Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HM Pro shows I'm Infected with Ransomware. Please help.


  • Please log in to reply
4 replies to this topic

#1 SupremeMystique

SupremeMystique

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:02 AM

Posted 21 September 2017 - 10:32 AM

https://imgur.com/a/fmJfu

 

I'm running around like a headless chicken right now. HM pro shows I've been infected with ransomware. Avast AV doesn't show anything though when I scan. I have no clue how to deal with this.

Please help me out. 

 

 

 Unfortunately, I can't quarantine it because I'm using a trial edition of HM pro.  I don't want them to access my private information or get access to my banking account. What should I do?



BC AdBot (Login to Remove)

 


#2 cybercynic

cybercynic

  • Members
  • 557 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Edge Of Tomorrow
  • Local time:06:02 AM

Posted 21 September 2017 - 12:06 PM

False positive?

 

 

The process known as OpenAutomate wrapper belongs to software NVIDIA GeForce Experience Application Ontology by NVIDIA (www.nvidia.com). Description:OAWrapper.exe is not essential for the Windows OS and causes relatively few problems. The OAWrapper.exe file is located in a subfolder of the user's profile folder .

We are drowning in information - and starving for wisdom.


#3 Demonslay335

Demonslay335

    Ransomware Hunter


  • Security Colleague
  • 3,491 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:02 AM

Posted 21 September 2017 - 12:43 PM

Can you upload those files to VirusTotal and post the links here?

 

Whether or not this is a legit threat, it's always a good time to make sure you have good backups.


logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic]

ransomnotecleaner-25.png RansomNoteCleaner - Remove Ransom Notes Left Behind [Support Topic]

cryptosearch-25.pngCryptoSearch - Find Files Encrypted by Ransomware [Support Topic]

If I have helped you and you wish to support my ransomware fighting, you may support me here.


#4 SupremeMystique

SupremeMystique
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:02 AM

Posted 21 September 2017 - 01:03 PM

Can you upload those files to VirusTotal and post the links here?

 

Whether or not this is a legit threat, it's always a good time to make sure you have good backups.

https://www.virustotal.com/#/file/a67cae38cf43b3cab4db5a4280694674fa762d799c64905892f5ec2b7bcc0c45/detection

https://www.virustotal.com/#/file/3496b51b37a2b9ab94f6bfb186a54352841847ead41541fda11fbb06980b4bf2/detection

https://www.virustotal.com/#/file/be1c1e3cac7e163c978855bbe574fd7df733aab954e2a2ac2ef6043199292258/detection

 

 

How do you recommend I make a good backup?



#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,386 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:02 AM

Posted 21 September 2017 - 03:01 PM

Backing up data and disk imaging are among the most important maintenance tasks users should perform on a regular basis to protect themselves from ransomware, yet it's still one of the most neglected areas.

Some of our crypto malware experts recommend cloud services such as CrashPlan, Carbonite or Dropbox.
 

IMPORTANT!!! When implementing a backup strategy include testing to ensure it works before an emergency arises; routinely check to verify backups are being made and stored properly; remove (disconnect) and isolate all backups from the network or home computer...if not, you risk ransomware infecting them when it strikes.

 

 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users