Got hit with ransomware after downloaded & installed Win 10

August 1, 2015 at 18:17:41
Specs: Windows Vista
I have downloaded windows 10 on my laptop and it sucks. I can't find my favorites and now when I tried to go on facebook . a caption came up that said a possible virus detected to protect your safety we have temperarily limited your use of your browser call 855-382-0582 now. I did and the recording of their engineers are all busy please hold. I did for 30 minutes and it went dead.

How can I get back online and delete this virus?

See More: Got hit with ransomware after downloaded & installed Win 10

Report •

August 1, 2015 at 23:36:28
Here are the first 2 steps, there will be more steps needed, after I see the results of these logs.

Run them in this order.

Step 1: Run AdwCleaner
Author's site
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Clean.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please Copy & Paste the contents of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step 2: Run Junkware Removal Tool
Malwarebytes Acquires Junkware Removal Tool
Download Junkware Removal Tool onto your Desktop. If your default download location is not the Desktop, drag it out of it's location onto the Desktop.
Warning! Once the scan is complete JRT will shut down your browser with NO warning.
Shut down your protection software now to avoid potential conflicts.
Temporarily disable your antivirus and any antispyware real time protection before performing a scan.
Click this link to see a list of security programs that should be disabled and how to disable them.
Run the tool by double-clicking it. If you are using Windows Vista or Windows 7/8, right-click JRT and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved onto your Desktop and will automatically open.
Copy and Paste the contents of the JRT.txt log please.

Report •

August 2, 2015 at 00:56:39
Check you telephone bill! This maybe a "business" line that charges high rates per minute.

Where did you download windows 10 from?

Report •

August 2, 2015 at 01:34:04
There seem to be a lot of scams associated with 855-382-0xxx numbers:

Where did you get the windows 10 download? An MS download wouldn't have had embedded malware.

Don't bother calling that number. Just download the files Johnw links to, copy them to a portable media and run them on the infected computer.

Report •

Related Solutions

August 2, 2015 at 04:01:11
"copy them to a portable media and run them on the infected computer"

Thanks DAVEINCAPS, I missed saying that.

Report •

August 2, 2015 at 06:29:36
As the others have stated, the phone number is a scam, which means your system is most likely infected. You listed your OS as Vista. There is no direct upgrade path from Vista to Win10, at least not thru the free upgrade method, so I'm guessing you downloaded the Win10 ISO from somewhere? If so, it was probably from an unreliable source.

Report •

August 2, 2015 at 11:10:27
There's an email scam doing the rounds that claims to provide a link to Windows 10 but actually it encrypts your disk. Perhaps the OP fell for that. I'm not sure there's a lot you can do about it. But surely no-one upgrades their OS without first making sure they have workable backups of any important data?

Never believe anything you read in an unsolicited email (or snail mail or telephone call or text message). The world is full of people trying to part you from your money.

Report •

August 2, 2015 at 14:35:11

I believe the link above is what ijack in Post 6 is talking about. Is this what happened to you?


message edited by XpUser

Report •

September 26, 2015 at 18:31:24
download puppy linux, ram boot ur pc, and check if everything including your data is safe. if it is, go on and remove ur C drive, or the drive when your windows is installed. remove it and then install back windows from scratch. SAFEST way to get rid of ransomware if your files arent encrypted.

Report •

September 26, 2015 at 20:01:01
Please note that this post is from early August and the OP has not answered a single reply. We have to assume that they either solved it through a factory restore or paid someone to fix it for them.

You have to be a little bit crazy to keep you from going insane.

Report •

October 1, 2015 at 16:19:06
Never ever ever call a number that pops up and saids you are infected. I have had the chat thing come up before and I played around with them then told them they were a scam. They got mad and disconnected the chat. But never ever call. I would check your phone bill.

Report •

Ask Question