Hey Avast! Its been quite awhile since I have used the forums or frankly even needed them… I have a huge problem that has (I think) only started today.

This morning while downloading (Bit Torrent) … Yes I know…
Windows repeatedly asked if I wanted to give access to a program called MIGsetup.exe…
Currently I am running in safe mode- already ran a MBAM Scan, I also have a OTL Scan for you folks… Running in regular mode gives me a black screen with full ability of my mouse, keyboard and task manager, when attempting to hit all processes, task manager semi freezes (still reads cpu% but boxes are no longer selectable)

Also I noticed a tremendously large amount of ad sites linked with this infection as the “today” column on my history is slammed with sites…

I need help, I usually tackle these by myself as MBAM is usually all that’s needed…rebooting into safe and completing a full scan after yielded no infections…

https://forum.avast.com/index.php?topic=53253.0

Wow… ok
A friendly reminder would of been nice you know

Is OTL No longer used?

asw is just finishing

Is OTL No longer used?

Did you install the developer version of Chrome ?

If not please uninstall Chrome and run a fresh FRST scan please

Chrome is not used, internet explorer is my main, ill uninstall and run again.

Also let me take the time out now and say thank you so much for the quick response Avast-

Noticing that chrome is still there but I went through the uninstall a program to removed this…

Firefox as well is not installed on my system

Do you have a disc image as you have been hit by ransomeware ?

I do thankfully. This was literally the fastest virus blow I ever witnessed. What happen was the file itself kept asking for access- I was in the process of deleting the folder the file belonged to and thought windows asked if I was sure I wanted to delete the FOLDER… but it was windows asking for the millionth time about the MIGSETUP and yea… Thank you so much ESSEX if you cant fix it, its broke lol thankfully yes I have an image

I would recommend that you use the image as the files that are encrypted are impossible to recover

A bit late but …

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

https://dl.dropboxusercontent.com/u/73555776/CryptoPrevent.JPG

Thank you very much- Got a good chuckle out of that
Ok so my plan is to wipe it clean. I have an External and secondary IDE are these going to be affected?

The external should be OK if it was not connected
On the other IDE if any files similar to this are not present then you are OK

HELP_DECRYPT.HTML
HELP_DECRYPT.TXT
HELP_DECRYPT.URL