WTF? Dodgy email just wiped my PC

[Edmond]

Got an email on my ipad sending me a reciept from American Airlines for a flight i had booked to washington ( i hadnt)

Fuck, i thought, so i went to the PC and scanned it before i opened it, it all checked out, (it was a rar file btw) when i opened it, it shut down everything back to the desktop, which was now blank, no icons. Then all 3 HDD kicked into gear at the same time, so i pulled the plug out of the back of the router and shut down

When i re booted, everthing was gone, even IE and Office, all of the folders were empty, i even had to do a search for the control panel as it had gone from the start menu

Managed to do a system restore back to the 11th, and it all seems to have come back, but i noticed a few folders had nothing in them, although they werent empty when i hovered on them. It seems to have hidden loads of files, which i just un-hid, very wierd

Still not sure if everthing is ok, but doing a deep scan now and running Malwarebytes too

 

[Moriath]

wife had the same email but didnt open it heh

guess whos the stupid one ?

http://www.flyertalk.com/forum/amer...ng-malware-fraud-spoofs-etc-consolidated.html

 

[Edmond]

Yep, its me, but i've had money taken out of my account before, and i needed to know if it was genuine, seems my AVG isn't that great at scanning

When did she get the email, recently?

 

[Moriath]

aye few days ago maybe wednesday .. i told her to check her accounts rather than clicking the attachment

 

[Kryten]

Without panicing too much, that's an all too common malware/scareware program. Malwarebytes as usual, but first to save your sanity, in any folder go to organise, view and show hidden files/folders. That's all it does.
Unless it's some hard bastard then thats not all it does and I dont know about it, but had the same thing for a fair few friends recently.

 

[Zenith.UK]

I've been asked by a small number of friends and family to sort their PCs out after malware infections.
I now make a point of taking a clean snapshot image once I've sorted them out, just in case they get something again. So far it's paid off 3 times.
Some people just don't learn.

 

[Edmond]

Yes i know, but i have had my bank account hacked before and the first i've known about it was when i got an email confirming purchases. I even checked the email addy before i opened it and it all seemed to check out, i didnt just dive in, but it still got me. Luckily it all seems ok (so far)

But it was a bit of a wtf moment when there was nothing there at all, just the recycle bin and nothing else

ah well.....

 

[Bahumat]

Got an email on my ipad sending me a reciept from American Airlines for a flight i had booked to washington ( i hadnt)

It's here you should have deleted the email. I get a few DHL ones and it's obviously fake. If however you are worried, or think there is a chance it could be official, you can read the email and then go onto the official site. You don't click the links or attachments buddy

 

[Raven]

Is your porn collection ok? Please tell me its ok???

 

[Edmond]

Calm down Raven, its all on the external HDD

 

[soze]

Boot into safe mode run rkill then run mbam. Once finished run unhide. You files should still be there just hidden.

 

[Edmond]

Its all ok now, its sorted, thanks for you help guys. It seems it was a clever little bug that hid everything, there to scare people i guess

 

[Deebs]

Make sure MalwareBytes is fully up to date including the binary, not just the definition files. Uninstall AVG and install Windows Essential Security. Very lightweight and receiving good reviews from the experts. I am still on MalwareBytes and NOD32 v4.72 (won't go to 5 yet, too early and it has issues).

 

[Edmond]

I paid for the full version of AVG

 

[Lamp]

Did you go for the full paid version of MalawareBytes or just use the freebie?

 

[Edmond]

freebie

 

[Edmond]

Have deleted AVG and installed MSE, going out in a mo, so i'm going to run a deep scan with MSE and see what it picks up

 

[Moriath]

yup i stick with MSE now seems a lot better than the AVG's of this world

 

[Scouse]

Ed - whenever you get a mail like that and you're unsure - ring your bank.

If there's no money taken from your account then you can be sure the mail's fake. If the money's gone, then you're on the phone to the people you need to talk to anyway

 

[Access Denied]

Oh man, this reminds of me of a little program I had years ago. Thing called Smileygame.exe. if you clicked on it, it pretended to wipe your HDD and then told you there was no operating system installed. Scared the shit out of a few of my friends. I miss that little prog =(

Just imagine the fun if you could get hold of a clean version of the malware you got!

 

[Edmond]

Well it seemes it was clean, no harm done tbh. Would you likr me to email it to you?

 

[Access Denied]

Haha burn it to a CD and send it to me. I'll use my old PC to isolate and extract the file responsible! =P

 

[DaGaffer]

As a tip for the future, no legitimate site will ever send you an attachment (especially not something like a rar file that theoretically requires commercial software to open), that you haven't asked for. They will send you a link that takes you to their site (this isn't totally risk-free either, but easier to check than an attachment). Any site that does send you an attachment - don't touch it and contact them directly if you think its a legit communication.

 

[caLLous]

Agree, alarm bells would definitely ring if I saw an attachment, especially a rar archived attachment.