Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Got infected, think it's ransomeware


  • Please log in to reply
8 replies to this topic

#1 flingwing67

flingwing67

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:34 PM

Posted 31 August 2016 - 01:01 PM

My home computer (Gateway tower) recently picked up something.  Something reset my browser  (both Chrome and Firefox are victims), and I am unable to reset it.  Now here's the weird part.  I got a call yesterday (computer got infected two weeks ago but I've been on the road) to my cell phone telling me that my computer is infected and I must use their cure.  I did not pursue that, other than to inform him what I thought of his ransomeware.  He told me he was with Geek Squad.  I didn't fall for it.  

 

Another weird factor.  It is only affecting my "side" of the computer.  My wife is having no problems at all.  

 

At this point I do not have enough information to identify it but maybe someone here can help.  Again, symptoms are:

 

Browser is locked on a ad page.

 

Only my side of the computer is affected.  Wife has no problem logging in and doing business.

 

Since he (the creep that called me) knew it was my computer at home that was infected, and had my phone number, do I assume that all my (including my wife's side) personal data is compromised.  Any help is appreciated.

 

 



BC AdBot (Login to Remove)

 


#2 poyer

poyer

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:34 PM

Posted 31 August 2016 - 04:00 PM

What OS are you running on your home computer? and what kind of antivirus program?

there are a couple of things you can do.

download adwcleaner (you find it on this site) on another computer and also malwarebytes free (https://www.malwarebytes.com/).

put these on a usb drive and now on your computer I would go in to safe mode (tap F8 on booting when you use windows 7 or below, otherwise read this:

https://support.microsoft.com/en-us/help/12376/windows-10-start-your-pc-in-safe-mode)

and then run the adwcleaner tool in safe mode. delete everything it finds and reboot normally.

then run the malwarebytes setup and do a scan and delete everything it finds. you can do this too on your wife's computer.

reboot again and remove both browsers from your programs.

again reboot and reinstall both browsers.

After this maybe do a online scan http://www.bitdefender.com/scanner/online/free.html go here and do complete scan of your system.

maybe you can remove your old AV and then install a trial of bitdefender or something simular and do complete scan.

if after all this your still having problems then some other options are available.

hope this will help you.



#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:34 AM

Posted 31 August 2016 - 05:20 PM

Sounds more like a scam.

What does the ad say?
What happens when you close your browser?

If you can't close the browser or if it hangs/freezes, you may have to close it with Windows Task Manager by selecting End Task or just reboot your computer.

Does the ad return after that?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 flingwing67

flingwing67
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:34 PM

Posted 31 August 2016 - 09:12 PM

OK, I am running Windows 10 and have both Avast Premier and Malware Premium.  What comes up instead of my home page (yahoo.com) is a doc to pdf conversion tool.  Address line reads:

 

hp.myway.com/fromdoctopdf/ttabo2/index.html?cold=d71b203 (and the string goes on for seemingly ever). 

 

I can close the browser normally but cannot reset it to my home page.  I haven't had to resort to the task manager or rebooting. 


Edited by flingwing67, 31 August 2016 - 09:13 PM.


#5 flingwing67

flingwing67
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:34 PM

Posted 31 August 2016 - 09:35 PM

Thank you both for your help.  Adwcleaner took care of it.



#6 flingwing67

flingwing67
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:34 PM

Posted 31 August 2016 - 09:37 PM

One last question.  Was the call I got a coincidence?  I don't believe in them, but ....



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:34 AM

Posted 01 September 2016 - 06:23 AM

Read this topic...Beware of Phony Tech Support Scams
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 bjornsturluson

bjornsturluson

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:34 PM

Posted 01 September 2016 - 09:41 AM

Tech Support Scams are popular of late. See quietman7's link.



#9 chalup

chalup

  • Members
  • 191 posts
  • OFFLINE
  •  
  • Local time:06:34 AM

Posted 02 September 2016 - 12:56 PM

As noted, I worked for both Staples and Best Buy tech support, we would never randomly call a customer unless they had physically came in and dropped a PC off.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users