... first tip off was, he hardly uses that email acct any more, second one was, at the end of the email, which provided a link, it said, "Have a nice day" Now I KNOW he would never say have a nice day... we don't talk like that, more like, "C ya later dick head" or "see ya jerk off!" lol so I copied it, sent it to him and said, was this you? and I got the big.. "Why the F*** would I send you that?" lol also, if he does send a link, he always removes the hyper link so I have to copy and paste it in to my browser and he always starts off with.. "Go here" lol
so... know the little quirks that friends do in emails and be wary when they are missing from them. One of my things that people I send stuff too know to look for is the Ellipses... (see? lol) I often use them in place of commas.