Thanks Thanks:  9
Likes Likes:  7
Page 1 of 2 12 LastLast
Results 1 to 20 of 23
  1. #1
    Retired Grumpy Grandad notanotherone's Avatar
    Join Date
    May 2006
    Location
    not far from you
    Posts
    6,915
    Post Thanks
    Chats
    589
    Rep Power
    68

    think its a ransome

    ok i was loking for igo8 maps and i downloaded what i thot was a new setup ,ive had to turn my computer off cause i dont know how to cure it ,ive run malwarebytes and a few 9thers but cant seem to get rid of it ,i keep getting this file in my pictures and other things ,it starts hell your files have been decryted ,to encrypt them send an email to .......... and so on and on ,it ends if your not prepared to pay dont send an email ,i assume its a ransomeware hack ? i tried a removal tool but didnt change anything
    wii #5344 2071 8397 4304
    Hidden Content
    Trust me the devil allways wins ,no matter how hard we resist

  2. #2
    Biatch Moderator berley's Avatar
    Join Date
    May 2006
    Location
    Scotland
    Age
    62
    Posts
    8,399
    Post Thanks
    Chats
    71
    Rep Power
    84
    Just admit it, you've been on the dodgy pron sites again Hidden Content
    gяσωιηg σℓ∂ ιѕ мαη∂αтσяу; gяσωιηg υρ ιѕ σρтισηαℓ.
    If you would like to help with the running costs of the site click below

    Hidden Content
    Honesty is better than sugar coated bullsh!t

  3. Likes notanotherone liked this post
  4. #3
    Administrator fergalsworld's Avatar
    Join Date
    May 2006
    Posts
    8,495
    Post Thanks
    Chats
    0
    Rep Power
    10
    Did you boot into safe mode before running a threat scan in malwarebytes?

    Also try a system restore

    and have a read of this

    Code:
    http://www.pcworld.com/article/243818/how_to_remove_malware_from_your_windows_pc.html?page=0
    D I S C LA I M E R
    My right to post information is protected under the rights for freedom act. In all instances, information discussed here on my posts are either hypothetical in nature, out of general curiosity, common knowledge, public knowledge, or role-play. Any use of the collective descriptions and shared knowledge from any of my posts are at the sole discretion of the reader.
    I am not responsible for what you do with it!

  5. Thanks notanotherone thanked for this post
  6. #4
    Respected alanjg007's Avatar
    Join Date
    Dec 2011
    Posts
    2,311
    Post Thanks
    Chats
    0
    Rep Power
    72
    ...if its a scam it'll be cleaned but if its true....do you really have much on pc that you will miss? I mean we have external enclosure and cloud software for mostly everything. Wipe the drive and start again!
    "Every normal man must be tempted at times to spit upon his hands, hoist the black flag, and begin slitting throats." -- H.L. Mencken

    "The more I learn about people, the more I like my dog" - Carl Jung

    Nexus 7 wifi 32gb 1st Gen XenonHD-4.4.2 Build 1
    HTC one x cm-11-20140205-NIGHTLY-endeavoru

  7. Thanks notanotherone thanked for this post
  8. #5
    Retired Grumpy Grandad notanotherone's Avatar
    Join Date
    May 2006
    Location
    not far from you
    Posts
    6,915
    Post Thanks
    Chats
    589
    Rep Power
    68
    yep i tried a system restore , also tried running malware bytes in safe mode it found nothing ,its mostly my pictures i cant see every time i open my photo files it has a document in there with what i said ,yes i coukd wipe it but its my photos i want ,its affected 2 external hard drives
    wii #5344 2071 8397 4304
    Hidden Content
    Trust me the devil allways wins ,no matter how hard we resist

  9. #6
    Administrator Reddevil's Avatar
    Join Date
    May 2006
    Location
    Out There.
    Age
    66
    Posts
    3,333
    Post Thanks
    Chats
    18
    Rep Power
    10
    its a virus you been hacked hear about this before, best cure factory reset

    another tip is dont download from dodgy sites, this is where they get into your pc
    Welcome to World of Digital
    __________

    Hidden Content
    _______________________________________________

    I am glad we could help you with your problem if you need anymore advice just ask,
    Also if you would like to help with the running costs of the site you can always donate click below

    Hidden Content <<<< Click to Donate.


  10. Likes notanotherone liked this post
  11. #7
    Big Bad Boss Gazer's Avatar
    Join Date
    May 2006
    Location
    Marsss
    Posts
    3,673
    Post Thanks
    Chats
    8
    Rep Power
    10
    Take the hard drive out and run it as a slave on another pc if you can, then do a virus check on it, you should find it then .....this is what I did on my dads a couple of years ago when it happened to him, been ok since then for him.....did a post on here about it some where.
    Hidden Content
    Viewing Pay TV without a valid subscription is illegal!
    All the files available on this forum are kept for experimental and educational purpose only!

    Hidden Content

  12. Likes notanotherone liked this post
  13. #8
    DarkHours Moderator dx100-uk's Avatar
    Join Date
    Jul 2006
    Location
    hiding....
    Age
    64
    Posts
    2,423
    Post Thanks
    Chats
    0
    Rep Power
    28
    on another PC go download and then run combofix [from the bleepingcomputersite from the penstick
    in safe mode
    its nice here....

  14. Likes notanotherone liked this post
  15. #9
    Retired Grumpy Grandad notanotherone's Avatar
    Join Date
    May 2006
    Location
    not far from you
    Posts
    6,915
    Post Thanks
    Chats
    589
    Rep Power
    68
    ok im not 100 % certain but seems to have removed it thanks dx100-uk ,the only problem is that the dam thing changed or corrupted my photos on my extrnal hard drives also all my music wont play ,on my photos side it says the file cant be opened it may be corrupted or changed and photo programe needs to be updated ,but its all up to date ,iit mite stil,be around ,i also tried trend micro wnd malware bytes , but they both found nothing after i ran combofix ,but i cant seem to run it on my external hard drives as its seems to be a command programme im so pissed off with this dam thing
    wii #5344 2071 8397 4304
    Hidden Content
    Trust me the devil allways wins ,no matter how hard we resist

  16. #10
    Forum Supporter billy149uk's Avatar
    Join Date
    Jan 2013
    Location
    Bonnie Scotland
    Posts
    367
    Post Thanks
    Chats
    3
    Rep Power
    20
    Try recovering all your files.Install attached program on another pc and use Gazer method to scan for your files.I had a 3TB hard drive with lots of old movies on it and I was locked out of it I scanned drive using my laptop and a drive caddy.I recovered every movie on it which was aprox 2.5TB.
    Hidden Content

  17. Thanks notanotherone thanked for this post
  18. #11
    DarkHours Moderator dx100-uk's Avatar
    Join Date
    Jul 2006
    Location
    hiding....
    Age
    64
    Posts
    2,423
    Post Thanks
    Chats
    0
    Rep Power
    28
    the usual dodge is it renames the files to all .exe.jpg or .exe.mp3

    turn on show known extensions in windows explorer.

    or just check the extension ,jpg etc is correct for the file type.

    dx
    its nice here....

  19. Likes notanotherone liked this post
  20. #12
    Retired Grumpy Grandad notanotherone's Avatar
    Join Date
    May 2006
    Location
    not far from you
    Posts
    6,915
    Post Thanks
    Chats
    589
    Rep Power
    68
    ok found this, its changed my pictures and all my music with this extention 73I87A File (.73i87A) ive run trend micro trend anit threat software and nothing has been found now ,done it on all my stuff ,just the extention files have been changed
    wii #5344 2071 8397 4304
    Hidden Content
    Trust me the devil allways wins ,no matter how hard we resist

  21. #13
    Respected alanjg007's Avatar
    Join Date
    Dec 2011
    Posts
    2,311
    Post Thanks
    Chats
    0
    Rep Power
    72
    try this m8

    Hidden Content
    "Every normal man must be tempted at times to spit upon his hands, hoist the black flag, and begin slitting throats." -- H.L. Mencken

    "The more I learn about people, the more I like my dog" - Carl Jung

    Nexus 7 wifi 32gb 1st Gen XenonHD-4.4.2 Build 1
    HTC one x cm-11-20140205-NIGHTLY-endeavoru

  22. Thanks notanotherone thanked for this post
    Likes notanotherone liked this post
  23. #14
    Retired Grumpy Grandad notanotherone's Avatar
    Join Date
    May 2006
    Location
    not far from you
    Posts
    6,915
    Post Thanks
    Chats
    589
    Rep Power
    68
    nope this didnt do anything ,it said there was files found that were changed Hidden Content
    wii #5344 2071 8397 4304
    Hidden Content
    Trust me the devil allways wins ,no matter how hard we resist

  24. #15
    Respected alanjg007's Avatar
    Join Date
    Dec 2011
    Posts
    2,311
    Post Thanks
    Chats
    0
    Rep Power
    72
    Hidden Content Originally Posted by notanotherone Hidden Content
    nope this didnt do anything ,it said there was files found that were changed Hidden Content

    did you try looking in the c: drive as it did mention that the changed files would be put on the c: It does not delete the originals. just renames them on the c;drive. i think, that my undertanding of it.
    "Every normal man must be tempted at times to spit upon his hands, hoist the black flag, and begin slitting throats." -- H.L. Mencken

    "The more I learn about people, the more I like my dog" - Carl Jung

    Nexus 7 wifi 32gb 1st Gen XenonHD-4.4.2 Build 1
    HTC one x cm-11-20140205-NIGHTLY-endeavoru

  25. #16
    Retired Grumpy Grandad notanotherone's Avatar
    Join Date
    May 2006
    Location
    not far from you
    Posts
    6,915
    Post Thanks
    Chats
    589
    Rep Power
    68
    yea i looked every where as i said it ran np but it didnt fint find anything wrong it says it can take several hours,but was finished in minutes,i could see it checking my c drive and my other 2 external drices which are k and b but nothing wrong on anything ,as i said ive managed to get rid of ransome and everthing is clear of it ,i had put some pictures on from a pen drivevand there still ok ,i checked the properties of them and as i said they are just jpg files as i said every thing has been chaged to73I87A and i cant change that
    wii #5344 2071 8397 4304
    Hidden Content
    Trust me the devil allways wins ,no matter how hard we resist

  26. #17
    Respected alanjg007's Avatar
    Join Date
    Dec 2011
    Posts
    2,311
    Post Thanks
    Chats
    0
    Rep Power
    72
    could you not batch change them to jpg? It could be a lame attempt to pretend to be an encryption virus. Just renames them to something obscure. try one file and rename it to .jpg. i do this quickly by opening winrar. and naviagting to the file and hit rename. JUst rename the bit after the file name. Sure there are better programs, but for our test winrar will do.
    "Every normal man must be tempted at times to spit upon his hands, hoist the black flag, and begin slitting throats." -- H.L. Mencken

    "The more I learn about people, the more I like my dog" - Carl Jung

    Nexus 7 wifi 32gb 1st Gen XenonHD-4.4.2 Build 1
    HTC one x cm-11-20140205-NIGHTLY-endeavoru

  27. Thanks notanotherone thanked for this post
  28. #18
    Retired Grumpy Grandad notanotherone's Avatar
    Join Date
    May 2006
    Location
    not far from you
    Posts
    6,915
    Post Thanks
    Chats
    589
    Rep Power
    68
    ok tried that it didnt work ,dont get me wrong it changed it to jpg file but didnt show , im just wondering ,you posted a file recovery tool before to me would that work???
    wii #5344 2071 8397 4304
    Hidden Content
    Trust me the devil allways wins ,no matter how hard we resist

  29. #19
    Respected alanjg007's Avatar
    Join Date
    Dec 2011
    Posts
    2,311
    Post Thanks
    Chats
    0
    Rep Power
    72
    Hidden Content Originally Posted by notanotherone Hidden Content
    ok tried that it didnt work ,dont get me wrong it changed it to jpg file but didnt show , im just wondering ,you posted a file recovery tool before to me would that work???

    if its encrypted, no a file recovery thing wont work but at this moment in time you have nothing to lose? I'd give it a go and I hope i'm wrong when i say that my understanding of the the ransomware issue is that they encrypt the data, probably 128/256 bit and no normal way to unencrypt without the original key!

    My suggestion above was if the virus was a cheats ransomware where they pretended to encrypt the data.

    If you've taken photos with your phone you might find that they have been backed up online somewhere. This might not get them all back but some?
    "Every normal man must be tempted at times to spit upon his hands, hoist the black flag, and begin slitting throats." -- H.L. Mencken

    "The more I learn about people, the more I like my dog" - Carl Jung

    Nexus 7 wifi 32gb 1st Gen XenonHD-4.4.2 Build 1
    HTC one x cm-11-20140205-NIGHTLY-endeavoru

  30. Thanks notanotherone thanked for this post
  31. #20
    Respected digdug's Avatar
    Join Date
    Feb 2011
    Location
    There's no place like 127.0.0.1
    Posts
    346
    Post Thanks
    Chats
    0
    Rep Power
    95
    You could try to view one of the files with a hex editor and see if its still an image or if its been encrypted. Viewing the files header should give you a better clue on how to fix
    There are only 10 types of people in the world: those who understand binary and those who don't.

  32. Thanks notanotherone thanked for this post
Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •