petya(?) ransomewear

XWrench3

Daemon Poster
Messages
818
Location
W. MICHIGAN
so i got this wonderful pop up age tonight surfing around. it said that my computer had been infected and to call a phone number to talk to someone who could guide me thru the removal process. well, this isn't my first time around the block. and i had not heard of that particular infection. so in typical fashion, i dismissed it as yet another in a long line of hoaxes that plaster the web. i did for safety's sake, run Microsoft's malicious tool removal program. it did find one file that was infected. but it never did give me a report as to what or where it was. i went onto Major Geek to check about ransom wear removal utility, and the very first one mentioned this exact same one. so i downloaded it, and it is running at the moment. i am thinking that if i get this before i shut down the computer, i might be ok. but i have not had one before (and i am not really sure i have one now), so i really do not know what to expect.
 
well, apparently it was a hoax. my computer never shut down, and it continues to run even after a restart. i ran my anti virus, ran windows malicious software tool, downloaded a tool that was supposed to find "petya", and i just now ran chkdsk. noting comes up anywhere. i do have a recent back up of everything, as i just went thru a complete system restoration. i really do not keep much on my computer to ransom. but of course, they don;t know that. so it appears that my data is safe. i guess i thought ransom wear was pretty much a big business thing. maybe its changing?
 
I would also suggest running a scan with Malwarebytes Antimalware (the Free version is fine, you don't need to activate the Pro trial). Scan with it, delete whatever it finds, reboot and post the log here. Download it from here:
https://www.malwarebytes.org/mwb-download/

Then, run a scan with AdwCleaner. Same as above, scan with it, delete what it finds, post the log file here. Download from here:
AdwCleaner Download
 
I would also suggest running a scan with Malwarebytes Antimalware (the Free version is fine, you don't need to activate the Pro trial). Scan with it, delete whatever it finds, reboot and post the log here. Download it from here:
https://www.malwarebytes.org/mwb-download/

Then, run a scan with AdwCleaner. Same as above, scan with it, delete what it finds, post the log file here. Download from here:
AdwCleaner Download

Toss Zemana into the mix as well. After being hit a couple of times with AnonymizerGadget I have found that Zemana is pretty freaking powerful.

https://www.zemana.com/Antimalware
 
i got a clean bill of health from all three programs. and the computer seems to be functioning fine. but i hate having that little bit of doubt sitting on my shoulder all the time. why do people do crap like this?
 
i got a clean bill of health from all three programs. and the computer seems to be functioning fine. but i hate having that little bit of doubt sitting on my shoulder all the time. why do people do crap like this?
$$$$$

its been quite a while, what is a good rootkit detection tool?

Panda Anti Rootkit and TDSSKiller have served me well in the past.
 
how do they make money spreading junk like that? i certainly understand the need to make cash, but that to me is like taking money from terrorists . its just going to turn around and bite you in the backside when you least expect it. and your not going to like the bite! // thanks for the rootkit, i will run it as well. though i am not expecting to find anything. its one less pest sitting on my shoulder.
 
Back
Top Bottom