The DU Lounge
Related: Culture Forums, Support ForumsALERT RANSOMWARE ATTACK
I clicked on the OP that contains a luckovich cartoon and immediately was hit with Ransomeware. My laptop is locked up. Damn.
What a mess.
madaboutharry
(41,005 posts)Was it the one Wrong Way Trump?
5X
(3,984 posts)If you have web page open that won't close, try ctrl+alt+del sign out if in windows 10, reboot.
Grasswire2
(13,641 posts)....which shows up on task manager as antimalware service executable.
It won't delete.
I'm a little afraid to just reboot.
The phone number (which I stupidly called thinking it was windows) has called me back multiple times.
5X
(3,984 posts)it won't hurt to reboot and you will have to at some point.
if this looked like a web page claiming to be from microsoft,
you should be ok after a reboot and cleanup.
Bernardo de La Paz
(50,265 posts)htuttle
(23,738 posts)Didn't notice any trouble on that. Maybe an ad it brought up?
Are you typing this from another computer, or a phone?
Grasswire2
(13,641 posts)Yeah, that was the one.
Dammit.
Panich52
(5,829 posts)hlthe2b
(104,818 posts)I too have to wonder if the OP didn't click on some ad (I don't see ads) or had another tab open that may have been the source....
Best of luck to the OP.
Bernardo de La Paz
(50,265 posts)I very much doubt the DU page or the cartoon had anything to do with whatever you are experiencing.
Bernardo de La Paz
(50,265 posts)You undoubtedly got it somewhere else and the time was coincidental.
But give us the main fact! Give us the link! I want to inspect. I can see what my computer is doing.
Bernardo de La Paz
(50,265 posts)With the broken image that you have to "View Image" to see properly? It's a Twitter image (pbs.twimg.com).
I can't detect anything wrong with it.
Must have been something you clicked prior to it.
Grasswire2
(13,641 posts)Come on.....be more patient! I was scrambling between a locked computer, an ancient computer, and looking for help with phone contact.
Bernardo de La Paz
(50,265 posts)Grasswire2
(13,641 posts)...something about a fake malware pop up
Bernardo de La Paz
(50,265 posts)CyberCrime & Doing Time: Fake Malware Pop-up Example
garwarner.blogspot.com/2018/06/fake-malware-pop-up-example.html
Jun 15, 2018 - That PHP code sent me to "orgeles-hantests.com" (52.72.0.63) which immediately did a meta refresh to another page on orgeles-hantests.com ...
Blog post: http://garwarner.blogspot.com/2018/06/fake-malware-pop-up-example.html
Did it give 855-786-3666? (Coincidentally note last 3 digits!)
Grasswire2
(13,641 posts)I stupidly called thinking it was windows help.
He tried very hard to keep me on the line, tried to give me some directions, and then called back multiple times after I hung up.
Incidentally, the file "antimalware service.executable can't be deleted.
Bernardo de La Paz
(50,265 posts)I'm not surprised you can't delete it, it is often a loaded service so it is "in use" . I have it running here.
Bernardo de La Paz
(50,265 posts)The rule: every file kept as three copies, one on each of three drives, with one drive kept offsite and rotated with the other backup drive periodically. Cloud storage counts as off-site but can be problematic restoring.
I keep my second copy in my safe deposit box and swap about once every six weeks. Guards against theft and fire. Francis Ford Coppola was backing up his computer every day at his winery in Chile and thieves stole the computer and the backup. He lost some scripts he had been working on 11 years.
I just had a failure three days ago of my big main data drive: music, email, software development, pictures, notes, saved political cartoons, over a TeraByte of data. Two days ago I ordered a drive delivered express. It arrived yesterday. Today I simply copied from my backup 3 TB drive all the data and this evening I'm fully operational with my full complement of data.
Grasswire2
(13,641 posts)that would be horrid.
This laptop is just a few months old. I don't have anything precious on it yet. Most stuff is still on my ancient computer or on thumb drives or memory cards.
I just don't want to be locked out. Hahahah.
Grasswire2
(13,641 posts)and server3.flowerpuffgirls....
Bernardo de La Paz
(50,265 posts)I didn't see anything on flowerpuffgirls that wasn't innocuous when googling.
Revanchist
(1,375 posts)Pony up the money for premium and you really won't have to worry about those sites again.
https://www.malwarebytes.com/