Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ransomeware- Am I Infected?


  • Please log in to reply
2 replies to this topic

#1 thulagaari

thulagaari

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 17 October 2013 - 06:22 AM

Hi there, I am new to this forum which has been highly reccomended by my partner so hope I am  posting a question in the right area of the forum.

I had a message today from www.spamhaus  as follows:

ask 'Major Media Sales - Sending' reported error (0x800CCC69) : '  The server responded: 550 please see http://www.spamhaus.org/query/bl?ip=81.136.228.130'   

 

On clicking the link I was advised that my email was listed in CBL due to a malicious virus detected "ransomeware". 

I have googled this virus which appears very serious if actually infected with it as suggests my computer could be hijacked and a fee required to unlock it. It does normally eveidence itself if actually infected with a pop up screen suggesting to be from US Homeland Security which in reality is false and I am based in the UK and to date have not experinced this window. The only thing I have had is the advice via Spamhaus which might not even be genuine either.

My question is am i infected with Ransomeware and what can I do to detect and remove the virus?

I have got Microsoft Security Essentials installed with regular updates plus Malwarebytes which have not deteced any security issues on my computer. the report from Malwarebytes is as follows:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.08.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Major :: MAJOR-PC [administrator]

17/10/2013 11:39:54
mbam-log-2013-10-17 (11-39-54).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 202051
Time elapsed: 32 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

 

 if you could advise me on ransomeware and detection and removal I would  be extremely grateful.

Many thanks for your time

Regards

Adrian   



BC AdBot (Login to Remove)

 


#2 hbyton

hbyton

  • Members
  • 196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England
  • Local time:10:54 AM

Posted 17 October 2013 - 11:20 AM

I wouldn't think that it is possible for anybody to know that your computer if infected by email. If your computer was infected with ransomware you would most likely not even be able to boot into windows properly. 

 

Are you able to use your computer as per usual?


Edited by hbyton, 17 October 2013 - 11:22 AM.


#3 thulagaari

thulagaari
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 17 October 2013 - 11:28 AM

Hi there, many thanks for your response. The computer is all working fine and the only thing I have had is this report via spamhaus who used it as a reason to block my ISP and add me to their CBL list. I ran a full secuity check with Windows Security Essentials and no detection of ransomware but it did identify problem with Java/CVE-2013-0422 which I removed. 

I guess I wanted to know if there is anything I should do to protect myself from ransomware and reason why spamhaus detected it?

Many thanks

Adrian






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users