I was Hacked!

[boleyd]

I have had a serious Hack. Despite Malwarebyte being installed the were abel to inject code that gives them complete comtrol. They demonstrated thrie abilities at destruction and then downloaded a mysterious software that they said would protect me form future attacks. The cash femand was $1399. Pay or they would destroy yhr OS and all files. The check has not yet cleared.

So does anyone know of someone who can clean the crap from my PC?
Western Pa 25 miles East of Pittsburgh. Route 22.
As with some others on here Trainz is a major entertainment and with no operating system it ain't workin.

Added question: I am on the Comcast network, So I got e Netflix box (modem and router) and it is now connected. Is that sufficient to "break the connection" to the scum. Is my network address now different? Is that sufficient so I can't be found??
Dependency on a PC ias a trap,if it does not work. Bank, drug store, savings, utilities, etc. become dependent on the internet because of the convenience. Like electricity it is becoming - essential.

 

[johnwhelan]

The best defense is to use separate accounts, work in a normal account and have an admin account if you need to install anything. Bank accounts etc just use a dedicated account.

Run win 11, back up regularly, I suggest win 7 backup once a week to a hard drive connected via USB c connector, I use a Ugreen case with a power switch, power it down between backups. refurbished data center 10 TB drives are cheap.

I'd just depend on Windows for antimalware protection and keep the operating system up to date with updates.

I'd suggest using a TP link router, you want one that has regular firmware updates but definitely a brand name costing $100 US. I like the AXE 75 but that's only because it has good range and will mesh using Easymesh and a length of Ethernet cable.

Basically if your machine has been compromised it will call home no matter what you do in changing network addresses. I'd reinstall windows keeping your old data files then reinstall any software you have installed.

Best of luck.

Cheerio John

 

[oldman777]

All viruses and ransomware are always on the system "C" partition only.

Download Avira AntiVir Rescue System free on an other , serviceable PC: https://support.avira.com/hc/en-us/articles/360007776058-Creating-and-using-Avira-Rescue-System
to install on a USB flash drive and then boot from it. It might help.

Or if there is nothing important on the system "C" partition, then it is better to format the partition and install the OS again. I can explain in detail how to do this.

 

[Forester1]

I generally would rely on backups, and I would trash my system, reformat, and reinstall Windows and everything else. I wouldn't give those guys a nickel!

 

[boleyd]

My network address no longer exits. I switched carriers under a different name. Therefore, (I think) the scum can no longer find my PC. Unless there is some ID floated on the Internet that now points to me by name . Since the new access is not owned by me that is not likely. Canceled the check and began reporting to the various agencies - for statistics but probably no actions.

 

[boleyd]

My network address no longer exits. I switched carriers under a different name. Therefore, (I think) the scum can no longer find my PC. Unless there is some ID floated on the Internet that now points to me by name . Since the new access is not owned by me that is not likely. Canceled the check and began reporting to the various agencies - for statistics but probably no actions. If anyone can think of a way my new internet server can be traced to me let me know.

 

[johnwhelan]

My network address no longer exits. I switched carriers under a different name. Therefore, (I think) the scum can no longer find my PC. Unless there is some ID floated on the Internet that now points to me by name . Since the new access is not owned by me that is not likely. Canceled the check and began reporting to the various agencies - for statistics but probably no actions.

What usually happens is a bit of software on your machine will wake up and connect to a web site passing your new network address in passing. Changing your network address is unlikely to add any protection.

Cheerio John

 

[boleyd]

Then, is there any way to prevent the scum from regaining control with their software that probably still exists in my system. The malware programs seem unable to find it.

So the crooks have the upper hand. They seem to be impervious and will do as they please.
There are thousands of dollars of software claiming to protect but with so many chunks of software on the Dark Web for infiltration and damage, the public seems to be caught with no solutions. I can say that one of their pieces of code is currently running on my PC WITH the scammers software waiting to take over the unprotected Microsoft software, AKA OS, if they can locate me. I can't find someone to clean the junk out. The geek squad sems to be weak with a terrible website. I plan on dumping Malwarebytes in favor of a more expensive product. You can't trust the sites that allegedly test the stuff "for free". They collect un-booked fees.

A smart scammer would say I am not worth pursuing and move on to new fertile ground.. But these people have overactive egos and rationality is limited. They will risk wasting time, allocated for new scams, to just make sure the nasty customer suffers. So, if I can't find a cleaner next will be a new PC with the most expensive scanning software. This relies on the "you get what you pay for" algorithm".

If someone knows of a good PC cleaner I would appreciate a reference.

 

[Forester1]

The malware programs seem unable to find it.

EDIT. Sorry, rather a dumb post given the OP, which I have re-read.

 

[ricomon35]

Then, is there any way to prevent the scum from regaining control with their software that probably still exists in my system. The malware programs seem unable to find it.

So the crooks have the upper hand. They seem to be impervious and will do as they please.
There are thousands of dollars of software claiming to protect but with so many chunks of software on the Dark Web for infiltration and damage, the public seems to be caught with no solutions. I can say that one of their pieces of code is currently running on my PC WITH the scammers software waiting to take over the unprotected Microsoft software, AKA OS, if they can locate me. I can't find someone to clean the junk out. The geek squad sems to be weak with a terrible website. I plan on dumping Malwarebytes in favor of a more expensive product. You can't trust the sites that allegedly test the stuff "for free". They collect un-booked fees.

A smart scammer would say I am not worth pursuing and move on to new fertile ground.. But these people have overactive egos and rationality is limited. They will risk wasting time, allocated for new scams, to just make sure the nasty customer suffers. So, if I can't find a cleaner next will be a new PC with the most expensive scanning software. This relies on the "you get what you pay for" algorithm".

If someone knows of a good PC cleaner I would appreciate a reference.

@boleyd >>> Look at ESET Internet Security. I've been using the subscription version for many years. Excellent product.

You can install a 30 day trial. It's the full version, nothing missing >>> https://www.eset.com/us/home/internet-security/

Best price I can find for 1 device, 1 year is at Walmart right now. > https://www.walmart.com/ip/ESET-Int...622698842?wmlspartner=wlpa&selectedSellerId=0
Don't buy directly from the ESET website. It's always full retail there.


Rico

 

[HPL]

First step once the OS is installed: process a full backup (AOMEI, Acronis...) of the drive it is installed on (generally C) and create a bootable device; don't forget to make backups after each "big" OS update. Then save your data (FreeFileSync, AOMEI, SyncBack...). All backups on external devices.

 

[boleyd]

Maybe a dumb question, but have you tried Malwarebytes? They not only scan the file system, but they scan the active memory for anything resident and they have you reboot so they can monitor the boot process. All in the free version. The paid version has real-time monitoring, but I don't know how much processing that takes.
EDIT: They also now include a browser extension that guards against nefarious websites.

The saga goes on. MalwareBytes was running when I was hacked. Useless software. I Installed Norton seem to have a bettere "rating". Of course, anyone can get a "better rating" by paying money to the rating site. More crooks. I need to find a reputable "cleaner" but my trust is at a very low ebb. Everyone looks like a crook now.

 

[boleyd]

The problem now is sheer paranoia. All the sites that offer technical help look like crooks. Fancy web page, but after an upfront fee NO guarantees of action and they are already sending their hacking software to my IP to allegedly check my system.. Right now this is the only site on the web where I have trust.

 

[boleyd]

@boleyd >>> Look at ESET Internet Security. I've been using the subscription version for many years. Excellent product.

You can install a 30 day trial. It's the full version, nothing missing >>> https://www.eset.com/us/home/internet-security/

Best price I can find for 1 device, 1 year is at Walmart right now. > https://www.walmart.com/ip/ESET-Int...622698842?wmlspartner=wlpa&selectedSellerId=0
Don't buy directly from the ESET website. It's always full retail there.


Rico

Problem is that I am already hacked. It seems that this product is only for pre-hack protection?

 

[PhilChorusch01]

Malwarebyte

1) Uninstall this crap, if you are paying for it. It's completely useless!
2) Restart your computer
3) Disable System Protection
4) Let Windows Defender do its complete scan then choose the actions to delete the viruses, malware and more
5) After the scan is completed and you have allowed Windows Defender to delete using the "Remove" option for viruses and malware found on your pc
then go to Virus & threat protection "manage settings" choose add or remove exclusions, and REMOVE EVERYTHING from that list.. I wished Microsoft never added this mongrel feature.
6) Run the complete scan again, choose the options to Remove for all viruses and malware found on your pc
7) Restart your computer

 

[boleyd]

1) Uninstall this crap, if you are paying for it. It's completely useless!
2) Restart your computer
3) Disable System Protection
4) Let Windows Defender do its complete scan then choose the actions to delete the viruses, malware and more
5) After the scan is completed and you have allowed Windows Defender to delete using the "Remove" option for viruses and malware found on your pc
then go to Virus & threat protection "manage settings" choose add or remove exclusions, and REMOVE EVERYTHING from that list.. I wished Microsoft never added this mongrel feature.
6) Run the complete scan again, choose the options to Remove for all viruses and malware found on your pc
7) Restart your computer

I like the idea of letting the System Virus stuff to find this and then delete it. The Disable Syatem Protection - how do I get that option to come-up??

 

[PhilChorusch01]

The Disable Syatem Protection - how do I get that option to come-up??

Start Menu | Windows System | Right click on This PC then choose Properties
On the right you should see System Protection, click on Configure and choose disable for the selected drive

 

[wreeder]

First calm down. You may be simply a victim of an extortion attempt. If you can still use your computer then it is unlikely that the "hackers" achieved anything but causing scary messages to appear on your screen. This really sounds like a variant of the Microsoft called me and told me my computer was infected scam. Check with the better business center in your area for computer repair companies with good reputations. Antivirus and Antimalware software works by scanning for know examples of viruses and malware. If it is totally new they won't spot it. But they may warn you if you are doing something dodgy like visiting shady websites.

I know a lot of scams but one that accepts checks is a new one on me.

 

[boleyd]

OK, Geek Squad hopefully cleaned things. Two steps. I worked with the local person to help with file identification so he did not delete "my stuff". Then the headquarters took over and did a computer scan against known issues. Took 3 hours. Waste of time OR we will see. A few glitches such as Trainz password was deleted. They must have thought that the code from 2019 was suspicious. I have no idea why I was targeted. When you become older your focus tends to look inward and what is on a PC is a massive trove of entertainment. It becomes a part of a daily routine. Taking it away is quite traumatic. Thankfully Trainz runs without the internet.

So thanks to all for your suggestions and sentiments' .

TIP: Bank Checks - Sat in the bank and the assistant manger says that by using the two numbers (routing and account) on the check, crooks can get to your account. I did not believe it until I sat in the bank and heard it. Be careful who you send CHECKS to......

 

[JCitron]

What did Geek Squad find with its 3-hour scan if they found anything at all? To be on the safe side, I recommend changing passwords for all important accounts you access from your computer. As always, use complex passwords and if possible 2-part authentication such as a password plus email or phone call code to log in to accounts. They can be inconvenient but they do work. If you have difficulty coming up with complex passwords, you can use Notepad++ to generate them using the Random values plugin.

Microsoft has a low-level antivirus scanner. When you enable the scan, the PC restarts into a screen with a command prompt only and runs the scan. The process can take quite a long time if you have lots of data and large hard drives.