Jump to content

Ransomware HOW DO I FIX IT?!!!


Snoopydrew
 Share

Recommended Posts

I have no idea what the hell this is. I got a court appearance letter in my email and ended up getting ransomware. I am somewhat tech savvy and I have no idea what in the hell this crap is. I tried malwarebytes and it did nothing. I get this message every time I restart my PC. This is a VERY expensive PC and I do not want anything to happen to it. Please god help me fix this so I do not have to deal with this crap anymore. 

 

ATTENTION!
 
All your documents, photos, databases and other important personal files
were encrypted using strong RSA-1024 algorithm with a unique key.
To restore your files you have to pay 0.46223 BTC (bitcoins).
Please follow this manual:
 
1. Create Bitcoin wallet here:
 
 
2. Buy 0.46223 BTC with cash, using search here:
 
 
3. Send 0.46223 BTC to this Bitcoin address:
 
      1C762DdAq86bcPvpCuPXneeM7nCLmoRUD9
 
4. Open one of the following links in your browser to download decryptor:
 
 
5. Run decryptor to restore your files.
 
PLEASE REMEMBER:
 
      - If you do not pay in 3 days YOU LOOSE ALL YOUR FILES.
      - Nobody can help you except us.
      - It`s useless to reinstall Windows, update antivirus software, etc.
      - Your files can be decrypted only after you make payment.
      - You can find this manual on your desktop (DECRYPT.txt).
 
Link to post
Share on other sites

No, you got a JavaScript masquerading as a document ( DOC ) whose file name contained "court appearance" whose email body may have indicated something to that effect as well.  It was a Social Engineering "con" where the hook was dealing with the legal system, the Court.

If you did not see the .JS extension it is because "Hide Extensions for Known File Types" is enabled when it should be disabled and the file uses a Double-Extension [ .doc.js ].  Then you would have seen the file name such as...

Court_Notification_00914202.doc.js
 

To show the "Extensions for Known File Types" ...

Control Panel --> Folder Options --> View

Uncheck the box for - "Hide Extensions for Known File Types"

Then hit "Apply"

 

You can seek assistance with removing the ransomware and any other malware in the following sub-forum;  Malware Removal Help

Edited by David H. Lipman
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.