shaneturner12
Tutorial Creator
Ref the blank page - might be worth checking your browser options as most browsers have that as an option and it can be changed to another page instead.
Shane
Shane
Help - corrupted PC
- Thread starter MuxLee
- Start date
"From what has been written I suggest you have a specific type of malware called Ransomware, which has warranted quite a bit of press over the past few month. As previously suggested the only effective solution seems to be a complete re-install as paying the ransom is little guarantee of the affected files being unlocked ... ."
Correct - except there is a reasonable chance that paying the ransom will result in the provision of a key that will unlock the encoded files. Failure to pay (how many bitcoins?) will certainly result in the loss of those files.
You have probably opened an attachment to an email that contained the encoding virus.
If was me I'd put on industrial strength rubber gloves, remove the HDD and either burn it or drill it full of holes, thoroughly decontaminate myself, then start afresh with a new HDD.
Correct - except there is a reasonable chance that paying the ransom will result in the provision of a key that will unlock the encoded files. Failure to pay (how many bitcoins?) will certainly result in the loss of those files.
You have probably opened an attachment to an email that contained the encoding virus.
If was me I'd put on industrial strength rubber gloves, remove the HDD and either burn it or drill it full of holes, thoroughly decontaminate myself, then start afresh with a new HDD.
Reasonable chance? I would say between very slim and Nil !! I have heard of businesses who have been duped by this one, some of them have paid 10's of thousands of dollars and received nothing. They cant provide a key because they don't know what the key used on the effected computer is as it is Microsofts own built-in encryption that has encrypted it.
Correct, most of these encryption viruses are coming through email attachments.
Once it has done its run (encrypted all your .doc, .docx, .xls, .csv, .jpg, .png, .pdf and a few others from memory), then that's normally the end of it.
You will find 2 files in each folder, 1 an .html file and also a .txt file or which the name varies relating to the virus. You can simply delete them (search entire computer for them once you know the name and delete them all).
All encrypted files also normally have an extension like .vvs or .vvv or something similar. They are encrypted, they are unrepairable, you might as well delete them, they are useless. If you lost any important files, put it down as lesson learnt, don't click on any email that contain attachments unless you know what you're clicking on in future and use a backup device and do regular backups.
Keep in mind also that if it is on a network with other shared computers or storage devices, files in those shared folders will also be effected.
You should not need to format your HDD, shoot it, pour acid on it or anything else, chances are it hasn't effected any files related to the operating system (well all the ones I have cleaned out so far haven't yet anyway).
Thanks guys ... I have cleaned the machine low level format etc ....
I just got rid of everything on the machine which like I said was only 2 games . I have backups of the assets offline . but the stuff from the dls is gone
. So I am starting from scratch again with Tane and TS12 . Assets that were decompressed with components .txt .bmp . jpg .pdf were appended with .mp3 . this was a really aggressive virus attacking all common file extension but not .exe and bin because it has to allow you to run your programs .
WRT to Malwarebytes you should read the setup instructions and deselect the optional extras
Quite scary really - I don't run my personal PC tasks on my gaming rigs but really made me think about internet security BTW there is no email installed only two games / open office / gimp that's it ! I only downloaded from the DLS and CitiesXL. will build a proxy to go infront of my pcs with an aggressive virus and antimalware.
Mux ......
I just got rid of everything on the machine which like I said was only 2 games . I have backups of the assets offline . but the stuff from the dls is gone
. So I am starting from scratch again with Tane and TS12 . Assets that were decompressed with components .txt .bmp . jpg .pdf were appended with .mp3 . this was a really aggressive virus attacking all common file extension but not .exe and bin because it has to allow you to run your programs . WRT to Malwarebytes you should read the setup instructions and deselect the optional extras
Quite scary really - I don't run my personal PC tasks on my gaming rigs but really made me think about internet security BTW there is no email installed only two games / open office / gimp that's it ! I only downloaded from the DLS and CitiesXL. will build a proxy to go infront of my pcs with an aggressive virus and antimalware.
Mux ......
Not true. They have generally adopted a policy of providing the key when the ransom is paid, because that significantly improves the likelihood that future victims will also pay up. The key is provided using information created as the files were being encrypted.
That doesn't mean you should pay, only that if you do pay there is a good chance you will get your data back.
Well if that's what you want to believe, I wish you luck, the authors of the original Cryptolocker took an estimated 3 million USD from people like you before it was isolated, and the majority of victims who paid up were never able to recover their data. I guess you would suggest victims pay by credit card to ah as you think these hackers are so honest...
If you run a home network you might want to check your other PC's, as it got onto your gaming rig somehow and this ransomware can affect network shares.
LNERlover5
Average Grad
If your files have been encrypted by ransomware then you're stuck unless you pay the ransom, even then you're entrusting that the key to decrypt the files will be provided which isn't guaranteed.
Quite a nasty piece of work these viruses are, and unfortunately it's the users fault for encountering them most of the time. Proper maintenance of security updates for your OS and knowledge of how to keep yourself safe on the internet are key.
Jack
Quite a nasty piece of work these viruses are, and unfortunately it's the users fault for encountering them most of the time. Proper maintenance of security updates for your OS and knowledge of how to keep yourself safe on the internet are key.
Jack
A few years ago my daughter got one of these. Paid the $10 and got her computer back but a month later the malware was back. Turned out the $10 wasn't to "clean" the malware out of her computer - just "reset" a timer so she would have to continue to pay month by month.
Just out of curiosity - - - what (if any) is the advantage in the premium version of malwarebytes? Is it that much better (and worth the cost)? Is the cost a one-time thing or a re-occurring (monthly) fee?
Ben
Just out of curiosity - - - what (if any) is the advantage in the premium version of malwarebytes? Is it that much better (and worth the cost)? Is the cost a one-time thing or a re-occurring (monthly) fee?
Ben
Hi, Ben. One of the advantages of the Premium version is that it will run in Real-Time in the background. if you try to open (or actually open) something with malware, the MBAM will kick in and alert you BEFORE the malware starts to run. There are several other anit-malware suites out there, and I won't get into arguing their merits. Suffice it to say that I used to use MBAM, but now use Emsisoft Anti-malware. it is payware also, but quite reasonable. You can buy a multi-computer license.
In either case, common sense is better than any anti-malware, but just in case, insure yourself.
Bill
In either case, common sense is better than any anti-malware, but just in case, insure yourself.
Bill
Hi Bill:
Thanks for the info. So if I decide on the premium version is it a one-time cost or do I have to (sort of) subscribe to it yearly? They say in their ad something like 7 cents a day. That's a little over $25 a year. That sound right? I'm buying a new computer later this year so I'm exploring various options here and there.
I know what you mean by insurance. I have everything backed up of not 1, not 2, but 3 external hard drives. Me heap big chicken, lol.
Ben
Thanks for the info. So if I decide on the premium version is it a one-time cost or do I have to (sort of) subscribe to it yearly? They say in their ad something like 7 cents a day. That's a little over $25 a year. That sound right? I'm buying a new computer later this year so I'm exploring various options here and there.
I know what you mean by insurance. I have everything backed up of not 1, not 2, but 3 external hard drives. Me heap big chicken, lol.
Ben
No need to believe me - refer to the people who deal with it on a daily basis:
https://securityledger.com/2015/10/fbis-advice-on-cryptolocker-just-pay-the-ransom/
'And most ransomware scammers are good to their word, Bonavolonta said. “You do get your access back.”'
In the unlikely event that payment by credit card is allowed, then yes, it should definitely be used. If you do it with the cooperation of your bank they will make the payment for you, ensure your card is protected, and then track down and prosecute the payees.
But I somehow think they won't offer the option.
Hello Ben, good buddy --
I've tried this one for years:
Malwarebytes Anti-Malware 2.2.0
http://filehippo.com/download_malwarebytes_anti_malware/
This is the few version!
They do have a pay version, which does everything that Bill said in his post!
Take care now :wave:
Ishie
Last edited:
To the OP... You might try posting on www.bleepingcomputer.com. You need to sign up and be a member to post, and it's totally free. There are quite a few posts there about ransomware. It might at least be able to help you identify what specific ransomware it is. Just create a post with "ransomware" or something similar in the title, and explain your situation, as you did here. Some security vendor representatives monitor and post on those forums. I will say, if you delete the malicious file that encrypted everything, it is likely you will NOT be able to recover your files, period.
That's about right. I have the premium (paid) version, and there is a yearly subscription. There is an option to pay manually each year, or set it up to auto-renew from a credit or debit card. Personally, I would definitely say it's worth it. You get the real-time protection, plus the ability to run a "hyper" or quick scan. I have used it on 2 PC's for the last 2 years, and since then, have never had any problems. If you have multiple systems, you can install the software on up to 3 computers with your subscription.
There has been more than one occasion where the program has stopped a website from loading and flashed the message "Malicious website blocked." But you should definitely have a dedicated well-known Anti-virus alongside with Malwarebytes. Personally, I run Kaspersky, Malwarebytes, and Anti-exploit (Paid.) Real-time security programs are great, since they can detect something BEFORE it becomes a problem, not just try to remove it after the fact.
Hi d0g:
Sounds worth the $$$ (tho I don't like automatic renewal on anything). I assume you get a reminder e-mail a few weeks before your current subscription runs out.
I run McAfee. I had Norton on my old computer and ran some comparisons after getting the new one (before the old one totally died). Things that Norton said were ok - McAfee said were not. Perhaps it was a matter of sensitivity but I'd rather err on the safe side. When in doubt - bail out.
Ben
Sounds worth the $$$ (tho I don't like automatic renewal on anything). I assume you get a reminder e-mail a few weeks before your current subscription runs out.
I run McAfee. I had Norton on my old computer and ran some comparisons after getting the new one (before the old one totally died). Things that Norton said were ok - McAfee said were not. Perhaps it was a matter of sensitivity but I'd rather err on the safe side. When in doubt - bail out.
Ben
Cheers I posted the signature to the CIS forum ... I do security testing so I am aware of the process , just means I will have to extra precautions with gaming rigs now. lucky there was nothing I can not recover and the machine is only a few months old so not so painful. the bad bit is I did nt backup the dls downloads - how do you do this any pointers ? I have the backups for citiesxl ( lost the serial number but I can get that back ) . So I am back to a clean machine with a clean install of tane and ts12.
BTW they wanted paying in bitcoin not CC or cash transfers ..... I would not pay their ransom it only encourages them and you are unlikely to recover anything without a penalty.... If you pay once you will pay again and again .
Well, personally I save all downloaded Trainz files (Usually .CDP's) in a folder on my main HD. Periodically, I back-up this folder, as well as the entire Trainz directory, to an external hard drive and then disconnect it from the system. I never leave it connected when I'm not using it, due to the possibility of infection if it was connected during a malware infection.
There is also the option within the Trainz Content Manager to save existing Trainz content (in-game) to .CDP files and store them somewhere on the machine. I find this useful in route creation, so my custom routes are backed up.