Question About Cryptolocker or Cryptowall

[Brucex64]

I am not sure if I have this ransomware. I've looked at a few of my files and they open ok.

I was browsing the web and came to a bad page which redirected to a screen - I did not take the time to read all of it but it said something about the FBI and I saw the words "your files are being encrypted". I immediately closed all browsers.

I should mention that I have MS Security Essentials active. My files are backed up on the cloud with CrashPlan. I did a scan with Security Essentials, it did not find anything. I installed Malwarebytes & Spybot with the latest updates and ran full scans - nothing unusual was found. I had to reboot a couple times, but still nothing. No warning screen came up saying I had to pay etc.

So the thing is, I am not sure if it actually installed itself or if the AV program blocked it. One question is, how long after one of these viruses infect your system do you see the signs of its damage? Would I have seen something by now if I had it? And 2nd question, is there a program I can use to analyze the system and tell me if I have it? Do MS Security, Malwarebytes, and Spybot S&D catch these ransomwares, or is there something else I should scan with?

 

[Jacee]

Run a scan with ESET OnlineScan

1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
   ESET OnlineScan
2. Click the
   
   button.
3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
   1. Click on
      
      to download the ESET Smart Installer. Save it to your desktop.
   2. Double click on the
      
      icon on your desktop.
4. Check
   
5. Click the
   
   button.
6. Accept any security warnings from your browser.
7. Check
   
8. Push the Start button.
9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
10. When the scan completes, push
    
11. Push
    
    , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
12. Push the
    
    button.
13. Push
    

 

[Brucex64]

Ok, here is what ESet found after 17 hours!

C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll a variant of Win32/Systweak.N potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe a variant of Win32/Systweak potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe a variant of Win32/Systweak.L potentially unwanted application
C:\ProgramData\{0159ba11-68c4-b6d9-0159-9ba1168ce845}\Intuit TurboTax Deluxe _ Home.rar.exe a variant of Win32/Adware.MultiPlug.FQ application
C:\Users\All Users\{0159ba11-68c4-b6d9-0159-9ba1168ce845}\Intuit TurboTax Deluxe _ Home.rar.exe a variant of Win32/Adware.MultiPlug.FQ application
C:\Windows\Installer\11f4d697.msi a variant of Win32/Systweak.L potentially unwanted application
D:\Software\Installed\Extracted\Winzip\WinZip Pro 19.0 Build 11293 (x64) + Key\winzip190-64.msi a variant of Win32/Systweak.L potentially unwanted application
D:\Software\Old Stuff\WinZip Pro 18.0 Build 11023 Final.zip a variant of Win32/Systweak.L potentially unwanted application

 

[Jacee]

Looks like a 'crack' .... WinZip Pro 19.0 Build 11293 (x64) + Key :huh: