Jump to content

Ransomware with extensions specified as .mlza has infected my computer

xZero

By xZero
in Resolved Malware Removal Logs

 Share
Go to solution Solved by Maurice Naggar,

Recommended Posts

xZero

xZero

Posted
Posted

Hi there. It seems that I have been too careless and ran an unfamilar executable on my computer. It took time for me to realize that it was ransomware. At first, it encrypted all of my files and it had .mlza extensions.

I deleted all of my files in my HDD (they were not that important) because I thought deleting the files in there was a solution. I deleted sensitive files on my C: drive but my windows files are still intact.

I was trying to look for solutions to remove the ransomware, it told me to look for anti-viruses software but the malware itself is preventing me from accessing the anti-virus websites. Can you please help me?

 

There is also a note from the ransomware that took over my pc: See attached image

rn_image_picker_lib_temp_d98c7696-cbbc-4cf0-9179-a0ea48f75711.jpg

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted
11 minutes ago, xZero said:

I was trying to look for solutions to remove the ransomware, it told me to look for anti-viruses software but the malware itself is preventing me from accessing the anti-virus websites. Can you please help me?

Sorry to hear your system may have been attacked by Ransomware and encrypted your data

In most cases if you do not have clean backups of your data then you may have lost access to your data permanently

We can assist with computer cleanup if you like but if you want to verify if you're able to get your data back then I would suggest you visit the following site.

Sign up for a forum account on BleepingComputer and follow the directions from these topics.


Ransomware Help & Tech Support
https://www.bleepingcomputer.com/forums/f/239/ransomware-help-tech-support/

How to Post a Topic Asking for Help With Ransomware
https://www.bleepingcomputer.com/forums/t/608844/how-to-post-a-topic-asking-for-help-with-ransomware/


ID Ransomware - Identity What Ransomware Encrypted Your Files
https://www.bleepingcomputer.com/forums/t/608858/id-ransomware-identify-what-ransomware-encrypted-your-files/

https://id-ransomware.malwarehunterteam.com/

  • Thanks 1
Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Hello @xzerozal Saddened to read that your machine is a victim of a encrypting ransomware. Understand, that after the ransomware has done its goal of encrypting user files, that once done, it then it will "self-delete". The booger is gone. But your user files are encrypted. And it leaves behind several ransom notes.  Malwarebytes has no "decrypter". I am curious to know just what you removed when you said 

Quote

I deleted all of my files in my HDD

 

  • Thanks 1
Link to post
Share on other sites
xZero

xZero

Posted
  • Author
Posted

I probably deleted my documents and games, everything in the HDD is deleted (except for the hidden files, which I haven't checked yet and the HDD is still functioning). I deleted my files to make sure he won't be stealing data any further. I'd prefer to take the full cleanup procedure to be safe. I have a 2TB HDD and an SSD (I assume that both drives are infected since I ran it from the HDD). Please guide me

Link to post
Share on other sites
  • Solution
Maurice Naggar

Maurice Naggar

Posted
  • Solution
Posted

This link is a comprehensive guide on how to clean-install Windows O S

Clean Install Windows 10 & 11 (2023)
https://answers.microsoft.com/en-us/windows/forum/all/clean-install-windows-10-11-2023/1c426bdf-79b1-4d42-be93-17378d93e587

  • Thanks 1
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

A clean install of Windows is great, but personally I would not recommend using an Online Microsoft account as they advise. At least read about the pros and cons.

 

Please review the following topic

Bypass Microsoft Online Account Creation during installation of Windows 11
https://forums.malwarebytes.com/topic/296613-bypass-microsoft-online-account-creation-during-installation-of-windows-11/

 

  • Thanks 1
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

You're quite welcome. Once you get Windows installed cleanly you can grab us some new logs and we'll double check on the system and let you know what we find

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

Thank you

 

 

  • Thanks 1
Link to post
Share on other sites
xZero

xZero

Posted
  • Author
Posted

Addition.txtFRST.txt @AdvancedSetup here's the .txts as you requested! 

I managed to get a fresh start with the full reset. I've managed to successfully sign in on Local Administrator. Please tell me what apps I need to stay protected, I want to know the essential apps to prevent another ransomware attack or any kind of attacks [probably something free and effective]

Thank you for your help!
- Zero

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted (edited)
54 minutes ago, xZero said:

I managed to get a fresh start with the full reset. I've managed to successfully sign in on Local Administrator. Please tell me what apps I need to stay protected, I want to know the essential apps to prevent another ransomware attack or any kind of attacks [probably something free and effective]

Thank you for your help!
- Zero

# 1. Have Malwarebytes Premium ( on all your devices). Malwarebytes Premium would have STOPPED the ransomware.

# 2 Have Malwarebytes Browser Guard on each web browser.. 

( Next suggestion )


For each web browser, one at a time, see that each one gets the Malwarebytes Browser Guard. It is free, and adds a layer of protection.
See Support article how-to

See Support article how-to for Firefox

For the EDGE browser

Note: If the pc also has Opera or Brave or Vivaldi browser, you can install the Chrome version of the Malwarebytes Browser Guard ( on each as appropriate).
 

# 3. Do nou use "torrent: downloaders. And furthermore, and most important, do not fall for hacked / cracked games or applications whether free or low cost. These are the leading source of being a victim of ransomware. And if not that, then victimes get all sorts of malicious trojans.

Hidden risks in pirated software
https://news.microsoft.com/apac/2019/01/08/hidden-risks-in-pirated-software/

Why You Shouldn't Use Pirated Software
https://www.computer.org/publications/tech-news/trends/why-you-shouldnt-use-pirated-software

Torrenting & filesharing. Try to not do that, as a general security matter. All it takes is one malicious file to lead to tragedy & loss.
https://informationsecuritybuzz.com/articles/torrenting-know-risks-take/

DON'T FALL FOR THE MONEY-SAVING LURE OF CRACKED SOFTWARE
https://scambusters.org/crackedsoftware.html

4. Specific to this week. Yesterday was Microsoft Patch Tuesday.

I would highly suggest to insure that this pc is all up-to-date with security updates & cumulative updates on Windows. select the Windows Start  button, and then go to Settings  > Update & Security  > Windows Update . and click Check for Updates.
Have much patience.

I would be real sure to obtain the latest Microsoft Windows 10 security & cumulative updates.
Right now, the O S version is old Windows 10 Home Version BUILD 19045.2965 
Yours should be at Build 19045.3570

5. Practice safe computer usage & safe practices on the internet / web.

Consider using PatchMyPC, keep all your software up-to-date - https://patchmypc.com/home-updater#download

Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

SAFETY TIPS:

Backup is your best friend.  Keep backups of your system on a regular basis to offline storage & keep those safe. https://forums.malwarebytes.com/topic/136226-backup-software/

It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use.

Best  practices & malware prevention:
Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
First rule of internet safety: slow down & think before you "click".
Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).

Free games & free programs are like "candy". We do not accept them from "strangers".

Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

Use a Standard user account rather than an administrator-rights account when "surfing" the web.
See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html

Only using the Standard-access-level user account when surfing and downloading / installing would have been a tremendous way to prevent the infections of this machine.


Don't remove ( or change )  your current login. Just use the new Standard-user-level one for everyday use while on the internet.

 

Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

For other added tips, read "10 easy ways to prevent malware infection"  

 

Edited by Maurice Naggar
  • Like 1
  • Thanks 1
Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following to help you better protect your computer and privacy Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.