Re: Ransomware Protection

BrVi32
BrVi32 Posts: 3 New Member

Hello!  My MacPro has become infected with what seems to be a ransomware virus - I am not an expert - I was notified of this by a McAfee popup which claims it came from gumtree.com or mygumtree.com which is an infected site. It is probably related to my recent update with High Sierra 10.1.13.  The McAfee pop up however while offering a 'Free' cleanup led to a choice of subscriptions from $160 + upwards.  I suspect phishing therefore.  At least it could be  a fake McAfee phishing popup related - the virus itself.   f-secure also detected this problem which is now in the applesand/library. I think f-secure already dealt with the issue.  I ought to report this problem to the police but cannot precisely identify it.  I am going to erase and reload the OS.    

 

Advice gratefully received!

Comments

  • BrVi32
    BrVi32 Posts: 3 New Member

    I have the impression f-secure is neutralizing these viruses so they remain silently in the computer.  Is that possible? 

  • Ukko
    Ukko Posts: 3,697 Superuser
    Hello!  My MacPro has become infected with what seems to be a ransomware virus - I am not an expert - I was notified of this by a McAfee popup which claims it came from gumtree.com or mygumtree.com which is an infected site. It is probably related to my recent update with High Sierra 10.1.13.  The McAfee pop up however while offering a 'Free' cleanup led to a choice of subscriptions from $160 + upwards.  I suspect phishing therefore.  At least it could be  a fake McAfee phishing popup related - the virus itself.   f-secure also detected this problem which is now in the applesand/library. I think f-secure already dealt with the issue.  I ought to report this problem to the police but cannot precisely identify it.  I am going to erase and reload the OS.    
    Advice gratefully received!

     

    Hello,

     

    Your descriptions sounds as potential fake advertisements or JavaScript-based rogue/scam (for example, well-known threats as js.cryxos ).

     

    Except potential other advices -> if you're F-Secure Customer - possible to use direct F-Secure Support Channels (chat as example):

    https://www.f-secure.com/en/web/home_global/contact-support

     

    Support Agents is certified for advices and help (remote help if required) about cleaning or dealing with threats under your system.

     

    It possible that 'malicious/suspicious' is blocked only (but still under system; or able to do 'recover'-state). Basically, your note about Ransomware (if this is crypto-ransomware) should be visible -> because if so -> your files should be encrypted or not possible to use system (usually).

    https://www.f-secure.com/en/web/labs_global/crypto-ransomware

     

    I'm only F-Secure user (their home solutions). So, only unofficial advices. My own feelings that good to perform "Full Scan" by F-Secure Security solutions. Re-check installed applications/browser's settings. And maybe to contact F-Secure direct Support Channels (chat/phone) about certified direct help. Even your potential steps with 'reformat system' completely -> time to time -> most sufficient step.

     

    Thanks!

  • BrVi32
    BrVi32 Posts: 3 New Member

    I notice the 'MacAfee' popup does not appear in my Safari history.  I think the whole thing is a scam.  Thanks for your reply.

This discussion has been closed.
Pricing & Product Info