Jump to content

concerns over possible infection by an ““Interpol/FBI”” Ransom scam virus

Recommended Posts


I’m concerned about a possible infection by an ““Interpol/FBI”” Ransom scam virus, and would very much appreciate your advice.

1.   Thus far, I have NOT had any popups or offline notices whatsoever (as I’ve read are symptomatic), and am NOT locked out of my computer in any way – I’m just concerned; and have avoided restarting my PC until I get an All-Clear from you. I only encountered the scam letter once, for a few seconds, while surfing online with firefox.

2.   I immediately disconnected the modem, shut the browser, and ultimately even uninstalled firefox after running CCleaner. [i’m using Win 8.1 on a 64bit system].

3.   Since then, I’ve run the following programs (in this order, I believe), with a “better safe than sorry” attitude: 

    A.   Bitdefender Total Security (my resident, set for the deepest scans possible)
    B.   Bitdefender Programs: AntiCryptoWall; BootkitRemoval; Removal_Trojan_Ransom_IcePol;
    C.   Malwarebytes
    D.   RKill
    E.   RogueKiller

    F.   Junkware Removal Tool

    G.  AdwCleaner

4.   The only suspect findings were as follows: 

    A.   Malwarebytes detected: <key><path>HKU\S-1-5-21-1745969249-26260195-2738223308-1002\SOFTWARE\1ClickDownload</path><vendor>PUP.Optional.1ClickDownload.A</vendor><action>success</action><hash>e0cecd3ddbb088ae4a371465d430837d</hash></key>  [THIS ITEM WAS QUARANTINED AND THEN DELETED!]

    B.   RogueKiller detected: any number of IAT:Inl(Hook.IEAT) – all of them associated with chrome.exe.

    C.   Junkware Removal Tool detected and deleted: any number of things that might seem to a novice such as myself to be innocuous (attached).


    D.  AdwCleaner detected: several registry Keyes, pending to be deleted.


Maybe I was lucky, and I’m being overcautious in avoiding a reboot; but I as I said – I’d rather be safe than sorry… I’d very much appreciate your assistance in ensuring I am safe to use my PC.


My question is – are these legit Google Chrome Rootkits or is this a virus? Should they be kept? Should the registry items pending from the AdwCleaner scan be deleted too? Is there anything else I should do?


The various logs are attached below.

** Thanks very much in advance!!! **




Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.