chilly55 Posted September 21, 2014 Share Posted September 21, 2014 (edited) My kids, I am assuming, did something that allowed a ransomware program to infect our family computer. I've not seen this extension before and am looking for help on identifying it. All infected files are typical text or picture files. Each infected file now has the extension .pqeyqzm added to each file. Files are now encrypted by CTB-Locker. Below is the photo file that gives information to acquire a key. Any help is appreciated. Bill Edited September 21, 2014 by chilly55 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted September 21, 2014 Share Posted September 21, 2014 Perhaps: http://www.bleepingcomputer.com/virus-removal/ctb-locker-ransomware-information Quote Link to comment Share on other sites More sharing options...
chilly55 Posted September 21, 2014 Author Share Posted September 21, 2014 Thank you. I did a search but wasn't able to locate this particular link. Much more info in just this one link than all of the others I found. Thanks again, Bill Quote Link to comment Share on other sites More sharing options...
securitybreach Posted September 21, 2014 Share Posted September 21, 2014 Not a problem Bill and good luck removing the garbage Quote Link to comment Share on other sites More sharing options...
goretsky Posted September 22, 2014 Share Posted September 22, 2014 Hello, Recommend checking with your anti-malware vendor's technical support department to see if they have a decryptor. Regards, Aryeh Goretsky Quote Link to comment Share on other sites More sharing options...
chilly55 Posted September 24, 2014 Author Share Posted September 24, 2014 I've been able to recover (backups) or rebuild files that were affected except for 2 important files. For some reason I never backed up an automotive program or my savings bond program. I can rebuild the savings bond file, but the automotive program file is a different story. "Hello, Recommend checking with your anti-malware vendor's technical support department to see if they have a decryptor. Regards, Aryeh Goretsky" I use Malewarebytes to find and delete maleware, but I don't use an active scan program aside from NAV. You think Malewarebytes would have a decryptor? I'll give them a shout and see what they say. Never thought to do this. Thanks again, Bill Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted September 26, 2014 Share Posted September 26, 2014 What antivirus program are you using? Often they have some anti-malware components even if not as good as Malwarebytes Anti-Malware. But you might want to read this article: http://www.technibble.com/cryptolocker-update/ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.