Hey Guys,
My sister's lap top has some kind of crypto virus. I've tried to fix it, going on forums and stuff...no joy. So i said I'd ask the brain squad at SOSH. The virus hass encrypted all her files as far as I can see. My sister uses the lap top to work from home, so there's spreadsheets; budgets; reports, all sorts of stuff, some backed up but a lot isn't. As well as this hundreds of photos from her time in the USA a couple of years ago.
Her fiance emailed me the text file that you get with this virus and i've pasted it below omitting the links (cos i is scared) - basically they - whoever they may be - want some money, and credit card details to provide the encryption key, to unencrypt these files.
What i have done so far: Ran scans with Avast and Malware bytes; looked in application data for the offending file, but no joy. So I'm kinda stumped. If any one can help, I'd be most grateful. Here's the text file, cut and pasted below. (in order to tr and fix the problem i cut and pasted the secnd line below into google, looking for forums/solutions etc...but no joy as of yet. Been at this much of the day and had to give up as the problem exceeds my knowledge. The operating system on her laptop is Windows 7
All files including videos, photos and documents on your computer are encrypted by CryptoDefense Software.
Encryption was produced using a unique public key RSA-2048 generated for this computer. To decrypt files you need to obtain the private key.
The single copy of the private key, which will allow you to decrypt the files, located on a secret server on the Internet;
the server will destroy the key after a month. After that, nobody and never will be able to restore files.
In order to decrypt the files, open your personal page on the site .............................. and follow the instructions.
1. You must download and install this browser ...........................................................
2. After installation, run the browser and enter the address: rj2bocejarqnpuhm.onion/bYj
3. Follow the instructions on the web-site. We remind you that the sooner you do, the more chances are left to recover the files.