It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Need help with CryptoWall 3.0 virus.
page: 13
share:
Hope someone can help my system has become infected with CryptoWall 3.0 virus.
So far i have,
Restarted Windows 8 in safe mode with networking
Run SUPERantispyware Professional to remove the virus/maleware
Restarted Windows 8 in safe mode with networking again
Run SUPERantispyware Professional seems to have removed the virus/maleware
Restarted Windows 8 and run my Malewarebytes Premium, seem to be fine returning no results after a full scan
Tried to do a system restore but for some reason there is no longer a restore point available, probably due to the virus
Here is the problem, CryptoWall 3.0 virus has deleted all my original txt and image files and replaced them with .MPATTTA file format. This is over multiple harddrives(6 drives), even external drives so i have essentially lost all my children photographs plus all other data unless i am willing to pay the extortion fee of around $1000. I know this is a scam can anyone tell me how to resolve the problem please?
I would be eternally great-full.
So far i have,
Restarted Windows 8 in safe mode with networking
Run SUPERantispyware Professional to remove the virus/maleware
Restarted Windows 8 in safe mode with networking again
Run SUPERantispyware Professional seems to have removed the virus/maleware
Restarted Windows 8 and run my Malewarebytes Premium, seem to be fine returning no results after a full scan
Tried to do a system restore but for some reason there is no longer a restore point available, probably due to the virus
Here is the problem, CryptoWall 3.0 virus has deleted all my original txt and image files and replaced them with .MPATTTA file format. This is over multiple harddrives(6 drives), even external drives so i have essentially lost all my children photographs plus all other data unless i am willing to pay the extortion fee of around $1000. I know this is a scam can anyone tell me how to resolve the problem please?
I would be eternally great-full.
a reply to: andy06shake
Just Google it. Latest result was posted 2 days ago on
Deletemalware.blogspot.com
Not sure if that will help.
deletemalware.blogspot.com...
Just Google it. Latest result was posted 2 days ago on
Deletemalware.blogspot.com
Not sure if that will help.
deletemalware.blogspot.com...
edit on 15-1-2015 by Bigburgh because: (no reason
given)
a reply to: Bigburgh
The virus/maleware is now removed(I think) its my family and children's picture and video files (18+Gb) i cannot seem to restore to there original. Im attempting to use Shadow Explorer but its not looking good. Cheers for the input all the same.
The virus/maleware is now removed(I think) its my family and children's picture and video files (18+Gb) i cannot seem to restore to there original. Im attempting to use Shadow Explorer but its not looking good. Cheers for the input all the same.
With cryptolocker 2 it was possible to use a deleted file recovery program to recover the files. I don't know about version 3.0
The files on your pc now are not the originals, the originals were deleted. They are copies made by cryptolocker and encrypted. I hope you can recover your data, If you can, don't forget to make backups from now on though. The very best of luck.
The files on your pc now are not the originals, the originals were deleted. They are copies made by cryptolocker and encrypted. I hope you can recover your data, If you can, don't forget to make backups from now on though. The very best of luck.
a reply to: Jonjonj
That's the thing I had multiple copies spread over 2 drives, one external but because it was plugged in when the virus struck its got them all. Looks like the current itteration of the virus 3.0 is only a few days old so I have not lost all hope just yet.
That's the thing I had multiple copies spread over 2 drives, one external but because it was plugged in when the virus struck its got them all. Looks like the current itteration of the virus 3.0 is only a few days old so I have not lost all hope just yet.
a reply to: andy06shake
It's a terrible thing these coders are doing. As long as the original files were not written over by a reboot and subsequent overwrite by the virus I would be hopeful of recovering a lot of the files. As long of course as cryptolock 3 isn't different substantially.Try with a free recovery program first, if it at least detects them, but can't actually recover them, a paid program like Stellar Phoenix, data rescue or r studio might work. Fingers crossed.
It's a terrible thing these coders are doing. As long as the original files were not written over by a reboot and subsequent overwrite by the virus I would be hopeful of recovering a lot of the files. As long of course as cryptolock 3 isn't different substantially.Try with a free recovery program first, if it at least detects them, but can't actually recover them, a paid program like Stellar Phoenix, data rescue or r studio might work. Fingers crossed.
edit on 15-1-2015 by Jonjonj because: (no reason given)
a reply to: andy06shake
Even if you payed the extortion fee it won't save your computer. Sounds like the FBI hack.
Even if you payed the extortion fee it won't save your computer. Sounds like the FBI hack.
Just a thought. Sometimes simple works. Try just changing the file type back to what it should have been on a couple of the photos
P
P
cryptowall 3.0 is the same as 2.0 minus slight changes in some file names and the time given before the price change to unlock your files.
From what I have seen if you do pay the money as requested and follow the steps outlined you will get access to a program and key to unlock all of your files.
Other than that, shadow volume copies are going to be your best bet since your backups are infected.
From what I have seen if you do pay the money as requested and follow the steps outlined you will get access to a program and key to unlock all of your files.
Other than that, shadow volume copies are going to be your best bet since your backups are infected.
a reply to: Vodo34861
I'm not silly enough to think providing the bastards with any more of my information would resolve the issue.
Edit: Virus is back, going with a new copy of windows, shadowcopy not helping ether.
I'm not silly enough to think providing the bastards with any more of my information would resolve the issue.
Edit: Virus is back, going with a new copy of windows, shadowcopy not helping ether.
edit on 15-1-2015 by andy06shake because: (no reason
given)
a reply to: andy06shake
Here's some info on it bro I hope this helps in your search for an answer, I will look around for more things that may help you.
i saw your post on techspot as well, I sorry to read the reply there
If I read correctly the malware copies your information encrypts it then deletes the original leaving you with a file that is insanely encrypted. This does not look good bro.
Here's some info on it bro I hope this helps in your search for an answer, I will look around for more things that may help you.
i saw your post on techspot as well, I sorry to read the reply there
If I read correctly the malware copies your information encrypts it then deletes the original leaving you with a file that is insanely encrypted. This does not look good bro.
edit on 15-1-2015 by Brotherman because: (no reason given)
a reply to: andy06shake
mate, you should switch to Mac so you don't have to deal with this stuff any more
mate, you should switch to Mac so you don't have to deal with this stuff any more
Adobe flash might be to blame they have just released a patch for a flaw which was used in a cybercrime kit sold online and used in ransom demands
good luck
good luck
a 17-year-old schoolboy from Windsor, Berkshire, hanged himself after receiving a bogus email appeared to be from police claiming that he'd been
spotted browsing illegal websites and that a fine of 100 pound needed to be paid in order to stop the police from pursuing him.
thehackernews.com...
This is not first time when Ransomware has become deadly reason to take someone’s life. Over a year ago, a Romanian family faced same Police Ransomware threat and the Romanian victim hanged himself and his four-year-old son, scarring that his young son would pay for his mistake and his life would be spend in the moment of delusion.
thehackernews.com...
This is not first time when Ransomware has become deadly reason to take someone’s life. Over a year ago, a Romanian family faced same Police Ransomware threat and the Romanian victim hanged himself and his four-year-old son, scarring that his young son would pay for his mistake and his life would be spend in the moment of delusion.
originally posted by: Necrose
a reply to: andy06shake
mate, you should switch to Mac so you don't have to deal with this stuff any more
After exposing three critical zero-day vulnerabilities in Microsoft's Windows operating systems, Google's Project Zero vulnerability research program has revealed the existence of three more zero-day vulnerabilities, but this time, on Apple's OS X platform.
thehackernews.com...
Just an FYI. Once a system has been viruses by such a serous virus, I would suggest backing up your stuff and reformat/reinstall. Otherwise system
integrity is compromised.
new topics
-
New Disney Star Wars Films Failing Test of Time?
Movies: 2 hours ago -
The Cost of True Discipleship—Count the Cost
Religion, Faith, And Theology: 6 hours ago -
population madness
New World Order: 8 hours ago -
Mass UAP events. DC. Machester Airport, UFOs over sub base in CT, Nuke bases.
Aliens and UFOs: 8 hours ago
top topics
-
Unidentified Flying Objects Over U.S. Military Bases in Northeast UK, as of roughly 11 a.m. CST.
Aliens and UFOs: 13 hours ago, 11 flags -
Thanking a rosemary plant
General Chit Chat: 12 hours ago, 6 flags -
Mass UAP events. DC. Machester Airport, UFOs over sub base in CT, Nuke bases.
Aliens and UFOs: 8 hours ago, 6 flags -
Holy Cow! Erm...Six Legged Turkey!!
World Sports: 17 hours ago, 2 flags -
population madness
New World Order: 8 hours ago, 2 flags -
The Cost of True Discipleship—Count the Cost
Religion, Faith, And Theology: 6 hours ago, 0 flags -
New Disney Star Wars Films Failing Test of Time?
Movies: 2 hours ago, 0 flags
active topics
-
population madness
New World Order • 12 • : Xtrozero -
Holy Cow! Erm...Six Legged Turkey!!
World Sports • 7 • : Flyingclaydisk -
V.P. Kamala Harris releases a video and nobody understands why
US Political Madness • 97 • : Xtrozero -
Unidentified Flying Objects Over U.S. Military Bases in Northeast UK, as of roughly 11 a.m. CST.
Aliens and UFOs • 26 • : Flyingclaydisk -
Thanking a rosemary plant
General Chit Chat • 5 • : Daniidoom -
Results of the use of the Oreshnik missile system in Dnepropetrovsk
World War Three • 246 • : Dandandat3 -
New Disney Star Wars Films Failing Test of Time?
Movies • 3 • : Flyingclaydisk -
Vladimir Putin's speech at the meeting of the CSTO Collective Security Council
World War Three • 67 • : Oldcarpy2 -
The Cost of True Discipleship—Count the Cost
Religion, Faith, And Theology • 2 • : nugget1 -
Mass UAP events. DC. Machester Airport, UFOs over sub base in CT, Nuke bases.
Aliens and UFOs • 9 • : ArMaP
3