Jump to content

Recommended Posts

I got an email from a hacker saying my computer was infected with a virus from a site and plans to dump my info in 48hrs unless i pay bitcoin. I usually discard this type of emails, but here is the thing. He sent it from my own email account (or at least it seems that way), and 2 he does have a very old password that I used at one point (i checked my files and no longer use that pwd).

Below are the results from the Malwarebytes scan and from the Fabar.
What other steps should I take?
Use a different computer until I finish cleaning?
Change all my pwds or wait until the virus is cleared to do that?
Clear all pwds from browsers?
etc...

Thanks.

 

MalwareTextFile.txt

FRST.txt

Addition.txt

Link to post
Share on other sites

RE:  Got strange threating email.

I don't know if the actor who sent the email is the original "hacker' but it is more likely that a hacker obtained your credentials and then sold it at some place that trades, sells or barters such content.

It's a scam and many have received such emails in hope that some "mark' will respond and pay the fee.  This is not indicative of an infected computer.  In fact, the old password that was detailed could be the result of a Email Server breach or falling for a Phish.  Neither are a result of malware on your PC.

Deleting the email and performing a cursory anti malware scan are the prudent things to do.

Edited by David H. Lipman
Spelling, Grammar and Clarification
Link to post
Share on other sites
1 minute ago, David H. Lipman said:

RE:  Got strange threating email.

I don't kn ow if the actor who sent the email is the original "hacker' but it more like that a hacker obtained credentials and then sold it at some place that trades, sells are barters such content.

It's a scam and many have received  such emails in hope that some "mark' will respond and pay the fee.  This is not indicative of an infected computer.  In fact, the old password that was detailed could be the result of a Email Server breach or falling for a Phish.

Deleting the email and performing a cursory anti malware scan are the prudent things to do.

Thank you sir. I agree that it is probably a server breach because that email account is from hostgator where I have hosting. Did you look at the logs I attached?
Again, thank you

Link to post
Share on other sites

Nothing else from my end.  I ran the 2 programs listed in the thread and was just waiting on feedback from the experts.  I did change my passwords, performed a disk cleanup, and backup of important data. I also ran windows defender again and that was clean.

If there is anything else you suggest I am all ears and ready.

Thank you

 

Link to post
Share on other sites

Yes.

I don't know what that Certificate is.

Who/What is FWF60E4Q16015342 ?

What is the Certification Path and what are the details ?

Seeing that is valid from 2016 --> 2038 is it a self signed certificate for the PC for some encryption purpose  ? 

It is basically indicating that the certificate for some site can't be determined.  It look like a self signed certificate and there is no Certificate Authority to vouch for it.  Such as generated by your PC.

If you are concerned, don't allow it to proceed.

Edited by David H. Lipman
Spelling, Grammar and Clarification
Link to post
Share on other sites
19 minutes ago, David H. Lipman said:

Yes.

I don't know what that Certificate is.

Who/What is FWF60E4Q16015342 ?

What is the Certification Path and what are the details ?

Seeing that is valid from 2016 --> 2038 is it a self signed certificate for the PC for some encryption purpose  ? 

It is basically indicating that the certificate for some site can't be determined.  It look like a self signed certificate s there is no Certificate Authority to vouch for it.  Such as generated by your PC.

If you are concerned, don't allow it to proceed.

I didn't get any more details expect it had something like fortnite.net (i dont play fort nite).
I did say no. I do notice my PC is having trouble connecting to the espon scanner so it might have been that?
I will keep you posted if I see any other strange things.
Thanks again.

Link to post
Share on other sites

Do you mean "Epson Scanner' as in an Epson Printer+Scanner+Copier ?

If YES then it is not associated with this Software Certificate issue and one is not needed nor used in the process.  If you can Export the certificate, place it in a ZIP file and attache it I'll take a look at the certificate.  If not, it is no big deal.  It was purely an informative message and not a message of an actual problem.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.