I'm know we're screwed, but are we dead?

[H2S]

Five days ago our computer (2008 Toshiba Satellite A505) suddenly went berserkoid...
beeping noise, flashing subscreens, something's really wrong alert-type shit...
nothing I did (control/alt/delete shutdown, ESC, etc what few things I thought might work) worked...

was a "Windows" insert window flashing - said call: 855-912-6344 to FIX THIS PROBLEM...
called the number...
got Indian Sub-Continent voice identifying itself as Authorized Tech Support for Windows...
assured me he could help fix the problem...

five minutes later, after showing me the vast extent of our system's failures (6,000+ problems) the voice said: "We can fix this problem for one year for only $149..."

Ransomware? {insert: silent berserkoid screamstream "FUCK! FUCK! FUCK! FUCK!" here} I said something like "get off my computer." The voice said "sorry, we'll disconnect" and left.

That night I downloaded Windows 10...v'been trying to figure it out ever since.

This morning I hit the Norton Utilities button CLEAN REGISTRY...identified 21 problems (2 file extensions, 7 Custom Controls and 12 HKEY_LOCAL_MACHINE - 19 of which were High Priority)...have always simply tapped the REPAIR button to FIX all the problems...did so - got a recap saying: 2 Problems Repaired/19 Problems Ignored. OMFG!

I've stayed completely away from our online banking, credit card, insurance and mortgage account websites since I apparently gave over control of my computer to a stranger five days ago.

Can any of this stuff be reversed, salvaged, rescued?
I'm not very optimistic...but then, stupid shits don't deserve to be optimistic, do they?

Any advice tailored for a stupid shit's comprehension would be greatly appreciated.
thank you

 

[WizardHawk]

There are tons of free apps for cleaning malware/infections, however not all of them can clean every type of infection and there may be some that slide through all of them, or at least it's possible.

I would immediately make sure anything important is backed up off that computer. Every picture and spreadsheet/word/etc you care about copied somewhere not on that computer.

If you are really concerned about your private records the safest thing to do is a full reformat/reinstall of your operating system and software. While that may be a huge pain in the ass, it's really the surest way to remove anything they have left behind. Do you have a recovery partition on that machine? If so then the process is as easy as copying all of your data off to an external hard drive, using the recovery feature to reset your computer, reinstall any software you use, and move your data back over.

If you are really not wanting to do that, then start by downloading the free version of malwarebyte's anti-malware and run a full scan with it. You would be best served to download it from a different computer and install it while not connected to the internet. While you are at it download Malwarebyte's antirootkit beta and run that as well.

Of course it would not be wise to log into any web site or program until you are sure your machine is clean. In fact, every moment your computer is online is a chance they are scanning your machine, using it as a zombie to attack others, and/or are encrypting your pictures and data files to hold you ransom to pay to get them back.

There are other free apps people will suggest and all of them have a chance of catching something MAM and MAR don't, but those two alone have a substantial chance of finding and cleaning anything those assclowns left behind.

 

[H2S]

thank you @WizardHawk ...

I downloaded Malwarebyte's anti-malware, antirootkit beta and registry assassin, then left the net...ran anti-malware - which detected and subsequently quarantined/removed 1,361 problems...when puter rebooted I tried Norton Registry Cleanup again - this time I got 24 threats, hit REPAIR, got 5 repaired and 19 ignored...

I can't figure the rootkit beta stuff at all, don't know what to open, what to do with the file...and
pretty much the same with the registry assassin file, so far. I think it comes down to Custom Controls (Registry), which I don't know how to get back...

guy had me hold the windows key and hit the space bar, then a bunch of OKs after that (giving him remote control of the computer); I feel like I'm tied down to a slab in some ransomware abattoir...

frustrating, being stupid

 

[HaroldSeattle]

Tell me do you got a bunch of stuff you need to save on this computer? Lot of personal stuff you can use Dropbox or google plus for to store. Pretty easy to use the hidden partition to give yourself a clean machine.

 

[Thruthefog]

Don't you have a guy? I have a guy.

 

[dp_broncos]

Five days ago our computer (2008 Toshiba Satellite A505) suddenly went berserkoid...
beeping noise, flashing subscreens, something's really wrong alert-type shit...
nothing I did (control/alt/delete shutdown, ESC, etc what few things I thought might work) worked...

was a "Windows" insert window flashing - said call: 855-912-6344 to FIX THIS PROBLEM...
called the number...
got Indian Sub-Continent voice identifying itself as Authorized Tech Support for Windows...
assured me he could help fix the problem...

five minutes later, after showing me the vast extent of our system's failures (6,000+ problems) the voice said: "We can fix this problem for one year for only $149..."

Ransomware? {insert: silent berserkoid screamstream "FUCK! FUCK! FUCK! FUCK!" here} I said something like "get off my computer." The voice said "sorry, we'll disconnect" and left.

That night I downloaded Windows 10...v'been trying to figure it out ever since.

This morning I hit the Norton Utilities button CLEAN REGISTRY...identified 21 problems (2 file extensions, 7 Custom Controls and 12 HKEY_LOCAL_MACHINE - 19 of which were High Priority)...have always simply tapped the REPAIR button to FIX all the problems...did so - got a recap saying: 2 Problems Repaired/19 Problems Ignored. OMFG!

I've stayed completely away from our online banking, credit card, insurance and mortgage account websites since I apparently gave over control of my computer to a stranger five days ago.

Can any of this stuff be reversed, salvaged, rescued?
I'm not very optimistic...but then, stupid shits don't deserve to be optimistic, do they?

Any advice tailored for a stupid shit's comprehension would be greatly appreciated.
thank you

If you want, hit my website, and I'll give you a hand cleaning it up.

www.cleanourcomputer.com

Let me know when to look for it (don't pay, just send the info).

 

[H2S]

@dp_broncos ... appreciate your offer to help.
I'm using my wife's laptop right now, figuring mine is pretty much a lost cause, but...
if you don't mind, I'll fire the Toshiba up on Monday at noon (Eastern) and pop in to your site immediately thereafter...

I did try REGISTRY ASSASSIN on Thursday night...targeted the 7 Custom Control threats that Norton couldn't repair/delete...
found one of them (HKEY_CLASSES_ROOT\CLSID\{E8FB8621-588F-11D2-9D61-00C04F79C5FE}\LocalServer32)...
REGISTRY ASSASSIN could not kill it.



it's almost like, seems to me, that I GAVE AWAY CONTROL OF MY COMPUTER, and that, to get it back, whoever took it from me would have to give their consent, somehow. if there is a chance, though, that I might regain control (and necessary protections) I want to try. If your offer still holds, I'll drag that diseased carcass to your place on Monday...if you'd like to back out (I wouldn't blame you, haha) just let me know.

 

[Ojb81]

Combofix. Its free. It works. Get it downloaded on a virus-free thumbdrive from another computer, and then run it on yours.

Oh, and...just one more thing......Dont use unreputable p_o_r_n sites

 

[WizardHawk]

thank you @WizardHawk ...

I downloaded Malwarebyte's anti-malware, antirootkit beta and registry assassin, then left the net...ran anti-malware - which detected and subsequently quarantined/removed 1,361 problems...when puter rebooted I tried Norton Registry Cleanup again - this time I got 24 threats, hit REPAIR, got 5 repaired and 19 ignored...

I can't figure the rootkit beta stuff at all, don't know what to open, what to do with the file...and
pretty much the same with the registry assassin file, so far. I think it comes down to Custom Controls (Registry), which I don't know how to get back...

guy had me hold the windows key and hit the space bar, then a bunch of OKs after that (giving him remote control of the computer); I feel like I'm tied down to a slab in some ransomware abattoir...

frustrating, being stupid

The rootkit beta is kind of self explanatory. Run it, tell it to scan all, and leave it alone for about a half hour or so. It will seem to be stuck, or at least not show that it's doing anything. Just leave it running. It will eventually finish and tell you what it found.

Rootkits are particularly pesky.

The problem with malware is they often install other malware after they take hold. Many attempt to lock out your ability to clean them. Be weary of snake oil salesmen telling you they can fix it for a price or people looking to sell you some kill app that promises to fix it all.

It is possible to entirely scrub a machine, don't get me wrong, but given the ever changing landscape of the malware game it can be difficult to know for sure nothing is left behind. After all, they are changing these things daily.

I do scrub some of ours that come up with infections, but we also have the luxury of simply going back to an earlier image that is known clean. Just a quicker version of telling you that the very best response is a clean OS install.

No one wants to hear that they need to reformat their HD and start over, but it beats having any worry over what happens if not every bit of it is actually cleaned.

As for the ones that will not repair in various tools, look them up online (again, from a non infected machine) and see what info there is out there on them.

 

[dp_broncos]

@dp_broncos ... appreciate your offer to help.
I'm using my wife's laptop right now, figuring mine is pretty much a lost cause, but...
if you don't mind, I'll fire the Toshiba up on Monday at noon (Eastern) and pop in to your site immediately thereafter...

I did try REGISTRY ASSASSIN on Thursday night...targeted the 7 Custom Control threats that Norton couldn't repair/delete...
found one of them (HKEY_CLASSES_ROOT\CLSID\{E8FB8621-588F-11D2-9D61-00C04F79C5FE}\LocalServer32)...
REGISTRY ASSASSIN could not kill it.



it's almost like, seems to me, that I GAVE AWAY CONTROL OF MY COMPUTER, and that, to get it back, whoever took it from me would have to give their consent, somehow. if there is a chance, though, that I might regain control (and necessary protections) I want to try. If your offer still holds, I'll drag that diseased carcass to your place on Monday...if you'd like to back out (I wouldn't blame you, haha) just let me know.

Sounds good, I'll watch for you at 12ESt!

 

[H2S]

Sounds good, I'll watch for you at 12ESt!

hey amigo, my apologies...

I just now got off the phone and web with the 4th Norton Tech of the day, since about 11am eastern this morning. They've all had a great time, remote controlling this disaster into and out of their specialty departments' specialties (all recorded, with my permission, of course, for training purposes). I was assured by one and all, at the end of their sessions, that everything is great...that anything remaining a concern is surely "somebody else's fault." (like the Norton installed program performance tech who said the notice in red -LOW SYSTEM PERFORMANCE/Scan Registry- was NOT due to Norton Utilities' inability to repair/delete high threat Registry Issues -which weren't really issues at all so the man said, even though they keep popping up ignored and unrepaired- but rather an indication of weak Microsoft Windows issues that should magically resolve themselves at the next turning of the tide, or routine update installations)...

pfft

so, anyway, I've been given a clean bill of health and can be as profligately unconcerned about my security as I was just a month ago, again...
reminds me of the cardiologist who told me, just two weeks after I took a jolt to defibrillate a fluttering atria, that I was "PERFECTLY NORMAL."
(guy was worth every nickel he charged)

oh, and btw re: charges?...everything today was gratis, part of the super-premium blowjobs-included protection Norton package we've been paying on and automatically nenewing for years.