I am using Windows 7 and all my files, documents,and photos have become corrupted they have all been modified on the same date and all around the same date and time (not by me) I have tried a system restore I can restore on the same date the modifation took place but cannot find a time before the event took place.
corrupted files
- Thread starter Franciszek
- Start date
- Joined
- 21 Sep 2011
- Messages
- 4,768
- Reaction score
- 1,130
- Country
If you think you may have suffered an attack you should run a full system scan with your security suite, if that fails you can try downloading malwarebytes.
Link https://www.malwarebytes.com/
Use the Free version that's as good for scanning and unlike the paid for will not clash with your current security suite.
If you don't trust links just google it.
Link https://www.malwarebytes.com/
Use the Free version that's as good for scanning and unlike the paid for will not clash with your current security suite.
If you don't trust links just google it.
D
Doggit
Have you visited any dodgy sites, or opened up attachments etc. And are you using any AV software. It sounds as though you may have had a rensomeware virus, but you would have had a message telling you how to pay to get the corruption reversed.
Thanks for both replies I have been attacked by RSA4096 will malwarebytes cure the virus or is just to detect? I have researched how to remove manually looks a bit tricky
- Joined
- 21 Sep 2011
- Messages
- 4,768
- Reaction score
- 1,130
- Country
Not sure if it will clear the virus at this stage but no harm in trying, what security software were you using? I think some like Norton do a removal service.
Sorry to hear you have been caught out hope all goes well for you. I won't comment on what I think of the people that do this, it would get me thrown off the site!
Sorry to hear you have been caught out hope all goes well for you. I won't comment on what I think of the people that do this, it would get me thrown off the site!
Im using Avast The Malware did not remove the virus bit it did get rid of some of the other threats I had
- Joined
- 21 Sep 2011
- Messages
- 4,768
- Reaction score
- 1,130
- Country
Sorry it did not clear the virus, I can't recommend any virus removal services, but it would seem the safest and logical route to contact one of the well known names like Norton McAffe or Kasperskey and use a paid for service.
I think that's what I would try.
I think that's what I would try.
D
Doggit
As you obviously need some AV software, I'd pop into Currys or Tesco for Norton, and see if you can clear it by just running the software from the CD drive. You may still need to resort to the paid services, but in the end, they'll suggest you restore from backups. It's possible that they have a virus undo corruption tool, but I doubt it.
There are a lot of hits for removal of RSA4096 on google, but be careful in case they do more long term harm than good.
There are a lot of hits for removal of RSA4096 on google, but be careful in case they do more long term harm than good.
Is the data corrupted / encrypted or have the file names been changed to make them invalid ?
Its the RSA 4096 which is a cryptolocker.
Follow these simple steps which contain pictures on each step.
http://www.removemalwarevirus.com/easy-steps-to-get-rid-of-rsa-4096-from-your-computer
(Updated as i forgot the link)
Any problems please post.
Follow these simple steps which contain pictures on each step.
http://www.removemalwarevirus.com/easy-steps-to-get-rid-of-rsa-4096-from-your-computer
(Updated as i forgot the link)
Any problems please post.
Last edited:
D
Doggit
Looks like the virus has got the simple steps as well.
Doggit. Do you know how a virus works ? Do you know how they get around a/v's ? Very simple to do and not even Nod32 or Kaspersky could detect them.
RSA 4096 is an Encryption method and is very hard to crack. There are some Decryption tools out there that will do it, but it helps if you have a background in encryption.
I am no fan of these skript kiddies who are recompiling these virii and making a few changes to the code to make sure that it is undetected.
RSA 4096 is an Encryption method and is very hard to crack. There are some Decryption tools out there that will do it, but it helps if you have a background in encryption.
I am no fan of these skript kiddies who are recompiling these virii and making a few changes to the code to make sure that it is undetected.
D
Doggit
I don't think you understood the comment Neil; there were no steps in your earlier post to follow.
But yes, having started in computers over 40 years ago, I do know how virus's work, and I'm still not convinced that all of them come only from the criminal environment. It is a never ending battle between the 2 camps, and the AV community will always lag behind, but better to have something installed, rather than nothing.
But yes, having started in computers over 40 years ago, I do know how virus's work, and I'm still not convinced that all of them come only from the criminal environment. It is a never ending battle between the 2 camps, and the AV community will always lag behind, but better to have something installed, rather than nothing.
My apologies for misunderstaning. I started off learning VB, then C and started writing a load of virii many years ago, but got bored. The majority of the virii you see that have hidden for years have been written by teams and i have seen this on IRC over the years.
I have Eset's NOD installed with no firewall in place as i monitor my traffic coming in and can quite easily null route anyone who is trying to pentest me for a bug etc.
And OOPS. I just noticed that i did indeed forget to post the link to the removal help. (Silly Me).
http://www.removemalwarevirus.com/easy-steps-to-get-rid-of-rsa-4096-from-your-computer
D
Doggit
Don't worry Neil, I'm now getting old in the tooth, and I'd love to be up at you're level, but I keep my hand in, and have a pretty broad idea on a lot of aspects. Oddly enough, having just gone in the removal link, Malware's blocked the site, and having tried some other sites, it looks as though Malware is trying to stay top dog.