ok i was looking for igo8 maps and i downloaded what i thot was a new setup ,ive had to turn my computer off cause i dont know how to cure it ,ive run malwarebytes and a few 9thers but cant seem to get rid of it ,i keep getting this file in my pictures and other things ,it starts hell your files have been decryted ,to encrypt them send an email to .......... and so on and on ,it ends if your not prepared to pay dont send an email ,i assume its a ransomeware hack ? i tried a removal tool but didnt change anything i tried a system restore , also tried running malware bytes in safe mode it found nothing ,its mostly my pictures i cant see every time i open my photo files it has a document in there with 73i87a at the end ,and it also says ENCRYPTED ,yes i could wipe it but its my photos i want ,its affected 2 external hard drives he only problem is that the dam thing changed or corrupted my photos on my extrnal hard drives also all my music wont play ,on my photos side it says the file cant be opened it may be corrupted or changed and photo programe needs to be updated ,but its all up to date ,iit mite stil,be around ,i also tried trend micro wnd malware bytes , but they both found nothing after i ran combofix ,but i cant seem to run it on my external hard drives as its seems to be a command programme im so pissed off with this dam thing ts changed my pictures and all my music with this extention 73I87A File (.73i87A) ive run trend micro trend anit threat software and nothing has been found now ,done it on all my stuff ,just the extention files have been changed Ive tried panda security ,infraview ,trend micro ,malwarebytes i dont mind about the music but its the photus of my late mother and father and some of my grandaughter just hoping some one can advise
-
-
You do this at your own risk
If you can get any info from 'the tool' and if you can get into your files, it will take a lot of deep searching, but if you find a file somewhat related to 'the tool', right click on it and see if you can rename it. Remember where the file is and the new name you gave it. Return to your photos to see if anything is changed and if so by renaming that file you hopefully will have prevented it from opening it.
There may be more replies to your problem so wait awhile to consider them.
The above method released me from the police scam going around a few years ago. Best of luck.
Go back into where the renamed file is and delete it.Official Meat-Head Fan Club Member (member number 14300) -
ok found about 95% of my pictures on an old iphone plus an ipod theres about 5% of important pictures i can find the music i can get back np but im going to have to live with that ,im thinking of doing a fresh install of both hdd and computer , question is there a way i can save my book marks from fire fox?Comment
-
ok i found another hdd that wasnt connected and it had loads of back up files and pictures music and everything,ive lost about 12 pictures that are really important to me ,i have done a complete new build and wiped all the hddComment
-
Glad you got your files back.. this type of malware has been prevalent for about 3 years now and its only getting better.
Best thing to do us to take backups regularly and dont have them connected to the PC or these get encrypted at the same time. When the encryption is done the malware removes itself to prevent you finding samples. Once encrypted there is no way to get your files back. You could pay the ransom.. but you are not guarantee'd to get your files back even then and all you are doing in reality is funding development of the next version
This may help:
https://kc.mcafee.com/corporate/inde...ale=en_GB&bk=n
At least it will provide a little bit more of an insight as to how these works.Comment
Comment