Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with helpme@freespeechmail.org virus


  • Please log in to reply
6 replies to this topic

#1 pamir

pamir

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:01 PM

Posted 13 November 2015 - 04:08 AM

Hello colleagues,

 

I have been infected with helpme@freespeechmail.org virus - all documents and images are crypted. My question is how to remove the virus and how to protect the PC from it?

 

The only way I can imagine the virus can enter is throuh icq program but I am not sure.

 

I have resistalled windows, scanned the PC with Malwarebytes, ESET and McAffee and no success.

 

Please advise me how to remove the virus (not to decrypt files)!

 

Attached File  Addition.txt   31.35KB   0 downloads



BC AdBot (Login to Remove)

 


#2 pamir

pamir
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:01 PM

Posted 13 November 2015 - 05:01 AM

In addition: I have just run MalwareBytes from SafeMode and it removed one threat:

Trojan.FileCryptor.Trace from location ...Start Menu\Programs\Startup\Recovery.bmp

 

However I am not sure that this is the only one threat.



#3 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,230 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:03:01 AM

Posted 13 November 2015 - 05:04 AM

Please read this article

 

http://www.bleepingcomputer.com/news/security/new-helpme-freespeechmail-org-ransomware-can-be-decrypted-for-free/



#4 pamir

pamir
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:01 PM

Posted 13 November 2015 - 06:17 AM

 

 

Hi TsVk!, I have read this many times, it is for decrypting files. I do not want the files decrypted, I need to remove the virus itself.



#5 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,230 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:03:01 AM

Posted 13 November 2015 - 06:54 AM

Apologies for not reading your thread correctly, at this stage I am a trainee pamir and cannot help you in this forum with malware removal.



#6 pamir

pamir
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:01 PM

Posted 13 November 2015 - 08:47 AM

Tried also HitmanPro without success.



#7 pamir

pamir
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:01 PM

Posted 19 November 2015 - 11:52 AM

Update on the topic - I have tried the Kaspersky RakhniDecryptor. It worked about two days and the result was that the computer freezed.

 

So I have formatted the disk - all partitions - and made a clean installation of Windows. This is the only way I have found to solve the problem.


Edited by pamir, 19 November 2015 - 11:52 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users