The Tor Project

XSLeo

XSLeo

XS650 Guru
Top Contributor
Messages
13,015
Reaction score
1,706
Points
213
Location
Lebanon NY
Any one know much about this? It somehow got me to let it encrypt my files. The links it gave me to get my files back don't work.
On the website it has no way to contact them. The phone number and e-mail address don't work.
I want to get my files back.
Thanks
Leo
 
TOR is simply a browser. I think you clicked on malware masquerading as TOR. You might have screwed up your computer.
 
I turned my computer on and the desk top back ground is black. I try to look at my pics and they are encrypted. They have links with the pics that take me to Tor. At Tor their is a page with several links that are so I can decrypt my pics. None of the links they provide work.
I know what they claim it does, it protects us from others who tract what we do and where we go on the internet. encrypting your computers files is part of this. That way even if they get into your computer they can't read your files.
Leo
 
Leo read a little about CrypTORbit. It sounds like you may have a variant.
And listen to DogBunny. TOR in and of itself is a browser. It does encrypt routing direction to various nodes in an effort to hide IP's where traffic is going or coming from but doesn't encrypt your systems files or the files you send and receive.
 
What I know is that my files got encrypted. The links to get my files back lead to TOR.
On TOR's web site. The help e-mail doesn't work. The phone number doesn't work.
I have the CryptTORbit stuff up in another window now. I'll read it. Thanks for the help.
Leo
 
From what I've read that sounds like what I got. They say the Cryptorbit does this and links you to TOR.
It did say some thing about a large fee to get thing back.
I have my files backed up on a external hard drive. I guess I could do a restore on my computer and reload my files.
Leo
 
Leo,

It sounds like you are dealing with a ransomeware infection. It is a type of malware that gets into your computer and immediately starts encrypting your files. Often it stuffs the affected folders with readable .doc, .pdf and .jpg files that tell you that you can pay to get your files back. Don't send money ...the part about getting your files back is bullshit.

The toxic program that is ruining your files has to be identified and removed from your computer ASAP and it may have already cloned itself to be running simultaneously under more than one named version. The encryption program will still be running in the background unless you identify it and shut it down.

You may need an IT guy to identify and purge the malware program because they are good at hiding from virus scans. Turning off the computer should pause the file destruction.

The only defense is having backups of everything. The virus will find every drive attached to your computer. The only safe backup is one that is completely detached from the computer.

XStretchified
 
XStretchified650 said:
Don't send money ...the part about getting your files back is bullshit.XStretchified
Click to expand...

Ransomware only works because they will give you a key(code) to unlock your files.
If they didn't nobody would pay.
On the dark web there is no e-bay protection, no pay-pal recovery, no running to cry foul to the cop on the corner. Reputation is what rules. You want to buy or sell? Don't try to fuck someone over.

Leo, you may be having trouble because your anti-virus caught the code to contact them.
Hence your broken links.
To format your drive and start all over again may be the simplest.
Glad you had a disconnected drive to store backups on.
 
XStretchified650 said:
Leo,

It sounds like you are dealing with a ransomeware infection. It is a type of malware that gets into your computer and immediately starts encrypting your files. Often it stuffs the affected folders with readable .doc, .pdf and .jpg files that tell you that you can pay to get your files back. Don't send money ...the part about getting your files back is bullshit.

The toxic program that is ruining your files has to be identified and removed from your computer ASAP and it may have already cloned itself to be running simultaneously under more than one named version. The encryption program will still be running in the background unless you identify it and shut it down.

You may need an IT guy to identify and purge the malware program because they are good at hiding from virus scans. Turning off the computer should pause the file destruction.

The only defense is having backups of everything. The virus will find every drive attached to your computer. The only safe backup is one that is completely detached from the computer.

XStretchified
Click to expand...
======================================
THAT is exactly what I am thinking.
But you did not mention that you received any notification of having to make "payment" to get your files back.
 
When I went to TOR and typed in the address that was listed to get the key to unlock my files, it wouldn't work.
I found and currently running a program to remove malware. It found and removed some of it but I still can't access my files. It's running another scan now. I'll let it work for awhile to see how it does.
If it works, fine, if not then I'll try the reboot.
So I guess Tor is off the hook for this. The bad guys are just using Tor to hide.
Leo
 
When the programs on a computer update files often a screen pops up that asks if you want XXX to make changes to your computer. I was getting upgrades, one of these windows popped up I didn't look very close and agreed.
My mistake there, one I learned from.
My Malware program removed the malware. It didn't effect the encryption any. all my files were converted to MP3 files. It didn't do anything for these.
I got out my external hard drove and reloaded all my files. I could do this without a complete restore.
I got all my files back. I still have to go through them one at a time and delete all the MP3 files that were corrupted. I went through a lot of them already. It's working very well. I saved my files on the hard drive in May of last year. I may have lost some things but not much.
As others have said and now I agree most strongly save your files. The hard drive I bought was only about $75 at Wal Mart. I don't recall just how much storage space it has but a lot more than my computer has.
Larger ones are out there. I recommend people should get one to save files to. You can do it online but I don't really trust that much. Same with this Cloud stuff. Putting all your stuff out there and anyone can get it.
Thanks for all the help, and I hope my mistake and how I fixed it can help others.
Leo
 
Leo,

Glad to hear that you were able to recover most of your files. The people that write these malware/ransomware programs may collect some money now and again but their game is just as much about screwing as many people as they can.

Impossible to defend so you have to have detached backups. You don't necessarily have to click something to get infected, just hovering over an icon that reacts to your curser is enough to plant the bad seed.

An IT friend refers to them as 'serial killers of cyberspace'. I completely agree.

XStretchified
 
Good you haven't lost much. I agree an all this out sourcing personal stuff to clouds and fairylands.

I have 500G hard drive on my computer and external 500G hard drive. they were both nearly full so i bought another external Hard drive with 1TB. Been swapping over real important stuff so now i have one backup hard-drive, another with most of the info saved and my computer. I think it pays to have 2 back up hard-drives because i have had the experience of external hard-drives failing, hence the second backup.

Once upon a time all we had to worry about was a leaky roof or fire damaging all our paper work and old photos. Isn't life so much easier now all we have to worry about is cloud hacking, hard-drive failed, viruses, malware, ransom-ware................
 
I think I've been through everything. Lot of stuff on there. Was easy to spot, anything that was an MP3 file or dated the same was deleted.
I don't download music so ever MP3 file I found was the bad stuff. I opened any with a date other than 2/28/16 just to see if it was a bad one. There were a couple that came with the computer as demonstrators.
The only things I spotted so far was a chart the doctor gave me a sliding scale on a large sheet I had scanned in so I could reduce it to fit my Diabetes test kit so it would be easier to use as I needed it.
There may have been others that I did since 2/28/16, That's when this happened, I mat have lost but I don't recall anything else but the doctor's sheet.
It was a tedious process, opening every file I could find, going through them line by line looking for the MP3 files.
Leo
 

Similar threads

Mikey
Reverse phone lookup
Replies
11
Views
221
Mikey
Mikey
Vincenthdfan
Ugh...sick and tired of being sick.
Replies
13
Views
404
Adamc
Adamc
Downeaster
Expensive Day...
Replies
5
Views
168
JOHNDADDY
JOHNDADDY
kopcicle
FedEx
Replies
9
Views
1K
gggGary
gggGary
JesseeS
The post I hoped I would never write
2
Replies
24
Views
2K
xjwmx
xjwmx
Back
Top