|
|
08-06-2016, 04:00 PM
|
#15
|
Senior Member
Tiffin Owners Club
Join Date: Oct 2011
Location: The Ozarks
Posts: 1,566
|
I got hit by ransom-ware that locked keyboard couple yrs back with XP. After two days on another PC researching and attempting all the fixes mentioned, with no joy. I did what one poster said. Just pay the $39 bucks and dispute charge with CC company. Charge turned out to be off shore and USAA wiped it off my acct. No harm done to computer or files. Used it for several yrs after. But never ever click on screen you don't anything about. just sayn
__________________
Ret. Military/Corporate Pilot
Summers in the Ozarks-Winters in the Keys
Allegro Bus 36QSP
|
|
|
|
Join the #1 RV Forum Today - It's Totally Free!
iRV2.com RV Community - Are you about to start a new improvement on your RV or need some help with some maintenance? Do you need advice on what products to buy? Or maybe you can give others some advice? No matter where you fit in you'll find that iRV2 is a great community to join. Best of all it's totally FREE!
You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with other RV owners, see fewer ads, upload photographs, create an RV blog, send private messages and so much, much more!
|
08-08-2016, 01:15 AM
|
#16
|
Senior Member
Join Date: May 2015
Posts: 145
|
The system restore will only be effective if the malware isn't also coded to not infect the system restore partition. If you're not comfortable editing the system registry, I'd recommend professional assistance. That's all part of the reason we switched to Linux, then Mac, years ago...
Bob & Karen Tipton
2011 NuWa Hitchhiker 31.5 UKTG
2010 Dodge Ram 3500 DRW 6.7 CTD
Full-Time since September 2014
|
|
|
08-08-2016, 10:44 AM
|
#17
|
Registered User
Join Date: Sep 2015
Posts: 2,007
|
Quote:
Originally Posted by skypilot_1
I got hit by ransom-ware that locked keyboard couple yrs back with XP. After two days on another PC researching and attempting all the fixes mentioned, with no joy. I did what one poster said. Just pay the $39 bucks and dispute charge with CC company. Charge turned out to be off shore and USAA wiped it off my acct. No harm done to computer or files. Used it for several yrs after. But never ever click on screen you don't anything about. just sayn
|
I'm guessing/hoping that USAA didn't pay the person who gave you the virus.
This has happened to large hospitals and police departments. I think they paid by wire transfer that could not be reversed.
I would like to know what sites the OP visited that may have given him the virus.
|
|
|
08-08-2016, 11:38 AM
|
#18
|
Senior Member
Outdoors RV Owners Club
Join Date: Dec 2014
Location: NorthEastern Oregon
Posts: 1,111
|
Quote:
Originally Posted by Btipton
The system restore will only be effective if the malware isn't also coded to not infect the system restore partition. If you're not comfortable editing the system registry, I'd recommend professional assistance. That's all part of the reason we switched to Linux, then Mac, years ago...
|
When removing malware one should always turn off System Restore, run the antimalware tools, and then turn System Restore back on. If you run the antimalware tool with System Restore turned on, there are several critical system files that are "in use" and therefore cannot be cleaned if they are infected. Turning System Restore off free's up these files so they can be scanned and disinfected. You can then turn System Restore back on.
__________________
2013 Wind River 280RLS, 200W Solar
2013 Ram 2500 Laramie Cummins 4x4
|
|
|
08-09-2016, 09:04 AM
|
#19
|
Senior Member
Join Date: Feb 2015
Location: Grapevine, Tx
Posts: 5,632
|
Quote:
Originally Posted by fisher99
When removing malware one should always turn off System Restore, run the antimalware tools, and then turn System Restore back on. If you run the antimalware tool with System Restore turned on, there are several critical system files that are "in use" and therefore cannot be cleaned if they are infected. Turning System Restore off free's up these files so they can be scanned and disinfected. You can then turn System Restore back on.
|
Can you do that with Windows 10?
__________________
2004 Fleetwood Southwind 32VS W20 - SOLD!
ReadyBrute Elite towing a 2017 Ford Edge Sport
|
|
|
08-09-2016, 10:13 AM
|
#20
|
Senior Member
Outdoors RV Owners Club
Join Date: Dec 2014
Location: NorthEastern Oregon
Posts: 1,111
|
Quote:
Originally Posted by F4Gary
Can you do that with Windows 10?
|
Yes
__________________
2013 Wind River 280RLS, 200W Solar
2013 Ram 2500 Laramie Cummins 4x4
|
|
|
08-09-2016, 11:33 AM
|
#21
|
Senior Member
Join Date: Jul 2009
Posts: 1,978
|
Quote:
Originally Posted by fisher99
Yes
|
Those who recently upgraded to Windows 10 should be aware that System Restore is turned off by default after the upgrade.
__________________
ernieh
2019 Phaeton 37BH
|
|
|
08-09-2016, 10:47 PM
|
#22
|
Senior Member
Outdoors RV Owners Club
Join Date: Dec 2014
Location: NorthEastern Oregon
Posts: 1,111
|
Quote:
Originally Posted by ernieh
Those who recently upgraded to Windows 10 should be aware that System Restore is turned off by default after the upgrade.
|
It was not turned off on the 3 PCs that I have personally performed the upgrade on. However, I have heard this before, so I'm sure that there is some circumstance where it is true although I don't know what it is. Best thing, however, is obviously to check System Restore status after the upgrade to be sure.
__________________
2013 Wind River 280RLS, 200W Solar
2013 Ram 2500 Laramie Cummins 4x4
|
|
|
08-10-2016, 01:03 AM
|
#23
|
Senior Member
Join Date: May 2015
Posts: 145
|
Quote:
Originally Posted by fisher99
When removing malware one should always turn off System Restore, run the antimalware tools, and then turn System Restore back on. If you run the antimalware tool with System Restore turned on, there are several critical system files that are "in use" and therefore cannot be cleaned if they are infected. Turning System Restore off free's up these files so they can be scanned and disinfected. You can then turn System Restore back on.
|
My point was that some viruses, particularly ransom ware, also infect the restore partition. So that if you do a system restore after cleaning the virus, the virus is restored as well. I do see your point in turning off system restore prior to doing a scan, but not all anti-virus software will "see" the restore partition if system restore is disabled.
Bob
Bob & Karen Tipton
2011 NuWa Hitchhiker 31.5 UKTG
2010 Dodge Ram 3500 DRW 6.7 CTD
Full-Time since September 2014
|
|
|
08-10-2016, 11:15 AM
|
#24
|
Senior Member
Tiffin Owners Club
Join Date: Oct 2011
Location: The Ozarks
Posts: 1,566
|
Quote:
Originally Posted by dexters
I'm guessing/hoping that USAA didn't pay the person who gave you the virus.
This has happened to large hospitals and police departments. I think they paid by wire transfer that could not be reversed.
I would like to know what sites the OP visited that may have given him the virus.
|
Couldn't tell. But nothing obvious like porn etc. What happen was a large red & yellow warning window popped up in center screen. Which mimicked a Microsoft Windows virus alert. Stating to click to stop/remove, whatever. Person clicked on that window and keyboard was locked. Rebooted many times trying to hit F12 key...nothing. This malware was very well known by internet users at the time (can't recall name) as there were hundreds of hits on removal schemes. Including many that said, just pay the $$. When I gave CC info, immediately got a key code on same screen. Which freed up keyboard. Have always ran free virus, malware, spyware, cleaner etc and never had a problem before or since.
__________________
Ret. Military/Corporate Pilot
Summers in the Ozarks-Winters in the Keys
Allegro Bus 36QSP
|
|
|
08-10-2016, 11:18 AM
|
#25
|
Senior Member
Tiffin Owners Club
Join Date: Oct 2011
Location: The Ozarks
Posts: 1,566
|
Sorry double post.
__________________
Ret. Military/Corporate Pilot
Summers in the Ozarks-Winters in the Keys
Allegro Bus 36QSP
|
|
|
08-10-2016, 12:07 PM
|
#26
|
Senior Member
Outdoors RV Owners Club
Join Date: Dec 2014
Location: NorthEastern Oregon
Posts: 1,111
|
Quote:
Originally Posted by Btipton
My point was that some viruses, particularly ransom ware, also infect the restore partition. So that if you do a system restore after cleaning the virus, the virus is restored as well. I do see your point in turning off system restore prior to doing a scan, but not all anti-virus software will "see" the restore partition if system restore is disabled.
|
With System Restore turned off the data that is managed by System Restore is fully available to antivirus and antimalware tools to scan. I don't know of any reputable tool that would not be able to do this.
__________________
2013 Wind River 280RLS, 200W Solar
2013 Ram 2500 Laramie Cummins 4x4
|
|
|
08-12-2016, 11:55 PM
|
#27
|
Senior Member
Join Date: May 2015
Posts: 145
|
Quote:
Originally Posted by fisher99
With System Restore turned off the data that is managed by System Restore is fully available to antivirus and antimalware tools to scan. I don't know of any reputable tool that would not be able to do this.
|
All why I switched to Linux and Mac years ago...
Bob & Karen Tipton
2011 NuWa Hitchhiker 31.5 UKTG
2010 Dodge Ram 3500 DRW 6.7 CTD
Full-Time since September 2014
|
|
|
08-13-2016, 07:56 AM
|
#28
|
Senior Member
Join Date: Jul 2014
Location: Tustin, CA
Posts: 1,012
|
Quote:
Originally Posted by Btipton
All why I switched to Linux and Mac years ago...
|
I've used Macs almost from their start, I also do Windows, and let me say you still need to be careful. About 99.9% of the time when someone gets infected on a Mad it's due to them responding to a program installation request without checking the program they are loading. In other words, operator failure.
As far as what the OP was wondering about it's not a virus or worm. Just a web page written to lock you in once you go to it. If you kill the browser or reboot and don't go to that page again your fine as noting was actually loaded on your computer.
__________________
John (N6BER), Joyce, Lucas (Golden Retriever mix), Bella (Great Pyrenees) and Lance (Great Pyrenees).
Tustin, CA
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Thread Tools |
Search this Thread |
|
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Discussions |
|
|
|
|
|
|
|
|
|
|
|
|
|