Windows 10: A ransomware attempt was made on my pc using a CLSID that mirrored mine for identification

Discus and support A ransomware attempt was made on my pc using a CLSID that mirrored mine for identification in Windows 10 Installation and Upgrade to solve the problem; It was a scam where they claimed to have a refund for some software, otherwise I'd be automatically charged $300 per month. Naturally when they said... Discussion in 'Windows 10 Installation and Upgrade' started by JonPerry2, Oct 18, 2019.

  1. JONPERRY2
    JonPerry2 Win User

    A ransomware attempt was made on my pc using a CLSID that mirrored mine for identification


    It was a scam where they claimed to have a refund for some software, otherwise I'd be automatically charged $300 per month. Naturally when they said they wanted to put a program on my computer, I refused since I know any dot exe could put "who knows what" on my system, but I was fearful they could bill me automatically. He insisted that it could be done. He told me to check a number which he told me was my computer ID, claiming he had control of my computer by running at the command prompt "assoc" and noting the CLSID number a couple of lines from the bottom of the spool of data. He read off a number this long and with this basic configuration CLSID\{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} and all numbers were what he said.


    He ran something called "splashtop streamer", perhaps foolish me I thought I might be able to stay ahead of what he was doing to learn within the edges of my knowledge of what he could see and what might be a real problem for me; like dancing on a needle. I realized he was looking for a program that I had erased last year by noticing he couldn't find what he was looking for and the PC cleaner type of suite was triggered in my memory. When he realized I'd erased the program that would have been a real problem that I now might be able to evade, he started attempting to change the name of my computer when I broke the connection and removed all the software that had been used in the session that lasted about an hour with me losing it from time to time, "Tell me what you are doing at each step and quit asking me why I'm mad". He was playing me, but I had to make sure what I needed to do to stay as safe as possible.


    After all that I searched for what CLSID is and discovered that malware can be associated with them so I looked for a registry cleaner hoping the number might regenerate, whatever it was associated with and not know if my firewall is vulnerable. I investigated whether or not my Trend Micro would do it so I ran as many of TMs focused operations hoping that even if I didn't completely evade detection I could at least make it a hassle for anyone to mess with me that it wouldn't be worth it. Is it possible that I'm free or what can I do short of reformatting?

    :)
     
    JonPerry2, Oct 18, 2019
    #1
  2. SMEED
    Smeed Win User
    Smeed, Oct 18, 2019
    #2
  3. JSSSSSSSSS
    Jsssssssss Win User
    I have been infected with Ransomware

    Oh.

    I see that a Community Moderator converted your thread from a Discussion to a Question.

    Do you have a question?

    It is not quite clear (to me at least) why you've created this thread....

    In case that you do indeed have a problem with ransomware:

    It would be helpful if you would describe your problem more precisely, see:
    Suggestions for asking a question on help forums

    Without knowing more details, suggestion to read/do:

    Try to identify with what Ransomware you're dealing here:
    https://id-ransomware.malwarehunterteam.com/index.php

    and read/follow this guide:
    How to remove ransomware the right way: A step-by-step guide

    Also: See the pinned threads here:
    https://www.bleepingcomputer.com/forums/f/239/ransomware-help-tech-support/

    Might be the best to get free expert help in above mentioned bleepingcomputer forum....

    =======================

    Also suggestion to read:

     
    Jsssssssss, Oct 18, 2019
    #3
  4. JSSSSSSSSS
    Jsssssssss Win User

    A ransomware attempt was made on my pc using a CLSID that mirrored mine for identification

    how to protect 64-bit windows 10 PC OS from wana cry ransomware

    Suggestion to also read

     
    Jsssssssss, Oct 18, 2019
    #4
Thema:

A ransomware attempt was made on my pc using a CLSID that mirrored mine for identification

Loading...

  1. A ransomware attempt was made on my pc using a CLSID that mirrored mine for identification - Similar Threads - ransomware attempt was

  2. Scam identification

    in Windows 10 Software and Apps
    Scam identification: Hello, Dear MicrosoftDo you have a technician ID# mst241681, Jacob Brown?On Thrusday, Aug.31st my computer was suddenly blocked when I tried to download a book pdf online and it told me my computer was attacked by hacker. Following the instruction I called the microsoft...

  3. Icon Identification

    in Windows 10 Customization
    Icon Identification: I am trying to identify the programme that carries the icon in the image the very badly circled one. I believe it relates to a web emulator. can anyone help identify? Thank you....

  4. Device Identification

    in Windows 10 Drivers and Hardware
    Device Identification: How do I match Windows Devices with my Devices? https://answers.microsoft.com/en-us/windows/forum/all/device-identification/8aeeca73-41ad-49c9-b3ec-0991bc084b62

  5. Ransomware attack on my PC

    in AntiVirus, Firewalls and System Security
    Ransomware attack on my PC: Yesterday I was attacked and they have encrypted all my files in system. They are asking for a ransom of 948 USD for decrypting key. Could anyone help on this. Posting text file received below for refrenceATTENTION! Don't worry, you can return all your files! All your files...

  6. Microsoft downloaded ransomware in my PC?

    in Windows 10 BSOD Crashes and Debugging
    Microsoft downloaded ransomware in my PC?: As I opened a retail website, I got a flashing alert window saying my PC was infected by Trojanware and I was to call this number 800 692 9556 immeidately My husband called them and agreed to remote. They got my information...passwords, everything...and then they said it was...

  7. ransomware attack in my pc

    in AntiVirus, Firewalls and System Security
    ransomware attack in my pc: Date 26-06-2021 when I am update my windows 10 pro, suddenly .piiq virus its ransomware virus attack in my pcand my all files was encrypted with .piiq format and i don't now how to remove or decrypted from my pc.please can anyone help me. its really imp. data in my pc and i...

  8. .vvoa and .sglh ransomware made infected

    in AntiVirus, Firewalls and System Security
    .vvoa and .sglh ransomware made infected: all my drives files are ecrypted by .vvoa and .sglh ... wanna slove https://answers.microsoft.com/en-us/protect/forum/all/vvoa-and-sglh-ransomware-made-infected/a8300d26-030b-4dd6-9861-34c85731da09

  9. identification changes

    in AntiVirus, Firewalls and System Security
    identification changes: I have changed a phone number that I have registered with Microsoft and or windows, and or outlook. where do I go to update those registrations Thank you https://answers.microsoft.com/en-us/windows/forum/all/identification-changes/0ff97a2b-f70f-4062-a5d4-9d34d87e9b10

  10. How to make MY PC mine?

    in Windows 10 Support
    How to make MY PC mine?: I have an HP Desktop which I bought a couple of years ago with Windows 10. I have since accustomed myself to the differences between 7 and 10. There is one, however, that annoyed me then and try as I might to get over it, it still drives me nuts! I belatedly ask for your...