User Panel
User Panel
User Panel
|
Posted: 2/28/2024 3:32:57 PM EDT
[Last Edit: Grizz272]
This the second time in a month that my wife's laptop has been locked up because of ransom ware.
I suspect it is coming in from facebook dog videos. We are using norton's. It does not seem to help with this. Any suggestions on what to use? What to tell her to stop clicking on? The computer powered up around 8pm last night with no issues. This afternoon it power up normally and has been running with out any issues. No "apparent" sign of the ransom ware. The wife thinks the stuff came from facebook. Her favorite site I think is sketchy the new user sign up sheet seems to have aids and the website owners have not been on the site for months and appears to have not done any up grades in over a year. |
|
|
|
|
Posted: 2/28/2024 3:49:26 PM EDT
[Last Edit: pestilence12]
[#1]
I doubt its the dog videos.
As for stop clicking, uh just about everything that is unsafe. There is more going on here if this is the second time this month. Is it the same computer as last time? How was that corrected? Is she using your home network, or going to the mall/school/starbucks and connecting to unsecured wifi there? Has she ever tried to click past a "This connection is not secure" warning? Did she open a sketchy email? Did she change her email password and preferences for filtering spam the last time this happened? ETA Do you use a VPN? Have you updated her computer to the latest operating system and latest security profile? Like I said, a lot going on here. |
|
|
|
CO, USA
|
Posted: 2/28/2024 3:59:43 PM EDT
[#2]
Get rid of Norton.
|
|
|
|
Posted: 2/28/2024 4:05:45 PM EDT
[#3]
You have to provide access to the hacker to enable them to control your PC and thus encrypt it to ransom it. I doubt the affected PC was ever properly cleaned after the first one.
|
|
|
|
|
Posted: 2/28/2024 4:16:59 PM EDT
[#4]
It's time to install a new hard drive and a fresh install of an operating system. Look at bleeping computer for ideas on how to remove the infection. I would consider everything on that computer a total loss from a data standpoint. Bitdefender is the only consumer-grade antivirus I recommend.
There is a reason I run EDR on my personal computers and most of my family as well. |
|
|
|
|
Posted: 2/28/2024 4:33:42 PM EDT
[#5]
Quote HistoryOriginally Posted By -Obsessed-: You have to provide access to the hacker to enable them to control your PC and thus encrypt it to ransom it. I doubt the affected PC was ever properly cleaned after the first one. You are probably right about not being cleaned the first time. What is EDR? |
|
|
|
|
Posted: 2/28/2024 4:42:26 PM EDT
[#6]
Quote HistoryOriginally Posted By Grizz272: You are probably right about not being cleaned the first time. What is EDR? |
|
|
|
|
Posted: 2/28/2024 4:43:36 PM EDT
[#7]
This is what I point most people personally to.
https://www.bitdefender.com/solutions/premium-security.html |
|
|
|
|
Posted: 2/28/2024 5:10:43 PM EDT
[#8]
Quote HistoryOriginally Posted By Grizz272: You are probably right about not being cleaned the first time. What is EDR? Basically a smarter antivirus that is proactive at recognizing threats vs reactionary like typical antivirus. |
|
|
|
|
Posted: 2/28/2024 5:17:54 PM EDT
[#9]
I've had great luck with Trend's internet security. I briefly switched to Avast I think it was and in less than a month I got hit with ransom ware. Luckily for me it was a shitty one that you could get around in safe mode. I immediately went back to Trend.
|
|
|
|
|
Posted: 2/28/2024 5:21:20 PM EDT
[#10]
She needs to stop opening attachments, even PDF and Office documents can get you now.
|
|
|
|
|
Posted: 2/28/2024 10:07:46 PM EDT
[#11]
As the battery near no power some windows opened and I found out that Norton's update been turnoff. I will start from there. Norton's has been updated and the computer reset. The computer reset and came up normally then the battery died . We are waiting for the battery to recharge before we turn the computer back on and see what happens.
|
|
|
|
|
Posted: 3/1/2024 9:10:29 AM EDT
[Last Edit: farfromhome]
[#12]
No need for "total protection". Block ads, every ad.
Explain to your wife now fakecrap is mind poison. I am pretty sure you can log into facecrap via Tor. I use linux but I am surprised when I see an ad, not on my PC. |
|
|
|
MI, USA
|
Posted: 3/1/2024 9:26:49 AM EDT
[#13]
Originally Posted By Grizz272: The wife thinks the stuff came from facebook. Her favorite site I think is sketchy the new user sign up sheet seems to have aids and the website owners have not been on the site for months and appears to have not done any up grades in over a year. I have concerns about this paragraph, that I think some other people have missed. Are you talking about Facebook's "new user sign up sheet?" Are you saying that Facebook's website owners "have not been on the site and appears to have not done any up grades in over a year?" That's what it seems like you're saying, but that doesn't make any sense. |
|
|
|
Posted: 3/1/2024 9:30:54 AM EDT
[#14]
Quote HistoryOriginally Posted By number40Fan: Get rid of Norton. This. Norton is notoriously horrible virus software |
|
|
|
|
Posted: 3/1/2024 1:52:57 PM EDT
[#15]
Quote HistoryOriginally Posted By Gunner226: I have concerns about this paragraph, that I think some other people have missed. Are you talking about Facebook's "new user sign up sheet?" Are you saying that Facebook's website owners "have not been on the site and appears to have not done any up grades in over a year?" That's what it seems like you're saying, but that doesn't make any sense. This a totality different website from Facebook. The sites name is Swapbot. The idea for the site is swapping stuff from one person another. There is a section swapping art that you have drawn yourself. That is the website where the owners have apparently not done any regular site maintenance for over a yr. I know people have tried to buy the site but the owners have declined or not responded to the offers. |
|
|
|
|
Posted: 3/8/2024 3:57:37 PM EDT
[#16]
Well the wife did it again. Now she has learned not to follow links. Just got her pc up and working again.
She knows exactly what she did and followed a link from facebook right to a locked up pc.  I think she will listen now. |
|
|
|
TX, USA
|
Posted: 3/8/2024 4:30:26 PM EDT
[#17]
you create an admin account, drop her access to standard user so she can run executibles from her account.
that will slow it down or stop it. too many people running admin accounts when they don't need it. |
|
|
|
Posted: 3/8/2024 6:45:10 PM EDT
[#18]
I don't think the OP's wife is actually getting ransomwared. That term usually means all your files get encrypted and you are forced to pay ransom in crypto to get the key to decode your own files.
I think what is happening here is malicious websites popping up a scary sounding window that cannot be easily closed, usually via a javascript exploit. You can very easily prevent these by using a better web browser such as Brave and set the security level to the highest setting. You can also use various plugins on other browsers to increase their security in order to not allow this sort of stuff. If you pony up for the Malwarebytes Pro subscription they have a web browser plug-in that will prevent this as well. But you can do the same thing for free with other software. |
|
|
|
|
Posted: 3/8/2024 7:02:58 PM EDT
[#19]
Which browser is she using? I've seen a few extensions that would re-direct users, and could be sending the user to a site that cannot be exited without closing the browser.
|
|
|
|
|
Posted: 3/8/2024 7:30:41 PM EDT
[#20]
ESET is what you want
|
|
|
|
Win a FREE Membership!
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.
