This morning I got a pop-up that looked like an official update notice for Adobe acrobat pro (I have CS 5.5) after what looked like an official looking adobe update my anti-virus started flashing warning messages about blocked websites that the computer was trying to access. IP addresses tracked back to some jackasses in Russia.

 Instead of going the rout of paying for and loading some  removal tool I unplugged the drive and bought a new drive for the PC. The OS, updates and anti-virus software is all re-installed now. Now I have to re-load data from my runtime (I did have a backup but it was a few months old.)

Will it be safe to plug this old drive back into a SATA port and retrieve my old data? Will I need to do something special with the drive while copying files? I need to copy my runtime, my Reason folder and probably my USER folder (desktop, pics, videos, iTunes, etc.)

I'm running windows 7 ultimate  and my anti-virus software is ESET Nod32.

any help would be great and yeah, I know I should be emailing support at eset but the automated thing just pointed me at giving them more money for the cyber security product which I have doubts actually would fix my problem.  

Hi there

Please download this,this usually will delete all unwanted trojans etc 

First program which I would try is Malwarebytes Anti-Malware and then I would go down the route of the Adwcleaner and Combofix,for bellow programs here are links

http://www.bleepingcomputer.com/download/adwcleaner/

http://www.bleepingcomputer.com/download/combofix/

Usually those programs will delete anything what is unwanted or what is dangerous

Yes this happens to my brother with his laptop,when he tried to download Adobe flash

Not sue I've recovered all my files from crashed HDD and too from HDD which has been full of viruses with above programs,but be 100% sure I would go down the route of the Safe boot and then I would try to recover files 

This virus looks like is it Ransonware which are worst,does this virus started to lock yours folders or not? If yes then I would suspect you have one of the worst virus which is called Cyberlocker,but I think someone has cracked their code which is good news 

Hope this help

Thanks,Jura

I agree with Jura 11.  First step is run Malwarebytes Anti-Malware.  Don't just run it once. Run it at least twice or until the problem is solved.  Take note of what Malwarebytes is finding and trying to remove because you may have remove it manually.  Removing malware shouldn't be a big long and complicated process that requires changing a bunch of things and coding.  

Ransomware can be defeated, it's just that some are more difficult than others to get rid of. 

Never update from a pop up even if it looks official.  Updates like that train us to just click without reading what updates are actually being installed.   If you get a pop up to update take note of what software it's for. Let it close "most official" pop ups will close on their own.  Once it closes open the software and update directly from the software.  Do this especially with Adobe Flash.  Type in adobe's website and update from there and never from a pop up in the browser.

Another in support on Malwarebytes, I have used it for years on a regular basis and it is always my first port of call if a family member or friend hands me their computer saying it is slow or has other problems.  Over the same period I have changed my anti virus programs a few times when an updated version started to play havoc with my system but Malwarebytes has remained my go to program.

Ditto to the rest. Seeing as you've already set up a new HDD, load Malwarebytes and point it at the old drive before transferring data. In any case, if you have firewall software it should warn you when you copy it across. I've done this before and it works fine. A pain, but recoverable.

Malewarabytes definitely.  I've used it in combo with HitmanPro. 

I had loaded Malwarebytes on the old HDD thinking it was a free program but it shut down after a couple of weeks with a message that my trial software had expired. I'll take a look at it again.

 I'm also considering plugging that drive into another (non critical) computer and disabling the OS so nothing will boot from that drive before I start getting files off or scanning it for malware.

Malewarabytes has a free version.  I don't remember if there is a separate download the for the free version.  If your old drive is plugged in, try to launch Malewarabytes.  If it launches, run the update for it and then run the scan a couple of times.

If it won't launch, still consider buying it.  Even if you have a good AV suite, I found that Malwarabytes tended to pick up things the AV missed. 

I would go to the bleepingcomputer site and read the What to do first  part of the forum. Malwarebytes run from safe mode will kill most things.

you might start a new thread for your problem and be guided through the process.

The FBI ransom virus is nasty and you want to make sure its all gone before you do any credit card purchases or electronic banking.

Currently, Malwarebytes offers a yearly license which covers 3 machines.  Unless the free version options have changed, it did time out after 30 days in the past.  

 OK. I've put down my $24 for the premium version of MB but am unable to find the controls for it to scan an attached HD. All it seems to be good for is scanning the drive that it is loaded on and the computer booted from.??????? I have emailed MB tech support but I have a fear that they will want more money for some other product..

  ...unable to find the controls for it to scan an attached HD.

     Open Start>computer so that you see all HDs/flash drives.  Right-click on the suspect HD;  there should be a popup menu which includes scan with MalwareBytes.

 Thank you! I'll do that right now. Just seems a bit counter intuitive not to be able to do that from within the program.

     I believe you can also do it from the MBytes UI;  custom scan > scan now and then browse the folder/drive you want scanned.  That is also where you'll find the option to scan for rootkits.

 Just looked for it. Does not show up in the menu. There is a menu item for scanning with my anti-virus so I'm doing that right now. Don't think I'll hear back from the folks at MB till Monday.

If I open MalwareBytes UI, I see this, and I would click on scan...

The scan menu opens.  I click on the Custom Scan radio button, then click Scan Now...

The scan configuration window opens.  I select the drive(s), and tick the desired scan options on the left, and then click Start Scan...

 God, sometimes I feel so dumb! Thanks for the help. Scanning right now.

Hi there

As above you can try to run MB from Scan-Custom Scan and then select HDD which you are suspecting is full of viruses 

Something like this 

Or you can try boot with HDD on which you are suspecting there are viruses and use above SW Combofix or AdwCleaner,I've used both SW and both are very easy to use and they're best,MB is good,but he doesn't remove fully all viruses and all traces 

Sometimes you need to use 2 or more programs to remove all viruses

Hope this help

Thanks,Jura