Jump to content

Cryptocurrency scam victim now computer infected


Recommended Posts

Hello 

I am victim of a crypto scam and may have inadvertently downloaded some suspected malware today. I tried to run malwarebytes but it would not even open up.

I have restarted my computer and was able to run the malwarebytes with rootkit detection on and it generated attached report.

the computer acted sluggish and had network issues after i realized i got scammed so tried to run malwarebytes and restart systems. 

please help. thanks

I suspect someone must have type of keylogger or something to gain access to my account. How can i detect and remove any such malware?

Malwarebytes Scan Report 2024-09-19 052147.txt

Link to post
Share on other sites

I tried running FARBAR but it keeps crashing. it will not respond when i run it. i selected Registry, services, drivers, scheduled tasks, processes, internet, one month. Then clicked scan. 

But it seems to crash after about 10 to 15 minutes and will not respond

 

Link to post
Share on other sites

  • Root Admin

Please start the computer into Safe Mode and run the Farbar scanner from there and attach back both new logs when ready and I'll check on you in the morning @ayclok76

 

 

Scan with Farbar Recovery Scan Tool
https://forums.malwarebytes.com/topic/306601-scan-with-farbar-recovery-scan-tool/

 

 

 

Link to post
Share on other sites

another thing I noticed is my wifi router started acting weird yesterday after the scam. it went out - I could connect to the router just fine but no internet access. I tried resetting the router even factory reset but the issue is still persisting.

Link to post
Share on other sites

Good news- so the ISP did some resetting and I factory reset the router so my home devices are able to connect to internet consistently now. 

The system does still seem sluggish and i want to ensure that there are no keyloggers or anything

Link to post
Share on other sites

  • Root Admin

Thank you for the logs.

Please run the following Microsoft AV scan.

 

 

 

Let's go ahead and run a couple of scans and get some updated logs from your system.

Please read the entire post below before starting so that you're more familiar with the process

[ 1 ]

Please make the following system changes.

  • Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed.
  • Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the scans are completed.
  • Disable-Fast-Startup
  • Show-Hidden-Folders-Files-Extensions

[ 2 ]

Microsoft Safety Scanner

I suggest a new scan for viruses & other malware. This may take several hours, depending on the number of files on the system and the speed of the computer.

The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. 

The download links & the how-to-run-the tool are at this link at Microsoft 

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

 

Look on the Scan Options & select the FULL scan.

Then start the scan. Have lots of patience. It may take several hours to complete.

  • Once you see it has started, take a long long break;  walk away.  Do not pay credence if you see some intermediate early flash messages on the screen display.  The only things that count are the End result at the end of the run and saved in the log.
  • The scan may take several hours.  Leave it alone. It will remove any other remaining threats as it goes along.  Take a very long break, do your normal personal errands .....just do not use the computer during this scan.

This is likely to run for many hours as previously mentioned  ( depending on the number of files on your machine & the speed of the hardware. )

The log is named MSERT.log  and the log will be at C:\Windows\debug\msert.log

Please attach that log with your next reply.

 

It is normal for the Microsoft Safety Scanner to show detections during the scan process.

It is scanning for basically all bread crumbs or traces of files and registry entries that "might" be or have been part of some infection or previous infection.

That DOES NOT mean the computer is infected. Once the scan has been completed it uploads the log to their Cloud service which then uses Artificial Intelligence to determine if in fact any of the traces are an infection or not.

Then it writes into the log on your computer what it found and did.

 

Thank you

 

Link to post
Share on other sites

Hello

I am scanning the computer now.

I tried to boot up my computer and move files onto my external hard drive but it would not recognize any of my hard drives. i tried a couple different ports and it doesn't see the drives. 

i am thinking it may be best to save my personal files and reinstall os start from clean slate. But it is hard to do since i can not copy over my files - my external drives are not even recognized in windows explorer nor device manager.

Link to post
Share on other sites

I am not sure i see the drive in my bios. it is a dell precision 5350 laptop running windows 11x64. 

I do see the NVME drive listed under boot option but not sure about external usb devices. It has 3 USB3 ports and i have

an USB to USB3 adapter hooked up but it is not reading the drives on there like it used to. Should i try uninstalling and reinstalling the usb hub and controller?

Link to post
Share on other sites

  • Root Admin

How many external USB drives do you have?

Go ahead and start Windows and keep the drive plugged in.

Then save the attached zip file to your system. Open the zip file and extract the batch file to your desktop or a new folder.

Then right click over the batch file and run with Admin rights. When done, please attach the log file it creates

DiskParInfo.zip

 

 

Link to post
Share on other sites

I have restarted the machine and ran the script in admin mode while my external usb drive is connected.

i have 2 external hard drives and an additional backup of data. the drives work fine - i tried hooking up and connecting to them on my android devices.

Link to post
Share on other sites

So i have 2 "usb hub"- 1 is a USB switch selector and the other is a 12 port usb hub. i normally have my external drive connected through my 12 port hub. and my mouse and keyboard are connected through the usb switch selector.

But when i connect the drive through the 12 port hub, the windows machine is not even making the chime sound it normally makes when hooking up a new device.

It does make the chime noise when i try using my usb switch selector but is still not visible in my file explorer nor do i see it in device manager. And then you can hear a disconnecting chime followed by reconnecting chime again and again. i am not sure what is wrong.

Edited by ayclok76
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.