Ransomware Has Taken Over

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by farmgirl806, Oct 14, 2017.

  1. farmgirl806

    farmgirl806 Private E-2

    Hello. My Hp Laptop was taken over by a microsoft ransom. I ran avast virus scan and it found nothing. But the page with the warning just disappeared. I was able to use the laptop but it had different problems everryday. The keyboard would not work. If I shut off the laptop it would work for awhile but then all kinds of problems happened. It told me the hard drive was bad or it would just freeze and nothing would work. So here I am with the logs I have attached. I was not sure what to do with the mglogs.zip. I did not open it but will if that is what you need.. Hoping you can help me. Thanks in advance.
     

    Attached Files:

    farmgirl806, Oct 14, 2017
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You can have ADWCleaner remove what it found. But otherwise, I am not seeing any malware in your logs. I had a similar issue yesterday when I clicked on an infected link in a google search. Had to use task manager to shut down my browser. It was a scare tactic.

    However, since we are not seeing any malware, I can only suggest that you do a system restore to a point before these issues started. If you need help with doing that, post in the software forum.

    Since you are not having any malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. Re-enable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
    3. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    4. If running Vista, Win 7 or Win 8 or 10, it is time to make sure you have re-enabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Now go to the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 or 10 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    6. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    7. After doing the above, you should work thru the below link:
     
    TimW, Oct 14, 2017
    #2
  3. cadi1

    cadi1 Private E-2

    I am so sorry that i have not responded. But I want to thank you for your help. I felt also that the malware was gone and the laptop worked great till today and now the microsoft ransom ware is back and asking me to call them. I will not do that but might you be able to give me advise on how to get rid of this again. I will not be able to work much longer tonight but i can tomorrow. Thank you so much.
     
    cadi1, Oct 23, 2017
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Just delete it and see if it comes back. Is it showing up in a browser or just on your desktop?
     
    TimW, Oct 23, 2017
    #4
  5. cadi1

    cadi1 Private E-2

    On the desktop only and it seems to go away by istself. I will quickly delete it next time. Thanks so much for your help.
     
    cadi1, Oct 24, 2017
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista,Seven,Eight or 10, right-mouse click it and select Run as Administrator.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Attach JRT.txt to your next message.
     
    TimW, Oct 24, 2017
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds