rohunsaker

Ransomware removal

6 posts in this topic

My copy of Malwarebytes is not finding and removing the Homeland Security / pay me $300 ransomware. How do I remove this?

 

Share this post


Link to post
Share on other sites

Hello and welcome, rohunsaker: :)

 

Please follow the recommendations in this pinned topic: Available Assistance For Possibly Infected Computers.
A qualified helper will guide you through the cleanup process.

>>If the infection has so crippled the computer that you cannot post the requested scan logs, please just start a NEW, SEPARATE post in the malware removal section >>HERE<<.

The malware experts who assist you will have some other tools to get you cleaned up.

Thanks,

daledoc1

 

PS It appears that you have replied in a topic started by another user >>HERE<<? The mods will likely remove that post, as each computer/infection is unique and needs to be addressed in a separate thread. :)

Share this post


Link to post
Share on other sites

I believe that I have got it removed. Even though none of the programs I ran said that they found this beast I did find ylapdvx.exe in the quaratined folder and deleted it and removed it's entry in the registry. So I have my fingers crossed as it has not yet reappeared.

Share this post


Link to post
Share on other sites

Hi, rohunsaker: :)

 

 

I believe that I have got it removed. Even though none of the programs I ran said that they found this beast I did find ylapdvx.exe in the quaratined folder and deleted it and removed it's entry in the registry. So I have my fingers crossed as it has not yet reappeared.

 

OK, thanks for the update.

If you'd like one of the experts over in the malware removal section to assist you with running some additional scans, to be sure you are clean, the help there is free.

 

Kind regards,

 

daledoc1

Share this post


Link to post
Share on other sites

Isn't MBAM supposed to detect this?

 

I was told that the only reason to run MBAM along with an AV is to get protected against this kind of zero-day.

With so many differant variants of malware out there in the wild and thousands of new ones being created and mutated everyday it is very difficult and even impossible to detect them all. While a single definition can detect thousands of multiple varients of malware there will always be several thousand, maybe even millions not yet discovered and known. We try to discover, analyze and detect as many as we can but unfortunately the bad guys are always finding new ways to keep their malware alive.

 

 

Hi, rohunsaker

 

I highly recommend you follow the instuctions left for you by daledoc1 and have a malware removal expert check it out. These ransomware infections can be very complex and usually copy multiple copies of themselves to various locations and use multiple start up points in the registry and other places to launch themselves.

Share this post


Link to post
Share on other sites

Isn't MBAM supposed to detect this?

 

I was told that the only reason to run MBAM along with an AV is to get protected against this kind of zero-day.

It's also quite likely that this variant is using a rootkit component installed alongside it to hide and protect it. Malwarebytes Anti-Rootkit could likely deal with it if that's the case.

As others recommended already though, I also recommend that the original poster follow the instructions provided in the links the others gave for seeking free assistance in getting the system cleaned up.

 

The complexity of finding, preventing, and cleanup from malware

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.