Help - corrupted PC

MuxLee

New member
I think I have a virus on the PC - and it says it has hashed the files ( not your average virus ) and I need to pay to get them back ( bye bye files its only tane and cities xl on that machine )

What is the extension of the downloaded assets - how can I tell if they have been corrupted .
I have noticed I cannot open pdf, jpg ,txt files so it sounds likely that this virus hijack is the real thing.

I will do a fresh install of the os etc but I am not looking forward to downloading the assets again .

Mux
 
Try downloading Malware Bytes free program and run it on your system.

This will take awhile to run but generally quite good.

It is hard to recommend anything else without more information.

Good Luck!
 
That virusses are common currently - unfortunately.

I recommend a clean re-installation of your system (formatting hard disks), because nobody can tell what remains on your hard-disks even when a virus scanning software tells you it's clean...
 
If it's crypto locker or one of it's clones, nothing you can do about the encrypted files, even the experts can't decrypt without the key which is held by the bad guys. You can however remove the actual virus.
Personally as I have everything safely backed up I'd just format and reinstall the OS.
It should give you some indication of what the malware / virus is when it demands payment?

If it is cryptolocker see here https://malwaretips.com/blogs/remove-cryptolocker-virus/
 
Will Malware Bytes interfere with McAfee?

I know you can't have McAfee and Norton on a computer at the same time since each thinks the other is malware (which from a business standpoint I suppose is true, lol). Will McAfee see Malware bytes as malware (and vice versa)?

Ben
 
No Ben, Malwarebytes won't interfere with your antivirus program, it's an anti malware program, there is actually a difference!

I'd also recommend Malwarebytes Anti-Exploit Free in addition to Malwarebytes as it's stops crap being added to your browsers and malicious scripts being run including unknown exploits. (According to the various sites that tested it)
Add to that CryptoPrevent which should stop most of these Cryptolocker viruses from doing anything.
 
Thanks Malc, I think I had it at one time but it got erased when I had to re-install windows. Will look for the other 2 as well.

Ben
 
Hi Malc:

What the heck is going on here?

I downloaded the free malwarebytes thing and during the install process it added 5 icons to my desktop.
Malwarebytes
Launch One System Care
KNCTR
2 different icons that look like little gears.
Then:
Launch System care automatically started.
KNCTR wants to give me some sort of free phone thing (I don't even own a cell phone).
McAfee went berserk with fire engine red warnings.
The normal screen I get when I click on my browser thing to go online for anything is blank.
I couldn't get to N3V thru any versions of Trainz.
I got here by typing in Trainz.com and had to re-enter my password and username (talk about fuzzy memory).

Is this what's supposed to happen? Somehow I don't think so. Is malwarebytes malware?:confused:

Ben
 
Don't use third party sites they are nearly all bundling crapware with downloads always go to the actual site.

Uninstall everything that got added then get Malwarebytes from the only trusted source.

Only get Malwarebytes from Malwarebytes.org https://www.malwarebytes.org/mwb-download/

Anti-Exploit, need the free trial, the basic functions continue to work after the trial period https://www.malwarebytes.org/antiexploit/

edit:
Cryptoprevent . Hmmmmm forum software has removed part of the link site is foolish it.com less the space between the h and i
 
Last edited:
if it will allow you to do so, copy the files somewhere else, externally... then format the drive, and reinstall your operating system, do not attempt a repair or upgrade, it will waste your time.
 
From what has been written I suggest you have a specific type of malware called Ransomware, which has warranted quite a bit of press over the past few month. As previously suggested the only effective solution seems to be a complete re-install as paying the ransom is little guarantee of the affected files being unlocked. The following links can explain it better than I. Peter

https://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx

http://us.norton.com/yoursecurityresource/detail.jsp?aid=rise_in_ransomware
 
So far I have been able to get rid of everything except something called Web Companion by Lavasoft (who I always thought was a reputable firm). If I click on the icon to delete it -my computer hangs up. On the other hand it doesn't SEEM to be doing anything (famous last words, lol).

As for re-installing windows and all that phooey - might just buy my new computer now and be done with it.

Thanks for the help gents - will keep fiddling .

OH - in the middle of all this the power failed and my UPS didn't kick in. When it rains it pours. I definitely have ticked off the Computer Godz.

Ben
 
So far I have been able to get rid of everything except something called Web Companion by Lavasoft (who I always thought was a reputable firm). If I click on the icon to delete it -my computer hangs up. On the other hand it doesn't SEEM to be doing anything (famous last words, lol).

As for re-installing windows and all that phooey - might just buy my new computer now and be done with it.

Thanks for the help gents - will keep fiddling .

OH - in the middle of all this the power failed and my UPS didn't kick in. When it rains it pours. I definitely have ticked off the Computer Godz.

Ben

The real Lavasoft Web Companion if that's actually what it is! has good reviews, http://www.thewindowsclub.com/lavasoft-web-companion-review malware, so should not cause any problems.
 
OK - I'll leave it there but what does it do? It only appears in my complete list of programs. No desktop icon or anything.

Only oddity left seem to be when I click on the blue lower case e surrounded by a yellow halo (to get to my e-mail and so on) it takes me to a blank page (apparently like my mind, lol).

OH - typing is very slow. An indication something is going on the background perhaps?

Ben
 
It protects your browser from being hijacked or unwanted add-ons or scripts being added, leastwise that's what the blurb indicates.
 
Hi Clam 1952:

This gets weirder and weirder.

I managed to get rid of that lava soft thing.

I went to the "official" malwarebytes site per your link on page 1 but all I get is a screen saying "your almost there but before you download malwarebytes consider upgrading to a premium version" but it gives no way to bypass the premium version and download the normal version. Its also quite difficult to exit that site.

You sure about that link?

Ben (who is not having fun Trainzing day, lol).

EDIT:OK - I got it to download and I only got one icon (malwarebytes). Now I have to get my nerve up to run it.

EDIT (AGAIN): Girded my loins (whatever that means, lol) and ran it. It found and deleted 30 things. Typing back to normal so it did some good (except I still can't spell). Oh - well - no program is perfect.:hehe:

Back to making miles and miles of trestles.

Ben
 
Last edited:
I found a link at the top of the page that worked. Nothing is ever easy is it, lol.

Except for the blank page when I clink on my browser (or that's what I think it is) everything seems ok (and I can work around that).

Actually it's nice to have malwarebytes back. I had it on my old Gateway (many mucho moons ago).

Ben
 
Back
Top