Computer Virus Help Needed

-
Hemioutlaw

Hemioutlaw

Make America Great Again!
Joined
Feb 4, 2014
Messages
1,373
Reaction score
886
Location
The Great State of Texas
So I logged onto my desktop last night and this pops up on my screen. It was late and I hadn't heard of it before and thought it was b.s but couldn't get rid of it. In my infinite wisdom I decided to restore to an earlier date and upon restart I learned it wasn't b.s. and has screwed up a bunch of files including all my images and disabled my Outlook access.

I have had McAfee for ages and have never had a virus before but am at my wits end on what to do. I called McAfee last night when it happened and after a 45 minute wait finally talked to they're Advanced Tech dept. which of course is outsourced to India. The Tech is trying to extort more money from me to remove the virus for $90 or for $190 they will not just remove but find the source. Out of principal I refused as I'm already paying for McAfee's anti-virus and didn't feel I should pay them more when they're software failed to stop it in the first place.

Went to bed disgusted and decided this am to explore another option being Costco's Concierge service since I just purchased this new cpu there in March. Their tech advised me to download malwarebytes which I did, ran a scan and quarantined all the affected files. So now all my images are corrupted and still after two hours cannot get my outlook to work and we did try Microsoft's Office repair to no avail.

At this point I do not know what infected file had the virus attached and don't know what to do next, I have heard some members here elude to working on computers and hopefully can advise, I am willing to pay if necessary.

Windows 7 O.S.
Verizon Fios


Appreciate any help I can get....
 

Attachments

  • 20150709_021102.jpg
    37.8 KB · Views: 195
have you tried malware bites to scan it.

there's a free version that you can download from cnet...
 
I'd be reinstallin' Whenhozed

kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/25000/PD25696/en_US/McAfee_Labs_Threat_Advisory-CTB-Locker.pdf

Keep trynnna tell youse guys. Learn to use Linux. ya. I have whezenozed 7. Every once in awhile, I'm actually forced, kicking and screaming to use it

Are you sure whoever you called was actually McAfee?

And then....

http://community.norton.com/en/forums/ctb-locker

Be sure you trippleeeellllllle check anything you do, or download. "Spyhunter" seems to be as bad as the cure, or some'thin'
 
Did you run your malwarebytes scan in safe mode?

For add'l help try sending a PM to member TrailBeast. He's fixed my computer problems several times...:D
 
The problem with this virus is that you can remove it from your computer with Malwarebytes, but unless you actually pay the price these bastards want, you won't get your photos and documents unlocked. The virus actually locks these files with a 128 bit encryption key which is virtually impossible to crack. Unless you pay for the key to unlock your files, they're toast. Sorry to say. Without paying, the only way you'll get them back is if you had them backed up in a location not connected to your network, like on a disconnected external hard drive.

Good luck to you...
 
65LoveAffair said:
.......... unless you actually pay the price these bastards want, you won't get your photos and documents unlocked. ................ Unless you pay for the key to unlock your files, they're toast. Sorry to say....
Click to expand...

Sorry, "this ain't true." There is no reason to expect that paying the price will retrieve the files. Consider the files lost. Learn to do backups. I have three. Identical stowage in 3 separate 1TB drives, NOT used for any systems, only storage. In addition, critical stuff is backed up to DVD, etc
 
1964 hippo said:
Download AVAST Free
Click to expand...


I run either this or AVG, or a third, forgot, might be Panda? all free. As I said, I use Linux day--to--day. Only time I fire up Whenhozed is when I can't do something in Linux.
 
I learned the hard way to NEVER, and I mean NEVER click on ANY box that pops up like that. I will either go the tool bar where the IE icon is at close it there, or do the Control/Alt/Delete button and go to Task Manager and close the browser there. If you are able to use the PC otherwise, you might try this.
http://www.microsoft.com/security/scanner/en-us/default.aspx
It is for free, and it scans and will remove a lot of different spyware and virus's and hijackers.
 
65LoveAffair said:
The problem with this virus is that you can remove it from your computer with Malwarebytes, but unless you actually pay the price these bastards want, you won't get your photos and documents unlocked. The virus actually locks these files with a 128 bit encryption key which is virtually impossible to crack. Unless you pay for the key to unlock your files, they're toast. Sorry to say. Without paying, the only way you'll get them back is if you had them backed up in a location not connected to your network, like on a disconnected external hard drive.

Good luck to you...
Click to expand...

Yes,
I am aware that the encrypted files are probably gone but fortunately for me the many irreplaceable family images I lost were taken with my phone and are still stored there.
 
67Dart273 said:
I run either this or AVG, or a third, forgot, might be Panda? all free. As I said, I use Linux day--to--day. Only time I fire up Whenhozed is when I can't do something in Linux.
Click to expand...

and it is Free........Just updated to Linux Mint 17.2....
 
67Dart273 said:
Sorry, "this ain't true." There is no reason to expect that paying the price will retrieve the files. Consider the files lost. Learn to do backups. I have three. Identical stowage in 3 separate 1TB drives, NOT used for any systems, only storage. In addition, critical stuff is backed up to DVD, etc
Click to expand...

I have heard of multiple occasions where it is true. I know people that have paid the ransom and gotten their files unlocked. Not every person, but it has happened. I guess the pricks who put this crap out there figure that if word gets out that they don't release the files as promised if someone pays, then nobody will pay. Of course, paying the ransom will just ensure that this keeps happening to people.
 
Hemioutlaw said:
Yes,
I am aware that the encrypted files are probably gone but fortunately for me the many irreplaceable family images I lost were taken with my phone and are still stored there.
Click to expand...

Good, I am really glad to hear this. At least that's something to be happy about.
 
What worked for me, when I got a nasty virus (FBI I virus locked my computer and deleted all of my restore points) was a "offline" version of Windows Defender. It will eliminate the virus before your windows boots up. You will have to put it on a cd and let your computer boot from it. Make sure you download the correct version 64 bit or 32 bit.and oh, it's free by the way. Good Luck
 
download a version of linux...make it bootable on a thumb drive...boot the linux ...the linux will run off the thumb drive...remove all your files ...photo and documnets to another drive....

wipe windows and start over....no cost at all....
 
I had the BSOD virus, I called the number and when they said$200 minimum, I just hung up the phone.
I rebooted the puter, ran AVG Internet Security and it took out some. it still ran very slow. So I ran CCleaner. Analyzed the system, clicked on fix, the puter has run flawlessly ever since.
 
The issue is not that you lost your personal photos and personal files --- the real issue is that your machine had it's data exfiltrated, likely to include your executeables, hashes and password database(SAM ,etc.) to your credentials.

First think is to nuke and pave --- essentially completely re-image the machine and start a fresh install with a known good image or from your system DVD that was included when you purchased the machine. After you have a clean image installed, update each and every credential you have --- no half-stepping. Devise a decent password scheme and update passwords at least every few months - never use the SAME password on sensitive accounts or data.

BTW Linux, OSx or any other OS will also be affected by these attacks --- maybe not this exact Windows exploit, but those other platforms are also VERY vulnerable, and malware today is sophisticated enough to be platform independent.

In fact the vast majority of malware comes from either a spoofed email that a user opened and clicked on a lure link embedded in the email (Phishing-spearphishing), malvertising - bad ads on a website that can infect or redirect+ steal your credentials, an unpatched system is one of the most serious problems (Get Secunia free PSi Inspector and regularly patch your system including third party apps like Adobe, Google Chrome, Mozilla Firefox, etc.) or visiting compromised websites or downloading compromised files.

Do not drink the Apple Juice, the Kool Aid, or anything else thinking that running Linux makes you invulnerable.

Patch - Patch - Patch (secunia) - do NOT download any files or data from any questionable websites, run MalwareBytes Preminum and Malware Bytes Anti-Exploit and always change your passwords.

I do cyber security for a living --- follow these steps to lower your risk of compromise.
 
Vs29H1B said:
BTW Linux, OSx or any other OS will also be affected by these attacks --- .......................................
Do not drink the Apple Juice, the Kool Aid, or anything else thinking that running Linux makes you invulnerable.

.
Click to expand...

Yeh. They are all vulnerable. But Whenhozed is STILL the favorite TARGET by hundreds of percentage points. If I was to put a windows machine next to my Linux machine on a parallel course, it would be unusable by now, given the same attention I "don't give" to Linux.

I believe there is one huge thing you are ignoring about the differences between Microshit and Linux...........

That is, around the world, there are people playing with looking at and screwing with Linux. Unlike Microcrap, it is open source. Vulnerabilities when they crop up are pretty quickly pounced on.
 
Vs29H1B said:
The issue is not that you lost your personal photos and personal files --- the real issue is that your machine had it's data exfiltrated, likely to include your executeables, hashes and password database(SAM ,etc.) to your credentials.

First think is to nuke and pave --- essentially completely re-image the machine and start a fresh install with a known good image or from your system DVD that was included when you purchased the machine. After you have a clean image installed, update each and every credential you have --- no half-stepping. Devise a decent password scheme and update passwords at least every few months - never use the SAME password on sensitive accounts or data.

BTW Linux, OSx or any other OS will also be affected by these attacks --- maybe not this exact Windows exploit, but those other platforms are also VERY vulnerable, and malware today is sophisticated enough to be platform independent.

In fact the vast majority of malware comes from either a spoofed email that a user opened and clicked on a lure link embedded in the email (Phishing-spearphishing), malvertising - bad ads on a website that can infect or redirect+ steal your credentials, an unpatched system is one of the most serious problems (Get Secunia free PSi Inspector and regularly patch your system including third party apps like Adobe, Google Chrome, Mozilla Firefox, etc.) or visiting compromised websites or downloading compromised files.

Do not drink the Apple Juice, the Kool Aid, or anything else thinking that running Linux makes you invulnerable.

Patch - Patch - Patch (secunia) - do NOT download any files or data from any questionable websites, run MalwareBytes Preminum and Malware Bytes Anti-Exploit and always change your passwords.

I do cyber security for a living --- follow these steps to lower your risk of compromise.
Click to expand...

That's all good and fine, but no one does it. :D
They generally just use a computer, do no backups and barely if ever a decent antivirus program.
We can preach till blue in the face, but only hear from them after the infection.
The ones I hate the most are the ones that call and tell us they can't afford to pay our cost's because they gave the scam all their available funds, so "can't we give them a special deal?" :finga:

Also a lot of computer manufacturers and sellers don't include a reimage DVD or whater, but a little pop up comes up on the screen telling them to make a restore disc set, but they don't do that either. :D

Then all this aside, Windows WILL get infected somewhere somehow anyway because it's the nature of the beast.
(the easier it is for the average person to use, the easier it gets taken advantage of)
 
my laptop running windows 7,,,,got nailed twice in one month back in 2010...same laptop running Linux has never been hit by a virus or malware.....so that speaks volumes for me..
 
I use Windows pretty much because I have to for a lot of the stuff I do, but all my important stuff is stored on CD or DVD and I consider any Windows installation a throwaway.

Due to the virus the OP ended up with even external storage isn't safe (or even cloud storage in some cases)

That virus makes an encrypted copy and then deletes the original file, so we may be able to recover the deleted unencrypted originals with a program I use just for this.

(Maybe)
 
You must log in or register to reply here.
-

Back
Top