Hehoo

Ok, will do this and come back to you 🙂

(why does the post-thing keep posting my text when I want to just enter to go the next line?) I maybe could use some screening, just to make sure, it's been a while since I thoroughly cleaned the system

So after my first fright I calmed down and realised that it must have been scam. And actually it looks quite convincing, it would certainly work with people who are more 'controlable' or who react quicker without reflecting.

Thanks, after my first reaction I realised that too, because one of the things that don't add up is that real ransomware does not warn beforehand but immediately blocks. I already decided that changing passwords (why not, never a bad idea) and run a viruscheck was ok to check and that should be enough (and hey, if somebody would have control let them proof it by sending my pictures to my friends) but then I saw those weird zip-files and I wondered what they were.

Sorry, I took the wrong ones so I had to delete them. These are the correct logs. The screenshot is in the first post.

I am cleaning up my mailbox so I have my preview-window open to see which messages I can delete. But this morning I forgot to shut it down (I normally do) and ofcourse, Murphy's Law, I got a mailmessage telling me that somebody has all my details, passwords, etc and put something on my pc so he can take over control. Unless I pay. I made a screenshot and immediately closed the mail and deleted it. Didn't click any link or something. But now I'm freaking scared. I immediately let Bitdefender check my full system, which at first didn't want to continue scanning but finally it did. BD found files protected with passwords, zipfiles in the systemfiles. They are all in the drivers-directory, all rtkhdasetting.zip files. see attached printscreen Also I see that on the 1st of August my Bitdefender has blocked repeated attempt to acces from a site, 6x within one minute, from 2286.userly.net. No idea what I was doing at that moment, if even I did do something. Was I really targeted by ransomware or was somebody just trying to scare me enough to pay out (which ofcourse I won't)? Can you check my system? Logs as requested enclosed Thank you!!! Addition 20230803.txt FRST 20230803.txt Malwarebyte log 20230803.txt