You are here
>
Homepage
>
Forums
>
Tech Helproom
>
Malware attack. All text documents and pictures gone

Cookie Options

Contact Forum Editor

Send an email to our Forum Editor:

Your name *

Your email *

Your Message: *

Captcha *

PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom

It's free to register, to post a question or to start / join a discussion

View Forum Rules | Contact Forum Editor

For full functionality of our forum it is necessary to enable Javascript in your browser. If you're not sure about how to do this you will find easy to understand instructions at: http://www.enable-javascript.com

Malware attack. All text documents and pictures gone

KentE

Likes # 0

view KentE's profile

Posted January 21, 2012 at 6:49PM

Last night I clicked on a video on some site I ended up on. The AVG came up with a window that a virus had been stopped and suggested I quarantined it or whatever. I clicked as I have in the past OK for it to go ahead and handle the threat and was about to click "back" in the browser, when the PC started to shut down and restart. It had never done that before when AVG antivirus stops a virus. As it starts up the screen is black and just a few of the icons appear and in the wrong place. Then I get a pop up that looks like a windows utility for scanning for problems. I clicked scan and a whole list of all kinds of disastorous faults appear (memory, hard disc, programs, etc. all with gorss faults). When the "scan" is completed a "pay now" button appeared. First now did I realize what had happend, so I pulled the plug on the router (too late of course). That "Utility window" remained on the desktop and nothing could remove it. If I restarted the same thing happend again. In start menue all the Right hand stuff like Computer or Documents were gone. I ran a scan in AVG but nothing came up. So I started the PC in safe mode and did a System Restore a few day back. When I started it up again the malware seemed to be gone and the PC back to normal. It was now late and I went to bed. Today I just noticed that most files are gone from both harddiscs in the PC. I have got music and some other format files, but all pictures, all documents, videos etc seems to be gone.

I have a backup but it is some weeks old and I did a revamp of my website and have written a few documents that I rather not lose. Is there a way to recover the files this malware most likely locked up until I pay the ransom?

Any advice for someone that is not a computer genius?

Fruit Bat /\0/\

Likes # 0

view Fruit Bat /\0/\'s profile

Posted January 21, 2012 at 7:14PM

name of scanning software asking you to pay?

Input Overload

Likes # 0

view Input Overload's profile

Posted January 21, 2012 at 7:20PM

The files haven't gone they are just hidden hidden by this malware, it puts most or files on the PC with the hidden attribute. You need to know the name of the ransom-ware though to remove it.

dagbladet

Likes # 0

view dagbladet's profile

Posted January 21, 2012 at 7:33PM

KentE

This sounds like something that happened to my computer after one of the cherubs (honest) clicked on something. Firstly, don't panic, your stuff isn't gone, it's just hidden. Next have a look at the link below and see if that is the rogue 'utility programme' that you have. then follow the instructions on the link. All safe, comes from the 'Bleepingcomputer' site.

http://www.bleepingcomputer.com/virus-removal/remove-windows-recovery

robinofloxley

Likes # 0

view robinofloxley's profile

Posted January 21, 2012 at 7:33PM

Bleeping computer unhide.exe may help

Also run a Malwarebytes scan (even though Restore seems to have worked)

Under no circumstances pay any money to these or other fraudsters. Paying by debit or credit card leaves you open to theft.

dagbladet

Likes # 0

view dagbladet's profile

Posted January 21, 2012 at 7:41PM

I also discovered that those that were unfortunately misguided enough to pay for the 'solution' are sent a key which actually does sort the problem out.

If you are suffering from the virus/malware in my link above the key, which is the same for everybody is 1203978628012489708290478989147.

Once entered your PC will look as it did before and it will be easier to get in and remove the rougue.

KentE

Likes # 0

view KentE's profile

Posted January 21, 2012 at 10:21PM

I guess I have to undo the last Restore to find out who this was. I do not remember that there was a name, and it had the appearance of a Microsoft window. The Malwarebytes scan came up clean. So I guess I have to now undo the restore and deal with it from there. It did not look as fancy as the "Windows Recovery" but pretty much said and did the same thing. So it might be another version.

Any better idea that does not involve undoing the restore, as it was next to impossible to do anything with the PC in that state.

robinofloxley

Likes # 0

view robinofloxley's profile

Posted January 21, 2012 at 10:28PM

I would advise don't undo the restore. Concentrate on the unhiding.

The name doen't matter if it's mostly gone.

KentE

Likes # 0

view KentE's profile

Posted January 21, 2012 at 11:28PM

Yipeee!! Unhide.exe did the job! Thank you so much for your help.

Lots of Love

Kent

Forums
>
Tech Helproom
>
Malware attack. All text documents and pictures gone

Reply to this topic

This thread has been locked.

Check out PC Advisor's other tech forums

Send to a friend

Email this article to a friend or colleague:

Recipient's name *

Recipient's email *

Your name *

Captcha *

PLEASE NOTE: Your name is used only to let the recipient know who sent the story. Both your name and the recipient's name and address will not be used for any other purpose.