Windows 10: Ransomware Daughters Computer

Discus and support Ransomware Daughters Computer in AntiVirus, Firewalls and System Security to solve the problem; Daughters computer has some kind of Ransomware virus on it. It has set the computers clock back, if you try to navigate to any website a fake Windows... Discussion in 'AntiVirus, Firewalls and System Security' started by msny, Jun 30, 2016.

  1. msny Win User

    Ransomware Daughters Computer


    Daughters computer has some kind of Ransomware virus on it.
    It has set the computers clock back, if you try to navigate to any website
    a fake Windows Defender web page appears. There is a "Microsoft"
    phone number and an audio suggestion you call the number.

    It is on my home network as a wireless desktop but I am not sharing it
    with any device. As soon as we discovered we powered it off.

    So, my question is, where to begin trying to do a fix?
    She is running windows 7 home premium.
    Its an old Dell Vostro model.

    Thanks for any advice, i have no idea.

    :)
     
  2. How Avoid Ransomware

    Hello, Recently I reading topics about ransomware. A victim asking question to prevent ransomware because his PC got infected by the ransomware and stop data and computer access.. and demanding for money to the victim... his data got encrypted.

    So How to avoid ransomware and prevent
    to keep safe our pc in future?

    Is Windows Defender can Avoid Ransomware?
     
    Raman Singh [Insider], Jun 30, 2016
    #3
  3. simrick Win User

    Ransomware Daughters Computer

    Hi.
    I would start with RKILL. This program comes in a few versions, some renamed to fool viruses/malware into letting it run (if you find you have that problem). RKILL basically disables malicious activity on the system, giving you control back enough to run disinfection scans. Everything RILL does is undone by a reboot, so once you run it, you want to get your disinfection scans done right away before rebooting.

    Once RKILL has been run, Do a Malwarebytes Antimalware Free scan: uncheck the box for the free trial, update the virus definitions, then select Custom Scan, check the box for Rootkits, and then select the operating system drive for a complete scan. This will take quite some time, so be patient.

    Next I would run ADWCleaner to get the last bits out. This program will require a reboot after it's run.

    Finally, JRT (Junkware Removal Tool) to clear out the browsers.


    Good luck and let us know how it goes. *Smile
     
    simrick, Jun 30, 2016
    #4
  4. altae Win User
    I recommend a clean install. My experience is that you loose so much time trying to fix an infected pc (with no guarantee of success) that in the same time you can simply reinstall everything and end up with a brand new system again. A new system is also trustworthy while with an (apparently) cleaned system you never know if there isn't some malware left within the system.
     
    altae, Jun 30, 2016
    #5
  5. simrick Win User
    Depending on the amount of programs/data on the system and the amount of time required to re-set everything up, a clean install may not be a first option. Besides, this particular infection is common and not difficult to clean, and, as long as it has not been on the computer for any length of time, has probably not done any additional damage. *Smile
     
    simrick, Jun 30, 2016
    #6
  6. <Just popping in to play "net nanny": Theoretically, MBAM should automatically check for updates during the setup wizard AND before a manual scan (Free, Trial and Premium versions). This was implemented in 2014 with version 2.x because a lot of new users did not remember to manually update the databases before scanning after a new install. That led to a lot of F/P and some F/N calls to the help desk. Having said that, there's certainly no harm in performing a manual update check before scanning.....
    Also, I'm sure @simrick meant to say "malware definitions", not "virus definitions". *Wink MBAM is not an AV and is not a substitute for an AV. It targets largely non-viral malware. Folks are often confused by that, thinking that they can use MBAM instead of an AV.>

    And now, back to our regularly scheduled thread...*Smile

    MM
     
    MoxieMomma, Jun 30, 2016
    #7
  7. msny Win User

    Ransomware Daughters Computer

    All fixed, thank you very much.
    Malwarebytes did not find it. It was a hidden rootkit.
    I had to use TDSS killer to remove it.
    But your links took me to a blog, that had this solution
    after running RKILL.

    Download Free TDSSKiller - Rootkit Removal | Kaspersky Lab US

    Ripped a couple hours off my life but worked fine.
    Better then a reinstall.
     
    msny, Jul 2, 2016
    #8
  8. Mystere Win User
    I think you're confused about what Ransomware is. Ransomware is when a virus or Trojan encrypts the contents of your computer, then attempts to extort money out of you to get that data back. (in most cases, they never actually give you the tools to decrypt the data, even after you've paid). That does not sound like the case here.

    In addition, while you may have also had other malware, the symptom you mention isn't a virus or malware at all, it's just a very well-crafted web page that makes it difficult to get rid of due to it taking advantage of automatic page re-opening. The "Call Microsoft" web pages are generally not actually anything installed on your computer.

    Again, it sounds like you found a rootkit or other malware, but I don't think that was what your original problem was. It's good that you got it cleaned up though.
     
    Mystere, Jul 2, 2016
    #9
  9. simrick Win User
    Mmmm....no. Actually, any infection that holds your computer hostage is a type of ransomware. Some encrypt while others don't. One ransomware sets the Windows System password which prevents you from booting into your operating system. That is also a type of ransomware. So, yes, the OP did indeed have a type of ransomware, holding his computer system hostage until he called the number to have it "fixed".

    Glad to hear you got it sorted! I suspect you didn't check the box in Malwarebytes to scan for Rootkits, as it usually finds them when you do. No matter - TDSSKiller is a good tool as well! Cheers! *Smile
     
    simrick, Jul 2, 2016
    #10
  10. msny Win User
    It was a series or web page redirects that posed as ransomware.
     
  11. msny Win User
    I did have it checked for rootkits, still missed it.
    Ran it 3x.
     
  12. simrick Win User

    Ransomware Daughters Computer

    Wow. Glad you got TDSSKiller on the job then! *Smile
     
    simrick, Jul 3, 2016
    #13
  13. Mystere Win User
    No, Ransomware requires... a ransom. Setting your computers system password isn't ransomware because there is no way to know how to get the new password. It's not being held for a ransom (payment). It's just preventing access and being malicious.

    If something sets your bios password, how exactly would you know who to contact to try to pay said ransom?
     
    Mystere, Jul 3, 2016
    #14
  14. msny Win User
    Your both right!
    It was ransom-ware as it always redirected any web page to a phone number to pay for a fix.
    It was malware because it infected the computer with numerous ads on top of that. It kept
    setting the computer clock back, so that virus software and apps stopped working.

    It was a hybrid of some sort.
    I should have wrote down it's name, but I was anxious to get rid of it.
     
Thema:

Ransomware Daughters Computer

Loading...
  1. Ransomware Daughters Computer - Similar Threads - Ransomware Daughters Computer

  2. Giving Window 10 computer to daughter

    in Windows 10 Software and Apps
    Giving Window 10 computer to daughter: I am giving my Windows 10 computer to my daughter. I have removed my data and programs. How do I get rid of my account. She can set up her own account....
  3. Giving Window 10 computer to daughter

    in AntiVirus, Firewalls and System Security
    Giving Window 10 computer to daughter: I am giving my Windows 10 computer to my daughter. I have removed my data and programs. How do I get rid of my account. She can set up her own account....
  4. Giving Window 10 computer to daughter

    in Windows 10 Gaming
    Giving Window 10 computer to daughter: I am giving my Windows 10 computer to my daughter. I have removed my data and programs. How do I get rid of my account. She can set up her own account....
  5. Bitlocker Unauthorised Locking of Computer Ransomware

    in Windows 10 Gaming
    Bitlocker Unauthorised Locking of Computer Ransomware: So I see that Micro$oft has it's own version of ransomware now.My kid goes to use their laptop to access an online school session that has to be done now, and is faced with blue screen of death bitlocker.I have never set this up, never authorised this, never really heard of...
  6. My computer and network has Ransomware on it:

    in Windows 10 Network and Sharing
    My computer and network has Ransomware on it:: There is ongoing incessant and unmerciful harrasment going on towards me that is making me sick at the thought of going to work.I'm fairly certain that my computer has a worm on it that I do not know how to get rid of. It is also on my phone. Last night; before my whole...
  7. Removing ransomware from the computer

    in AntiVirus, Firewalls and System Security
    Removing ransomware from the computer: This question is related to this questionMy computer was attacked by STOP DJVU family of ransomware and all of my files are encrypted to .orkf extension.I scanned my pc several times by Malwarebytes and Windows defender, nothing showed up Should I scan my pc with another...
  8. My computer is infected by ransomware virus

    in AntiVirus, Firewalls and System Security
    My computer is infected by ransomware virus: My all data is infected by extention [.boop] on my computer ransomware virus attack [ATTACH][ATTACH][ATTACH] https://answers.microsoft.com/en-us/protect/forum/all/my-computer-is-infected-by-ransomware-virus/f9519a2d-3413-42a6-8b74-9e634e4e6a6a
  9. Ransomware destroyed computer

    in Windows 10 Updates and Activation
    Ransomware destroyed computer: My computer was infected with ransomware. I rebooted the computer and it now appears that the entire drive and OS are inaccessible. I have another copy of Windows and tried booting with the Windows 10 USB, and it cannot repair or recover the instance I had on the disk....
  10. Killed my daughter's computer during update

    in Windows 10 Installation and Upgrade
    Killed my daughter's computer during update: Greetings, I was performing a Windows 10 update on my daughter's HP Stream laptop when ti got hung up (9 hours at 10%). With no other apparent choice, I hard-powered it off. Now, nothing I've tried has made Windows repair successfully. My latest effort was to create a USB...