I haven't used any kind of antivirus software during all the years I have been using Win XP / 7. I have just used common sence and not opened executable files from unknown or shady sources. It has been working just fine. And no, I haven't been infected without my knowledge since I have been running MBAM and other malware scans maybe once a year and I have never had any shit on my computer.
However yesterday I was browsing Netflix together with Hola (to get US IP for better movie supply). I fell asleep during the movie and when I woke up the next day my computer was still on and a new tab in my browser had opened which basically told me that all my files had been encrypted and I have to pay 500€ to get the private key in order to be able to decrypt the files: https://gyazo.com/1b...00918567b799d7f
The ONLY reason I can think this happened of is that Hola had some stupid popup or redirection to a website with malicious code that was automatically executed on my computer without my knowledge.
I am not crying rivers because of this because I did not have that much important files on my PC, but there are some files that I would like to have back, but I don't want them back enough to pay 500€ for them.
All files has a .ccc extension and they are encrypted. Is it possible to recover the files with some file recovery program like Recuva or does that only work for deleted files?
I did not have a Windows restore point so what I have done now is that I have saved the encrypted files on a HDD and formatted my C:\ drive and reinstalled Windows.
Working Gyazo link: https://gyazo.com/1b349a3ad7763c48100918567b799d7f
you ran a program using unsecured protocols, that is all.
dont use software programmed by retards
>>51311257
No, I haven't ran any suspicious program. This happened just after I had used the Hola extension.
It was days ago since I used any other programs than Chrome, Skype and Steam. Why would the encryption malware would wait a few days before executing the encryption...
Is it not possible to recover my files without paying the douchebag 500€?
>>51311493
If it was just a tab in your web browser, I seriously doubt that your files are actually encrypted. Just close the web page.
>>51311493
Nope, you can only restore from backup or wait 20 years for brute force decryption becomes possible for what ever they used..
Tldr ur fukd
>>51311307
hola is literally malware
also actually check your files
>>51311568
I am not fucking retarded. Every time I started my computer, the web browser started and opened the "blabla we have encrypted your whole computer" page. And all documents, zip files, pictures etc on my computer has a .ccc extension and are encrypted.
>>51311228
you probably can't recover the files. You can try erasing the hard drive though, and running data recovery software on it and see if it comes up with anything. Theoretically it shouldn't if the encryption was done properly but you never know. You're basically fucked anyway so you might as well try.
>>51311910
I'll try that. Will probably just recover the .ccc files but meh, doesn't hurt to try it.
>>51311307
>No, I haven't ran any suspicious program.
Hola by itself won't cause that. Your infection vector is something different.
>>51312272
It can be a flash/java exploit that was distributed by an injected by hola ad though. It's a bullshit botnet extension.
Older cryptolocker/cryptowall methods can be reversed. If you can find the version that caused this you may get lucky.
>not having an offline back
You cared so much you didn't bother having a backup...now you care?
>>51311228
Most ransomware doesn't even decrypt the files after you pay.
There's a good chance that everything is just gone forever.
>anti malware scans as proof of no infection
It doesn't work like that.
>thinks mbam will detect trojans/worms/rats
>using hola
>got fucked by ransomware
>"i use common sence"
Jesus. There is so much stupidity here. You aren't clever enough to get away with not using antivirus. So install something and actually look into staying secure online.
And don't use hola ffs.
>>51311620
>I am not fucking retarded.
uh
sorry to break it to you op:
1. uses malware
2. no backups
rms bonus: netflix, windows.
you are retarded
Goverments are behind ramsomware to demonize encryption, you heard here first.
>>51312272
it was already determined from 4+4chan like a year ago that hola was a literal botnet, and anyone could execute malicious code with it. they even had a working example, so yeah, it was 100% hola
Ok retards, what antivirus should I use? I want something lightweight with no fucking notifications whatsoever unless it finds a serious threat.
It needs to be silent and not using much resources. I use Win 7 x64. Fuck you, I will never use Linux so don't even bother.
>>51311307
hola is a literal botnet
>>51314242
I will never use that shit again. I am 70% sure that Hola was the reason behind this shitty malware I got.
google ccc ransomware you fucking inbred retard
back your shit up next time
>>51311228
Your Common Sense is very outdated. Are you using the Potato Edition?
Hey, I'm interested in some antivirus advices too. Any anon willing to help please?
>>51311228
>Hola
>Common sense
just pirate the movies anon
>>51314226
>It needs to be silent and not using much resources
well that rules out windows completely. i suggest linux, seeing as you're too much of a retard to use windows without filling your computer with viruses :)
>>51314226
Kaspersky
EMET
and some type of crypto-preventor
Dont use fucking free/public VPN's either.
>>51311228
Seems like no one knows of Exploit kits.
Hola is an actual botnet. like not a meme. its a legit botnet.
your files are toast.
>>51315905
how very descriptive
..yes
exploits
>>51314226
How about you read sticky? Also install gentoo you fucking retard.
>>51311307
>Why would the encryption malware would wait a few days before executing the encryption...
Encrypting takes time, especially if you want to do it unnoticed. It could easily be timed to only show the message once it's nearly done.
>>51315987
Nobody uses fucking gentoo.
Even bleeding edge Linux users use arch. its just shitposting at this point
>hola
Hahahha
>>51311228
Do you even ublock origin?
>>51314226
you're still going to get fucked by 0-days as long as you are mentally handicapped
>>51311228$ sudo apt-get remove common-sence
$ sudo apt-get install common-sense-stable
That package is shit.
>>51311228
Install gentoo
And that is why disabling UAC is retarded.
Sue hola! Seriously.
prove it, post a timestamped screenshot from your phone or whatever you are using to make this thread.
once you actually back your dumb fucking story up, i will tell you how to get your data back without paying the ransom
>>51317933
Unless you leave UAC set on the highest level it can be 100% bypassed without A/V picking it up.
And since no one wants UAC set the max, the only real solution is to use a user account that does not have admin privileges.
>>51318064
But do you really *need* admin privileges to encrypt your own files?
>>51318102
OP is making up the story so I don't know, I've never infected myself with one of these.
I am pretty sure for the actual program to run it does require something like that, in which case UAC at full or non-admin account would at least stop it until you entered the password, then it would continue as normal (naturally).
I was mainly saying that disabling UAC or keeping it at default gives you the same results as far as elevation goes.
>>51318064
>>51317933
I don't see why people don't run with UAC on high, I never have a problem with it. I have to put a password in to elevate to admin, which is how it should be if you ask me.
UAC doesn't really protect against ransomware, it can encrypt anything the user has write access to.
>>51318064
>And since no one wants UAC set the max
False. If you're running into too many UAC prompts, then reconsider what the fuck you're doing.
>>51318043
I'm not making shit up, faggot. Why would I? I have already made a clean Windows install but I saved some of the encrypted files on another HDD. Here is proof, but I doubt you will be able to get my files back. I don't give a fuck about the pictures in the folder I show you, but I have some .txt documents and other files that I would like to save.
>>51319049
the only people able to 'give you your files back' (they're still there, just encrypted) is the people responsible for disseminating the virus.
hope you've got backups or bitcoins.
Only time I ever has virus in my PC was when I stupidly plugged a laptop that qas infected to my network (didnt know it was) and thats it.
25 years without any antivirus or aimilar.
Only Tinywall or Windows Firewall
I do not understand how retarded obe must be to get a virus on his PC
>>51319109
I agree, I never use antivirus and I have never in my life been affected by any malware until today. And it wasn't because I was clicking on something retarded. It was because of the fucking Hola extension which are used by millions of people. You can't blame me for using that extension, I guess even you would fall for that.
>>51311228
>he believes in placebo
>he gets rekt
>he comes crying on 4chan
>2015
Install Gentoo
>>51318102
not the ones in your userspace.
>>51313799
>determined
No, hotwheelz was being butthurt as fuck because people would use hola to bypass bans and IDs, so he went on a smear campaign against hola.
>>51319049
it's still encrypting, by the way.
every second you have your computer booted into windows it's destroying more files.
>>51319179
I'm not really crying. Losing those files will just mean that I have to spend a few hours on fixing some things that I could spend on fucking hookers or whatever.
I will never use Gentoo in my entire life.
>>51319205
No, I have formatted C:\ and reinstalled Windows. I'm good now.
>>51319223
>formatted C:\
you should know by now that just the partition is not enough.
whenever i encounter cryptoshit at work that harddrive goes straight into the trash.
>>51319293
Eh, how would they execute the encryption script on the secondary HDD after I have reinstalled Windows you dipshit.
>>51319373
If you are dumb enough to get infected by that in the first place, you are too dumb to even understand any of the concepts in this thread.
>>51311228
like the malware about cyberpolie charging you a 500 euros
i almost died until i saw paysafe thing
>>51319396
Buhu, you couldn't trick me into thinking that my HDDs are trash so now you have to cry even more. Damn, it sounds like you are the one who has lost all your data.
>>51319468
I wasn't the person who said that, but like I said, you wouldn't know what a rootkit is even if you came to /g/ again with your dumb fucking problems.
The chances you have one are slim, but since you are so fucking inept with computers anything is possible.
>>51311228
>Hola
>using an israeli service
>expecting decency
well memed
>>51319490
I know what a rootkit is you fucking asshole, but how could it still operate when I have formatted my C:\ drive. Please explain. Registry is clean, Windows is clean, every startup process is clean.
I understand that any executable file on my secondary HDD could be infected, but I am not clicking on them. God you are annoying.
>>51319490
I guarantee he doesn't have some HDD firmware rootkit shit. There is no reason to throw the HDD away.
>>51319555
>>51319557
Not all rootkits are in firmware. He could easily 'format' and install windows and have another small partition floating in there he is too dumb to notice.
But whatever, if he was stupid enough to get infected by this he deserves whatever comes to him.
>>51319582
My Windows drive is an SSD and it's not even partitioned.
>>51319634
You are missing the point, but at least you are trying.
>>51319582
No shit. But they do need to execute.
How is the rootkit in that other partition going to gain execution if the operating system has been reinstalled? The OS isn't just going to reach out to other partitions and start executing shit. Even if that was the case, you just format the whole thing, and you're good. There isn't any reason to throw an HDD out unless your a paranoid spaz that thinks they have an HDD firmware mod.
I hope you're trolling. If you are, you are a pretty fail troll.
>>51319658
That is exactly what rootkits are designed to dingus.
>>51319582
Windows has at least two default partitions. Did you know that?
>>51319677
fail troll is fail.
