Jump to content

Recommended Posts

First of all I am really sorry for my bad english, since it is not my main language.

So yesterday (May 01) I using my computer like usual with nothing wrong, I turned it off and went to sleep. When I woke up my login image was gone, and all of my desktop files and some other ones were completely unopenables and had a realy weird name (later i discovered it was this type of name: .id_<id>_gebdp3k7bolalnd4.onion._' ), I spent all time I could doing some research, passsing scans and installing some anti viruses, some detected small stuff, some detected nothing. I have absolutely no idea how I was infected and therefore I have no way to check if I solved the problem. I consulted these following sites to inform me about what was going on with my computer:

These ones I used to get information once I realized the type of virus:   http://sensorstechforum.com/onion-file-virus-restore-files/   http://sensorstechforum.com/new-dharma-ransomware-remove-restore-onion-encrypted-files/   https://www.enigmasoftware.com/cryransomware-removal/  

http://www.2-spyware.com/remove-onion-file-extension-virus.html (from this site I got Reimage and scanned my computer, without the external drives, since I thought they were not infected and was afraid to plug and infect them, then I deleted 7 malwares manually that the program found, but I don't think they were the ones since I checked all of them on this site https://www.virustotal.com/en/ and found none to be recent, there was even one of my steam games application listed as a malware which is the only one out of the 8 that i have not deleted, even though it was probably not those 7 I still deleted because I am quite worried and desperate)  

Then there was this site that made me believe there was actualy a solution other than formatting and losing a lot of my important files (http://blog.emsisoft.com/2017/05/01/remove-cry128-ransomware-with-emsisofts-free-decrypter/ , which lead me to this other one (http://blog.emsisoft.com/2017/02/16/how-to-remove-ransomware-the-right-way-a-step-by-step-guide/) where I followed step by step except for the part of actually using the decrypter (by the way i could not find any event logs on my 2 users of this computer, none of them had the option of Remote Desktop Control on either so I believe I got this virus from something I should not have downloaded).

I them found the Malwarebytes program after a recomendation from a friend, installed it and quarantined all the 279 threats, 3 of them I believe were malwares, I already did another scan and found 0 threats (I am adding the .txt of the first scan on the files as well). Then I found this topic on the forum (https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/), I came here in order to try and change my situation, to find some help, and decided to make this topic. So what I wish is help to know if I am doing somethign wrong, if I should do some other type of scan and if I can know if I am still infeceted with this malware or if i managed to delete it. And after knowing that I got rid of the malware I intend to use the decrypter and hope to save my files.

I realy wish for someone to help me and I want to thank you for reading all of this. Sorry for my poor english again, I hope you guys can understand me. I wait eagerly on a responde to help me solve my problem. Feel free to ask further questions that can help solve it as well of course.

FRST.txt

Addition.txt

Malwarebytes scan result.txt

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.