Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think its clean, but would like to be sure.


  • Please log in to reply
4 replies to this topic

#1 sunbound

sunbound

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:wisconsin
  • Local time:09:17 AM

Posted 21 December 2014 - 09:58 AM

Last week, while traveling, I had a web page open another webpage that looked like "scareware"... you cant close this webpage, all your files are encrypted, etc... trying to close the tab didn't do anything, closing the browser itself didn't close anything. 
 
I unplugged the network cable, and CTRL-ALT-DEL and closed every chrome listed till the offending page closed. I ran AVG, malware-bytes, and spybot search & destroy, and it all turned up clean. I crossed my fingers, and rebooted and everything seems to run fine, but i still have that seed of doubt lurking in my head.
 
I really don't want to re-install everything on my laptop, but i really would appreciate it if you guys could take a look at some logs and give me your best advice.
 
thanks
 
sunbound

Edited by Queen-Evie, 21 December 2014 - 01:10 PM.
Moved from Windows 7 to Am I Infected since you have doubts.


BC AdBot (Login to Remove)

 


#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 21 December 2014 - 11:28 AM

sunbound, on 21 Dec 2014 - 2:58 PM, said:

Last week, while traveling, I had a web page open another webpage that looked like "scareware"... you cant close this webpage, all your files are encrypted, etc... trying to close the tab didn't do anything, closing the browser itself didn't close anything. 

 

Hello there,

 

Did it buy any chance provide a number you had to call or an amount of money you had to pay to unlock any files? Were any files encrypted?

 

Was it by any chance the same as the picture below?

 

2a7hkox.png

 

Thanks,

Lighthouse Party


Edited by LighthouseParty, 21 December 2014 - 11:28 AM.


#3 gmaomg

gmaomg

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ontario, Canada

Posted 21 December 2014 - 01:25 PM

Have you checked any documents or photos? Encryptions usually start with documents and picture files. If your files are fine, then you are probably fine. If your files are fine, you should back up your system just incase. 



#4 sunbound

sunbound
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:wisconsin
  • Local time:09:17 AM

Posted 26 December 2014 - 11:10 AM

No, the site that came up doesn't look anything like the pictures you put up... most of it was black and had A LOT of text. It didnt come up in a pop-up either. it actually opened another tab in Google chrome.  In hindsight, i wish i would have taken a screenshot. 

 

I've checked all my media files on this computer, and everything seems fine. I don't have much on this machine. I'm just nervous about plugging it into my network and the bug spreading. 

 

Thanks guys. 



#5 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 26 December 2014 - 03:11 PM

Hello there,
 
Let's check your computer to see if malware is present.
 
:step1: Please download MiniToolBox to your desktop

  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points

:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.

  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

:step4: Please download Malwarebytes Anti-Rootkit to your desktop

  • Double click it and click ok (Make sure to extract it to your desktop)
  • When it opens, click next and then update.
  • After it's updated, click next and then scan.
  • If malware is detected, select clean, then restart your computer.
  • Open 'MBAR' on your desktop and paste the contens in your reply of the following logs:
  • mbar-log-xx.xx.xx.txt and system-log.txt.

:step5: Non-malware removal steps

Run System File Checker - http://support.microsoft.com/KB/929833
Run Disk Check - http://support.microsoft.com/kb/2641432
Mod Edit.. Removed ..ill advised to do with this possible infection ~~ boopme

Thanks and good luck!


Edited by boopme, 26 December 2014 - 05:28 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users