Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I ask for Malware removal assistance, please help.


  • This topic is locked This topic is locked
3 replies to this topic

#1 unfogiven19

unfogiven19

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 31 March 2015 - 12:41 PM

My problem is that all my files are MY LIFE , The Pictures of my familly since 2002 .. and everything and the most important Thing is MY DISSERTATION ( I'm a MASTER OF ART STUDENT ) and all the research that took me 2 years which is in *.Doc is crypted ,, imagine a research contain 500 pages is gone .... Imagine .

All I want is that my PC , return to normal and all my files .

I will do anything , just help me , because my job , work , life is on the edge.

Thank you.

Steps taken in order to remove the infection: I install full version of SpyHunter 4.0 and fix the threats , yet nothing happend , Files won't resored .. I installed ShadowExplorer but I didn't work on my computer ... and tired Restore Computer in Safe mode and normal mode but there's no POINT of Restoration in my computer ... and finaly I tried this FRST can Log and I uploded the Files so you can see them. What scan logs have you uploaded to this post?:
  • FRST scan log

Hi , This Virus appears in my computer ask me to pay 500$ .. clear.png well in my country 500$ is a fortune, I can't access to my JPG files nor my Docx or TXT files In all my HARD DISKS ... the folders contain those 4 files of the virus named :

HELP_DECRYPT .txt
HELP_DECRYPT.png
HELP_DECRYPT.html

Talking about decrypting my files with RSA-2048 using CryptoWall 3.0.
-------

My problem is that all my files are MY LIFE , The Pictures of my familly since 2002 .. and everything and the most important Thing is MY DISSERTATION ( I'm a MASTER OF ART STUDENT ) and all the research that took me 2 years which is in *.Doc is crypted ,, imagine a research contain 500 pages is gone .... Imagine .

All I want is that my PC , return to normal and all my files .

I will do anything , just help me , because my job , work , life is on the edge.

Thank you.

------------------------------------------

 

look I'm thinking not to my self , but to everyone infected with this virus ..

I tried .. rannohdecryptor.exe .. I selected a crypted file then I choosed the same file Uncrypted but nothing happend clear.png
2 ... I runned CryptoOffense & te94decrypt but both didn't locate the KEY .
3. It ALL ABOUT THE KEY !!! however ,,, I sure the key is in the PC ... why that ??

because when you disconnect .. and try to Use their FREE Unlocker before paying ... it actually unlock a file , so I'm sure the KEY is in the PC , but where I don't know !!!

an other question !! This virus delete all restoration system files ... Do you know what is the extension of those files ?? maybe if we use a EaseUS Data Recovery Wizard 7.5 maybe It wil Restore them and actually we can restore the system !!

Trust me man , there's a way !! NOTHING IS IMPOSSIBLE ... The evil never win against the Good !

 

I found them in the REGEDIT ... however !! I don't know what to do clear.png if I modify them what should I write ?

 


Now ... After lot of research and tools, I won't give up , Giving up was made to losers ..

I tried ListCWall ... and I found them in the Regedit !!!

however , what does the blue ICON mean in regedit ??

I'm sure there's a way if we change the ( donnée binaire ) in french ... see screen shot to undertand ... I sure they will get back to normal state ... !!

This Is a virus and every virus has a solution !! we can change the world !! we can find it !

USE YOUR MIND ! all for one and one for all



BC AdBot (Login to Remove)

 


#2 unfogiven19

unfogiven19
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 01 April 2015 - 01:41 PM

no asnwer ??



#3 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,648 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:52 PM

Posted 02 April 2015 - 12:33 PM

Hi,

:welcome:

I understand your situation but there isn't much we can do regarding this situation. The crypted files are gone forever unless there is time and you wish to take the extreme measure that is paying the ransom. Do note that even paying the ransom does not guarantee the revival of your lost files.

If you wish, we can clean the system of the remnants and take precautions so that you can avoid such tragedy in the future.

Regards,
Valinorum

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 


#4 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,648 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:52 PM

Posted 08 April 2015 - 12:19 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users