Results 1 to 10 of 35

Thread: Ransomeware help

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Junior Member
    Join Date
    Jul 2017
    Posts
    19

    Default Ransomeware help

    A chatbox like IM box appeared on my screen and started chatting with me. Said they have been watching me for awhile and basically they want me to use Paypal to pay them money, they said they have seen me use it before. I did not reply when they asked for money and I shut everything down. I went back online last night for awhile and nothing came up. Everything seems to work fine on my laptop and I have not heard from them again. I have run spybot and malwarebytes and tried to clean with those two programs, but I don't know what to do now. How can I get rid of it and how can I ever be sure that they are gone and can't get back in so that I can use my laptop again and feel secure.

    Thanks

    MickD.

  2. #2
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,810

    Default

    Hi MickD
    If this is really ransomeware then there wont be much I can do to help other then supply you with links to read over with information regarding Ransomeware.
    https://www.bleepingcomputer.com/new...enis-and-more/
    https://www.bleepingcomputer.com/new...ana-decrypt0r/


    But, they asked you to use PayPal?....interesting.

    On the other hand it kinds resembles scam-ware.....just an idea because it could indeed be Ransomeware.

    ~~~~~
    Before continuing please create a restore point.

    ~~~~~~~~~~~~~~~`

    RogueKiller
    • Download the right version of RogueKiller for your Windows version (32 or 64-bit)
    • Once done, move the executable file to your Desktop, right-click on it and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
    • Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
    • Wait for the scan to complete
    • On completion, the results will be displayed
    • Check every single entry (threat found), and click on the Remove Selected button
    • On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
    • This will open the report in Notepad. Copy/paste its content in your next reply


    AdwCleaner - Fix Mode
    • Download AdwCleaner and move it to your Desktop
    • Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
    • Accept the EULA (I accept), then click on Scan
    • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all active processes
    • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
    • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,810

    Default

    Heres another link
    https://www.bleepingcomputer.com/vir...at/ransomware/

    What is the computer doing out of the ordinary?
    Is it showing symptoms of infection?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  4. #4
    Junior Member
    Join Date
    Jul 2017
    Posts
    19

    Default

    Thank you for the reply and I will go through the steps of things to do that you listed. I'm only calling it ransomware because I don't know what else to call it. It doesn't seem like ransomware that I have heard of. It was a chatbox or like an IM box that appeared onscreen while I was online doing nothing really, email, news. It started talking to me and at first I tried to shut it down anyway I could think of and then it said, "you can't close it". He said he wanted money and that I could use paypal to send it and that he knows I know how because he has watched me do it. I asked why me and all those questions and didn't get a straight answer and I cannot tell if it is someone local or foreign or anything. Please ask any other questions you have.

    Quote Originally Posted by Juliet View Post
    Heres another link
    https://www.bleepingcomputer.com/vir...at/ransomware/

    What is the computer doing out of the ordinary?
    Is it showing symptoms of infection?

  5. #5
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,810

    Default

    Yes, I'd like to see those logs.

    I'm not that good with remembering all the types and functions of ransomewares out there and new ones are created often, but I will ask around.
    But I was thinking it kinda locked down your computer and files?, you seen any signs of that?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  6. #6
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,810

    Default

    Also, I'm going to need to see the logs created by the following tool


    Farbar Recovery Scan Tool (FRST) Scan
    • Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) andsave the file to your Desktop.
    • Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
    • Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme.
    • Click Yes to the disclaimer.
    • Ensure the Addition.txt box is checked.
    • Click the Scan button and let the programme run.
    • Upon completion, click OK, then OK on the Addition.txt pop up screen.
    • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •