My comp was recently infected with a virus that turned out to be some version of ransomware. The virus encrypted all my .zip, txt, jpg, ect., files on my computer and wanted me to pay them bitcoins to unlock them. It added a .ctb2 extension on them all which is attributed to a Critroni or CTB Locker variant of these nasty buggers.
I did some googling and it seems that no one was able to decrypt any of the files without paying the ransom for the decryption key (other than some fancy security firm or a tank of researchers, neither of which i have or can afford). I also couldn’t find any successful stories of the files being decrypted even if one did pay. So I made my peace with my personal files and let the clock run out.
While i have no idea how it got on my comp, whether i downloaded some bogus file or opened an infected email, i did notice a strange process running in my task manager that i never seen before called wibbibjj.exe. I noticed this file before the attack happened and was immediately suspicious but after googling i found no match.....which made me even more suspicious. The only reason i can think of now is that the file was just a random generation of letters. In any case, i started ending the process in my task manager and ran AVG, but it didn't find anything suspicious. Not too long after my computer froze up, blue screened and on restart the pop-up message with a counter appeared giving me 72 hours...or blah blah blah. The unmovable pop-up message was directly connected to this mysterious wibbibjj.exe file in my processes now.
This was last week; today AVG actually recognized wibbibjj.exe on startup and "protected" me. After the attack i tried downloading HitmanPro as suggested in some forums but none of the applications(32,64,86) would run from my comp and running them from a USB would make HitmanPro think my trial version was over so i wasn't able to remove any malware it found. I ran AVG scan and it found some "generic.trojan this-and-that but no wibbibjj.exe" so i have no idea if it removed anything associated to this ransomeware business.
Now, I understand i can't get my files back but I would appreciate any suggestions on how to permanently remove anything left over from this virus and future prevention from them. I really would like to avoid wiping my HD or having 6 different anti-virus programs running, but if that’s the case then so be it. Also i can't really afford to be paying 25-40$ for these programs monthly so any free solutions would also be preferable.