#Hello, a virus entered my PC when downloading something. Everything I had on my PC was transformed t

can you send the rasomenote

most of the time they drop a ransome note saying where to send money to get your files back

oh it may still be encrypting

can you send me one of the files that is encrypted

IS ENCRYPTED

when someone asks for one of your encrypted files, i'd assume they want you to send one of the files the ransomware has had an impact on.
EG literally any file file the new file extension eqza

preferably a smaller file that doesn't contain any sensitive info

one of the files with the .ezqa extension

yeah

seems to match the Djvu family

a family of ransomware.

I mean, it's ransomware so yes

i'd personally still just do a clean install bt if you want to try to recovery any files you can try this
https://www.emsisoft.com/en/ransomware-decryption/stop-djvu/

we already told you what to do multiple times

No more ransomeware has a guide for tool it too 😄
https://www.nomoreransom.org/en/decryption-tools.html

how did you end on djvu? I cant fine the thingy

https://decrypter.emsisoft.com/howtos/emsisoft_howto_stopdjvu.pdf

https://www.emsisoft.com/ransomware-decryption-tools/download/stop-djvu

mby messin with dns

I wouldn't be surprised if its the ransomware doing that yeah

mine was based off of malwarehunterteams database, typically my goto

can you access google ?

ye I forgot what that was called, so I looked up ransomeware decryptor database and went to top 5

but ye this is the one I wanted:
https://id-ransomware.malwarehunterteam.com/

I wish more decryptors were made for linux live install usbs

now we gotta get him to reinstall then decrypt UGGGGG

wana make a rufus togo iso, then decrypt, then reinstall?

they've already mentioned they don't care about the files so can probably get away with just a reinstall

ahh ok

they did have the mediacreationtool open previously - not sure what the progress is on that

this is an english only server for the sake of moderation

yo es en la clase de espanyol, pero no hablo

u good with loosing all your files and getting logged out of every account and having to donwload everything again

reinstalling will fix that

we are gonna reinstall everything will disapear even that

that is the ransomeware encrypting more stuff

using the guides that were provided earlier

do you have a live usb?

*install

do you have a blank usb drive?

buy one

unless you have a dvd read writer, yes

empty

dose it have any files you dont mind loosing

if it dose have files you want, its not blank

if it has nothing of use, its blank

take in mind plugging the USB into your infected PC may cause any files on there to be encrypted by the malware

buy a new one

DO NOT USE SOMTHING OF SOMEONE ELSES

also, ye we need to kill the malware first before running rufus or mediacreaton tool

do you know if we can use media creation tool in safemode

well right now turn off wifi

on the computer

dont turn it back on, just find a diff way to text us

it'll need to be safemode with networking to source the ISO, everything else should work afaik

if you have ethernet unplug it

kk, thought I had problems with it before so just wondering in your experiance

yo you have a second computer in your house (mac or chromeos or linux or windows)

what?

ok, we should prob use that to make the install usb

so you dont have to boot safemode and do that goofie stuff

oh ye, thats why, its buggy in networking mode

cool, just remoe that

*remove

or just turn off pc

prob just turn off

ye, but we dont wana have stuff running on your computer

so we turn it off

ye ping us when you got a usb drive

and make sure the labtop is working

btw did you try to download a game for free, or what did you download to get this?

lol, average expreiance

solution: beat up your friend

oh wait, ye I know someone who uses that

anyone can upload links i think

so like its not safe

can you send the name of hte game u tried downloadin

just type the name

of hte game

lol ye just dont pirate, and if your gonna even though I said not to, at least try to run things in a safe way

kk

yes, it is at least 8gb right?

yes that is fine

yes

what

buy one

online

another place for what

ok

Maybe you can also do a recovery without reinstalling everything.

Do you have OneDrive syncing your files?

we are going to reinstall

that is the only way to completely remove malware

yeah, but what ybout the data?

mumble

They’ve stated that they don’t care for the data

So rather than going through the process of dealing with the malware, then the computationally intense process of decrypting all the files, assuming this variant OP has can be decrypted using known keys then hoping non of them are corrupt, fixing any other issues the malware has caused on the PC etc

It’s just easier to clean install

You can, as long as whoever’s USB it is, is fine with all the data on it being wiped

you

Nvm wrong message

The process will delete EVERYTHING from both the USB and your PC. So, first you should ask the owner if it's OK for them.

I don't know. It's your PC.
Reinstalling Windows is like after buying a new computer. It will take the same time as the first time you installed all apps and your files will be forever lost (except if you're syncing them on OneDrive, Googlee Drive, Dropbox, ...)

reinstalling windows should take at most like 20mins

man I hate djvu, never ever download those "fix your computer in one click" softwares, they contain the ransomware!

Is there anything stopping you from redownloading said apps?

if not then no
just do what most people do an redownload them.

great, no issue there then.

there is nothing stopping you from physically using your PC but i wouldn't recommend it
when you turn it on, it'll most likely continue encrypting any files that aren't encrypted, enumerating info if it still has a connection to the internet and so on

after the clean install, it should do, yes

if you read through the wiki i linked you to earlier, you would see that you turn the USB into an installation media

can you rephrase that, it doesn't really make sense

The question you asked, "Are you sure what I'm going to do?" doesn't make sense, can you rephrase it

i would expect it to, yes

ok?

i provided you with all the resources you need earlier today.

wipe your PC, do a clean install of your OS
the guides below cover the entire process

1. How to create an installation media
2. How to use an installation media
   ideally you'd make the installation media on a safe / clean PC

the terms are used interchangeably, yes

Hola

that is all explained in the second guide i linked you to.

Turn on the computer that is not working, and repeatedly press the boot menu key. Usually the boot menu key is either one of F10, F12, ESC, or F2 keys. This depends on the manufacturer of your device. The boot menu key for your device can be found out by searching up your computer's motherboard/model.

Once the boot menu is open, move the cursor using the arrow keys to the name of the USB¹ you have inserted and then press Enter.

¹ Can be usually USB HDD or your USB drive model. Your mileage may vary.

to clarify something that guide doesn't mention, the USB needs to be plugged into the PC before turning it on

if you're computer is somewhat modern and came configured correctly you don't need to worry about it

i'd ignore that waning for now, if the installation fails, go back to it and you know what may have been the cause

No, your data and settings from the apps will be. You can re-download the apps later though. The point of this is that by removing all apps, you'll also remove the malware. That virus copied itself across your computer and encrypted your info, so it's nearly impossible to find it. As I said, reinstalling Windows is like throwing your computer out of the window and then receiving a new one for free and starting over from scratch.

Reinstalling Windows will delete all data from disk anyways

including the eqza files

Windows 7 is not supported/secured if you are using it.

which may lead to even more malware

Just stay off line. Can’t catch malware if it’s not connected

what menu

for what menu

Could it be that your hardware is too old and doesn’t support UEFI?

Is your equipment older than 5 years old?

Upload a video of it booting up

Or give us the make/model?

You have to show us the whole screen are there any messages in the upper right?

Yes

You have to keep pressing f2

Once you hit the power button

The latter

Exit out and try this again but with f8 key

because if we change this you’ll have to comeback later to readjust

You can turn your computer off

Yes

Try f11 again

If. It we’ll use the f2 method

Select UEFI

Windows installation will start you want to format your c: drive

I’m at work trying to answer as fast I can fyi. All of us here are volunteers.

Wait

For like 3-5 mins

which one do you have a license for?

likely either home or pro

it's probably windows home

Install home, you can always move up editions, you can’t move down without reinstalling

good to know

bottom one

ty teir!

sorry was driving

call me cheese lol

the bottom option but we only speak englihs here 😦

yes

click eliminar until you are left with unallocated space

yes

what's the error?

show what you have

yes, that's the unallocated space

click next

siguiente

is it installing?

yeah

once it's online if you have a licnese for it it'll activate