Avinash,
Thanks for your comments but unfortunately they do not seem to be helpful. I will admit to being a little confused now. It would appear that I am incorrect about what I was hit with because the information provided about the Cryptolocker is definitely NOT what I am dealing with! I have checked a variety of files with the extensions listed in the one article as those targeted by Cryptolocker and find none seem to be encrypted. All are, as far as I can tell, open and accessible. I have never received a "ransom" message, et.c In short, none of the characteristics I have seen are related to Cryptolocker.
What I did see, when my issues began, was an ntense increase of CPUI usage (as tracked by the Task Manager) and a devastating slow down of a computer which is normally quick to respond, even if I have several windows and functions runjning simultaneously. At the same time this began is when my AVG popped up with the warning that it had detected Crypt5.itf which it identified as a Trojan and as a high risk item. It asked the standard "what do you want to do" and I chose to have AVG remove the threat, including the required restart. As soon as the computer would restart, the codition returned and the threat was found again … repeat the process, and so on.
Skip ahead to steps taken after researching: restarted computer in Safe Mode with Networking, downloaded Malwarebytes Anti Malware software, disconnected the computer from the internet to prevent recdontamination and ran the Malwarebytes. AFter restart back to normal mode, all indications of the problem seemed to be gone
Shortly after that I attempted to use one of the programs I have which seem to have been affected by whatever was happening. Basicallly I have one email program (Windows Live Mail) a greeting card creation program and two different photo editing programs which have developed issues they had never shown before. The photo editors will begin an opening splash screen but then "hang" and never complete loading. The Card program does the same thing when certain features are attempted and the email program does as well … it works until I attempt to create a new message to send out, then locks up.
Installation of a different email program has that issue resolved however I have tried to reinstall the photoediting and the card creation programs from their original disks with no change.
Hopefully this will give you something that will lead you in the direction of the actual provlem I am dealing with, and even better, towards a resolution!
Thanks!
I have to say that I am disappointed in the response to my issue when it comes to AVG customer service. The two people who have responded here on this forum have seemed both knowledgable and interested in trying their best to help resolve my situation. Unforunately, that appears to be where it ends. The last response mentioned an email with further instructions which turned out to be a referal to start a live chat and remote support service during which an "expert technician" would be able to "fix the issue quickly and efficiently!" What actually happened was waiting over 15 minutes before a technician came online, having to explain everything all over again and then having that technicial tell me ther is absolutely nothing they can do to try to fix my problem. Despite the fact I was required to grant remote control permissions over my computer to this tech, they did not actually look at anything, examine what had or had not been done to my computer and certainly did not actually try ANYTHING to see if it might help.
The one thing he did tell me, though, was that it is MY FAULT AVG is unable to help me with this problem (the problem which began because AVG failed to protect me from this virus to begin with!O It is my fault because when AVG failed repeatedly to deal with the virus which it did detect I looked at discussions on the AVG website and found instructions about how to remove the virus and I followed those. It worked, but my current problem remained According to this technician, "We would have resolved your issue once you have contacted us immediately after that infetion." Instead, they are now "unable" to even make an attempt to help me out. My only viable alternative at this point seems to be a complete system restore and all of the related hassles of needing to replace and restore everything I currently have on my computer.
I have been using the AVG Free version for many years and recommending it to a large number of my friends, even installing it for some of them myself. Ironically, I have recently purchased and installed the paid version of AVG on my own computer and yet despite the increased functionality and the supposed availability of greater customer service options, both AVG and the customer service experience are failing me.
Obviously it is highly unlikely I will renew my subscription to AVG paid services when my current one expires. I do not even know if I will return to the free version at this point, or if I will seek out something else.
Avinash (AVG Technologies) and Balasubramanian (AVG Technologies) I want to say thank you for at least making an attempt to help. I am sorely disappointed in the fact that your associates were not able to do the same.
Hello Peter.
We are very sorry to hear about the problems that you experienced. The type of attack you have suffered is called a "crypolocker". It is malware, but not a virus – generally it means that you have been tricked into running a program which then encrypted your files.The original Cryptolocker was defeated by a cooperation of international police and security agencies who recovered the secret store of encryption keys and were thus able to help victims to un-encrypt their files.
However, new variants appear all the time. Our software blocks many of them but unfortunately you got what is called a "zero day" vulnerability – in other words, you were infected by a very new form of the malware before it had been reported to us and so before we could add its signature to our database and block it. (cont…)
About a week ago I got hit with the Crypt5 virus. As many others have reported, AVG repeatedly found and reeported the virus, said that it was removing but as soon as the computer restarted it was back / still there. I was able to remove this trojan with another malware program and the computer remains free, HOWEVER before I was able to remove the virus, it created some major issues. I am not sure exactly whoat it did, but I have several proggrams which no longer work properly, even after completely removing and reinstalling. An example is I havetwo different photo editing programs I use. I had used one of these the same day I got hit with the virus but from the moment I had it cleared, I have this problem With both of these programs when I go to load it up the computer hangs after the initial splash screen begins. It will sit for over an hour if I leave it, the little "load" circle spinning and spinning but it does nothing. It never loads and will not function and I have to use the task manager to reclose the program I have uninstalled and reinstalled (from the original disk) twice and it continues to act the same.
I am running Windows 7 Pro with all updates installed, the latest version of AVG Antivirus paid. NOt sure what other info to provide but if anyone has any suggestions at all, I would really appreciate it!
Oh, and I tried System Restore, there are no Restore points before the virus hit (I'm assuming the virus managed to wipe them out) so I am not able to restore to before the problem began.
Avinash,
Thanks for your comments but unfortunately they do not seem to be helpful. I will admit to being a little confused now. It would appear that I am incorrect about what I was hit with because the information provided about the Cryptolocker is definitely NOT what I am dealing with! I have checked a variety of files with the extensions listed in the one article as those targeted by Cryptolocker and find none seem to be encrypted. All are, as far as I can tell, open and accessible. I have never received a "ransom" message, et.c In short, none of the characteristics I have seen are related to Cryptolocker.
What I did see, when my issues began, was an ntense increase of CPUI usage (as tracked by the Task Manager) and a devastating slow down of a computer which is normally quick to respond, even if I have several windows and functions runjning simultaneously. At the same time this began is when my AVG popped up with the warning that it had detected Crypt5.itf which it identified as a Trojan and as a high risk item. It asked the standard "what do you want to do" and I chose to have AVG remove the threat, including the required restart. As soon as the computer would restart, the codition returned and the threat was found again … repeat the process, and so on.
Skip ahead to steps taken after researching: restarted computer in Safe Mode with Networking, downloaded Malwarebytes Anti Malware software, disconnected the computer from the internet to prevent recdontamination and ran the Malwarebytes. AFter restart back to normal mode, all indications of the problem seemed to be gone
Shortly after that I attempted to use one of the programs I have which seem to have been affected by whatever was happening. Basicallly I have one email program (Windows Live Mail) a greeting card creation program and two different photo editing programs which have developed issues they had never shown before. The photo editors will begin an opening splash screen but then "hang" and never complete loading. The Card program does the same thing when certain features are attempted and the email program does as well … it works until I attempt to create a new message to send out, then locks up.
Installation of a different email program has that issue resolved however I have tried to reinstall the photoediting and the card creation programs from their original disks with no change.
Hopefully this will give you something that will lead you in the direction of the actual provlem I am dealing with, and even better, towards a resolution!
Thanks!
Hello Peter.
We are very sorry to hear about the problems that you experienced. The type of attack you have suffered is called a "crypolocker". It is malware, but not a virus – generally it means that you have been tricked into running a program which then encrypted your files.The original Cryptolocker was defeated by a cooperation of international police and security agencies who recovered the secret store of encryption keys and were thus able to help victims to un-encrypt their files.
However, new variants appear all the time. Our software blocks many of them but unfortunately you got what is called a "zero day" vulnerability – in other words, you were infected by a very new form of the malware before it had been reported to us and so before we could add its signature to our database and block it. (cont…)
Hello Peter,
We sincerely apologize for the difficulties you are currently experiencing. Thank you for the detail explanation of the issue and sorry for misunderstanding it. Pleased to know that you have resolved your issue. Please be informed that Crypolocker is malware, but not a virus -generally it means that you have been tricked into running a program which then encrypted your files. This type of attack has been widespread for about 2-3 years now. The original Cryptolocker was defeated by a cooperation of international police and security agencies who recovered the secret store of encryption keys and were thus able to help victims to un-encrypt their files.
When AVG detects the malware, it will remove it from your PC, but this will not de-crypt your files.
If you have backup copies, you should use them. If you do not have backups, please learn from this and start to keep multiple backups – this is essential for all types of computer.
Although these are not official AVG recommendations, the following articles may help you to recover earlier copies of your files:
http://www.pcworld.com/article/2084002/how-to-rescue-your-pc-from-ransomware.html
http://www.computerworld.com/article/2485214/microsoft-windows/cryptolocker-how-to-avoid-getting-infected-and-what-to-do-if-you-are.html?page=3
Hello Peter,
The reason I gave our remote support to you is to check the issue regarding to your CPU usage and I didn't provide it to resolve for the Cryptolocker virus. This was clearly explained by Avinash that right now we couldn't find a solution to detect and remove this Cryptolocker virus but we are working 24/7 to find a solution. I am sorry that you have understood that the remote support is offered for the Crypto virus. Only suggestion we would give to you to is to take regular backup of your files. Thank you.
Balasubramanian,
IT would seem there is more misunderstanding that either of us realized. You misunderstood the post which you responded to as well. I do not need any help to remove the Cryptolocker virus from my computer. I do not have the Cryptolocker and never did. Since it was never on my computer, it never needed to be removed.
You thought I was asking for help with removing the cause for the high CPU usage however I had stated in my post that I had already been able to resolve that problem as well. I did not need assistance in removing that since I had already done that. What I was asking for help with was trying to figure out and fix the problem which was caused by the virus which also caused that CPU issue. Several of the programs on my computer have been damaged in some way and will not function properly any more. I have even removed those programs and re-installed them from their original installation disks however this does not fix the problem. Since the problm was caused by AVG detecting but failing to protect me from a virus I was hoping AVG staff would be able to assist me with the problem. Apparently I was mistaken.