We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Ransomeware/virus question
DaveG247
Posts: 399 Forumite
Evening all,
So my friends dad has some sort of Ransomewear/virus on their pc I've not seen what it is but am going to have a look at it tomorrow.
Apparently its locked the pc and has the usual ring this number to unlock..(this next bit isn't pleasant reading), they rang the number :shocked: and whoever was on the phones apparently been on the PC _pale_ tolf them that they would have to pay to remove it....thankfully they haven't paid
I'm gonna download all the usual tools from the sticky thread. "if" someones been on their network is there going to be issues if I try and use another pc over that network I don't want to end up with whatever it is on another pc?
So my friends dad has some sort of Ransomewear/virus on their pc I've not seen what it is but am going to have a look at it tomorrow.
Apparently its locked the pc and has the usual ring this number to unlock..(this next bit isn't pleasant reading), they rang the number :shocked: and whoever was on the phones apparently been on the PC _pale_ tolf them that they would have to pay to remove it....thankfully they haven't paid
I'm gonna download all the usual tools from the sticky thread. "if" someones been on their network is there going to be issues if I try and use another pc over that network I don't want to end up with whatever it is on another pc?
0
Comments
-
The first thing that your friend should do is to find out if their dad uses the infected computer to access any financial services (bank, credit cards, paypal etc) and if they do, either try to log on to all of these through another computer and network and change all of the passwords.
If they can't log on, get them to contact the companies concerned asap and explain what has happened.
You also want to confirm if there is any sensitive information stored on the computer as there is a very good possibility that this data has been compromised.0 -
Thanks... the financial stuff had crossed my mind and I'm not sure what info on the machine but I suspect that the pc not been backed up . I'm hoping I get their and its not the worst case scenario.0
-
Best thing for these sorts is Hitman Pro Kickboot - download it and it will create a bootable USB stick to boot the infected pc from to begin to remove it.
One thing, make sure it's not a cryptolocker type which encrypts the user's files before you start - removal is one thing, retrieving the encrypted files is another (and not often possible)......Gettin' There, Wherever There is......
I have a dodgy "i" key, so ignore spelling errors due to "i" issues, ...I blame Apple
0 -
Yes , most ransomware is encryption of all data and unless you are lucky then not breakable without the key
malware tools will be ineffectiveEx forum ambassador
Long term forum member0 -
Aparently the police know all about ransomware...
http://www.darkreading.com/attacks-breaches/police-pay-off-ransomware-operators-again/d/d-id/13199180 -
Yes , most ransomware is encryption of all data and unless you are lucky then not breakable without the key
I'm not sure that's true. There is certainly some ransomware that encrypts your files sufficiently strongly that it should be considered unbreakable. However, I suspect that most ransomware is just bluffing.
This is one reason that people need to keep their data backed up. If you've got a backup, you just get rid of the ransomware and restore your backup... job done.Let's settle this like gentlemen: armed with heavy sticks
On a rotating plate, with spikes like Flash Gordon
And you're Peter Duncan; I gave you fair warning0 -
I'm not sure that's true. There is certainly some ransomware that encrypts your files sufficiently strongly that it should be considered unbreakable. However, I suspect that most ransomware is just bluffing.
most ransomware indeed does not encrypt, it just restricts access, which is normally removable with Kickboot then all your other anti-malware tools. I wouldn't call it bluffing as such..........Gettin' There, Wherever There is......
I have a dodgy "i" key, so ignore spelling errors due to "i" issues, ...I blame Apple0 -
Is it worth booting with a *nix live disc to see if the data is encrypted first?:wall: Flagellation, necrophilia and bestiality - Am I flogging a dead horse? :wall:
Any posts are my opinion and only that. Please read at your own risk.0 -
most ransomware indeed does not encrypt, it just restricts access, which is normally removable with Kickboot then all your other anti-malware tools. I wouldn't call it bluffing as such....
Fair point... at least some malware just pops up windows claiming (falsely) that it has done something to your files and asking for payment. But I suppose that should be called fake ransomware rather than ransomware.Let's settle this like gentlemen: armed with heavy sticks
On a rotating plate, with spikes like Flash Gordon
And you're Peter Duncan; I gave you fair warning0 -
Well it's seems to boot up and I haven't seen any messages it does look like chrome had an issue as its redirecting... Running malwarebytes and so far 1866 objects detected FraudTool YAC seems to appear alot. Shall post a hijack log once finished0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.7K Banking & Borrowing
- 253.4K Reduce Debt & Boost Income
- 454K Spending & Discounts
- 244.7K Work, Benefits & Business
- 600.2K Mortgages, Homes & Bills
- 177.3K Life & Family
- 258.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards