Looking For Some Help

Alright Folks,
I'm kinda looking for some help on this one... so here's the deal:

My in-laws much like me also live in Ontario, Canada.. They use Rogers Cable for internet, they got hit with that stupid scam ordeal where it locks your computer but the thing is they got hit with it a second time.. The first time they panicked and yes sadly they paid.. I formatted there hard drive and put them on linux for a bit but then they chose to go back to windows a few days ago they got hit with that stupid scam again. While talking to them they claim that they weren't doing anything when it happened they were just surfing the homepage the homepage they use is yahoo.ca the browser they seem to use is firefox.. I believe the only addon they have for it is an adblocker.
As for security:
Malwarebytes
Kaspersky Internet Security

As I said they got hit a second time with it the first time was earlier this year, the only recommendation I made since they got hit with things again was to buy a router because the router would put a half decent firewall between the modem and the computer, when I was there last night (friday) I ran both Kaspersky and Malwarebytes neither one found anything.

They dont' have much money so I don't want to offer a solution that would cost them a bunch but any advice that I can pass on to them to perhaps prevent things from happening again would be greatly appreciated

Oh and the second time (earlier this week) when they got hit with things my Father in law was actually able to shut the computer down using the normal shutdown method.

They're currently using windows 10 and they keep everything up to date and always have.

Thanks in advance
Ken

 

What where they doing before they were not doing anything?

Tell them to:

1. Never click on website links unless they are familiar with the site.
2. Never click on email attachments from unknown sources.

Here are three sources worth reading:

• https://blogs.mcafee.com/consumer/10-tips-stay-safe-surfing-web/
• https://staysafeonline.org/stay-safe-online/keep-a-clean-machine/securing-your-home-network
• http://www.wikihow.com/Be-Safe-on-the-Internet#Protecting_Your_Connection_sub

 

according to them they were just reading news articles on yahoo.ca and checking out olympic standings on the site...

 

I edited my post to include three worthwhile reads.

 

Thanks Eldon, I reviewed the links in the post and read two outta three links that you've posted. They do tend to do most of that as they don't do much surfing they just tend to use the internet to check email and check facebook.

I have the modem's firewall security cranked to max.. I'm hoping to get them a router in the near future since I think it would provide better security for the computer in general.

Or am I mistaken for it providing a better layer of security ?


It just baffles me that they tell me they were sitting on yahoo.ca when the pop up happened. If I lived closer to them they no doubt would have called me to come over and look at things but it's not like I could have done anything anymore than what they did.

 

I have messaged a malware fighter, who's online, to add some input.

 

Alright well Thanks for your help and Thanks for messaging a malware fighter hopefully they can provide some more info.

 

Dr. Moriarty;

As far as I know it locked up, but it wasn't locked up very good.. They were in the middle of doing something I'm unsure what so things were locked up but as I said my Father In Law was still able to click the windows start menu to shut it down normally..

 

They weren't signed into yahoo they just were viewing the site.
I believe they were checking out the olympic metal count

As I said above when I was there yesterday I scanned with both Kaspersky Internet Security and Malwarebyets (free) and neither one found anything

Unless they're is another malware scanner you'd like to recommend

 

Did you click on the link in post #10?
Anyone with their email address & password could have signed them in.

N.B.
1. Tell them to immediately change their Yahoo password.
2. And then visit the Malware Removal forum.

 

Eldon, neither one of them have a yahoo email address. So I see the first option being null/void

Im currently looking at the malware forum for sure.

Thanks to both of you, it may take me a little while but I'll let you know how things go