|
Post by lbnoire on Jan 25, 2015 18:09:17 GMT -8
Fixlog for your review. Thank you.
Fixlog.txt (10.33 KB)
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 25, 2015 18:30:00 GMT -8
Uninstall ESET Online Scanner Then The TEMP folders and caches. Download TFC www.bleepingcomputer.com/download/tfc/ the instrctions are on that page below the blue download button and screenshots. Quads
|
|
|
Post by lbnoire on Jan 25, 2015 21:36:06 GMT -8
Please clarify, I couldn't locate the ESET Online Scanner to uninstall. I do have the ESET txt from notepad...
Also, should I delete TEMP folders and caches, and then download and run TFC from bleepingcomputer.com/download/tfc./ ?
Thanks.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 25, 2015 21:40:01 GMT -8
Use the program I linked
Quads
|
|
|
Post by lbnoire on Jan 26, 2015 17:32:26 GMT -8
I ran the last program as directed. Please advise on next step. Thanks.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 26, 2015 17:34:25 GMT -8
Tools and Quarantines we used to be removed Please download DelFix by Xplode to your Desktop. toolslib.net/downloads/viewdownload/2-delfix/Double-click to run the program; Note: Windows Vista/7/8 users right-click and choose Run as administratorMake sure the Remove Disinfection tools is ticked / selected in the list Click RunA log will be opened after the operation is finished Copy and Paste it in your next reply Quads
|
|
|
Post by lbnoire on Jan 26, 2015 18:56:52 GMT -8
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 26, 2015 19:10:40 GMT -8
You are free to go on your merry way. You are now fixed / Solved.
Quads
|
|
|
Post by lbnoire on Jan 26, 2015 21:26:09 GMT -8
Thank you. Could you recommend a site where I might search on how to recover the corrupted files? Again, thank you.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 26, 2015 21:40:08 GMT -8
You don't get it the Encrypted files are GONE!!! can not be opened useless, as i said, They are not corrupt
"Unfortunately at this time there is no way to retrieve the private key that can be used to decrypt your files without paying the ransom on the CTB Locker Site. Brute forcing the decryption key is not realistic due to the length of time required to break this type of cryptography. (absolute donkey's years) Also any decryption tools that have been released by various companies for other malware will not work with this infection."
people like myself run malware on our systems to figure out malware of all types and so we what is done to what and we know this one uses RSA /AES which has a key toooooo big to decrypt, if you start a computer brute force decrypting now you will be dead before it is finished (and your kids etc)
Quads
|
|