HELP. My computer affected by RANSOM VIRUS AND JS.KRYPTIK.ATB TROJANS

[REDACTED]

I have windows xp service pack 3 installed on my computer. I found Ransom virus and JS.KRYPTIK.ATB trojans on my computer. A garbage txt file with Chinese or Japanese characters has got written into all the system folders and all other folders in all the drives of my computer drives C to G, which has encrypted all my pdf, rar, doc, zip, txt, bmp gif, jpg, wmv and mp3 files and has also eaten up much of my hard disk space *(before the virus infected the computer, there was a minimum of 592 mb fee space available on each drive.Now, it shows only 2mb, 3mb, 1.5 mb and so on as free available space on the hard disk drives.  The garbage txt file contains the number 921537 inside it and all the encrypted files are suffixed with this number.
Further, a strange humming noise begins when the computer is started and ends only when the computer is shut down. I have managed to delete all these txt files and kept only one copy of the file on the desktop after renaming it as .roda, so that no existing software can read the file and spread it further. My file search command has also been disabled and so, I had to download effective file search file to search for the trojans and the infecting txt file and delete all of them. I need urgent help, as my computer has been down for a week. I have run spyware doctor, spyware sweeper, avast antivirus, spybot search and destroy, spycleanergold, adwcleaner, ccleaner, yet another cleaner, spyhunter, superantispyware. The garbage txt file has planted itself into my spybot/pycleaner gold and avast folders and disabled their functioning. I realised this while running the other antispyware. As i do not have any backup for the encrypted files, I need help urgently as most of these files are valuable files downloaded from expired websites without any back up.
Please help me. My email address is sanjaydoogar@yahoo.com

[Eddy]

https://forum.avast.com/index.php?topic=53253.0

Looking at the tools you have run, I see you also ran fake anti-virus applications that have only made things worse.

[REDACTED]

Dear Sir,

I have not run any fake antivirus or fake antispyware. I am still stuck with my computer. The garbage txt file installed itself into every single folder on my computer and renamed all pdf, jpg, bmp, giff, doc, pdf, wmv, mp3 files with a suffix 921537 and the respective applications are not able to open the file. What I want to know is that are the currently existing files the original ones or whether the virus has deleted the originals after creating duplicate files on my computer and whether there is any chance of my recovering the original files, either through volume shadow copy or any other method.  This garbage text file has also found its way into my avast program file and disabled the functioning of the avast free antivirus version, apart from disabling the spybot search and destroy free edition (version 1.62 installed from my CD and updated, as I was not able to download the latest version), while the spy was wrecking havoc on my computer.

[Michael (alan1998)]

Hi,

if it's what I think it is, your files may be gone.

As for the Fake AV type apps, you have indeed run fake ones. YAC (yet another cleaner) is detected by Malwarebytes.
Spyware Doctor has a questionable reputation
According to CNET reviews, Spy Cleaner Gold, is detected by AV's as well.
I have never heard of Spy Sweeper.

I would advise you to follow Eddy's Advice. What OS' are you using? Thos Hard Drives seem VERY small

[Eddy]

You sure have run rogue anti malware tools.
Spyware Dokter, Spyware Sweeper, Spyware Cleaner (gold), yet another cleaner are amongst them.
http://en.wikipedia.org/wiki/List_of_rogue_security_software

And .roda is a known and used filetype:
http://tinyurl.com/qzuj4ot

The humming noise is likely coming from a fan.
Open the case and remove all dust inside it.
This includes taking out the PSU, opening it and cleaning the inside as well.

If you want help, follow the instructions from the link I gave you.

[REDACTED]

dear sir,
thanks very much for the prompt response. I am in fact surprised to find spyware doctor, spysweeper and spycleaner gold in the list of rogue software programs. I was not aware of this. I simply renamed the garbage text file as *.roda, assuming that there was no such extension as .roda and that no virus or spyware would be able to access that file with that extension. Currently, I am running a trial version of Kaspersky's internet security, after formatting  the C Drive and installing windows xp service pack 3 on my c drive. It shows up all the doc files, while scanning as *.doc//1table, *.pdf//1table. I think this //1table is indicative of the virus infection as such suffixes never used to appear in any scan of my computer before the virus hit my computer.  I will be grateful for suggestions if any on whether and how I could recover these files from the virus. I had downloaded many files (each of these may be 30-60 mb files) from websites, which have expired now and there is no known holder of these files, whom I can request to email these files to me. Thanks and regards, Sanjay Doogar

[Eddy]

If you really have formatted the drive and it is the only had you have in that system, the infection would have been gone,.
Unless you used a cd/dvd or something during the installation process that is infected.

All your files are gone if you formatted the drive.
Take your loss and learn from it.
Always have a recent backup of data.