Solved

User opened email with a bad word doc malware or virus in it

Posted on 2016-07-26
5
26 Views
Last Modified: 2016-09-25
It created a bunch of shortcuts and with the original folder names, Hid the original folders and renamed them to a sid The shortcut if you click on it contains the sid folder name in the command line (they tried to create a script that deleted the folder if you clicked on the shortcut but it didnt work on the NAS we have luckily.  The hard part is right clicking each shortcut looking at the sid name and then renaming and unhide the correct folder.  Has anyone had this and is there any kind of tool to put everything back?
0
Comment
Question by:charles18602
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
5 Comments
 
LVL 95

Accepted Solution

by:
John Hurst earned 500 total points (awarded by participants)
ID: 41730365
Are the files in the folders encrypted?  It looks like the Crypto virus or another kind of virus that affects folders.

Since your NAS is OK (and the contents I assume), isolate this machine immediately, format it, reinstall Windows and recovery the documents from the NAS.
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 41749643
@ charles18602 - Did you restore from a backup?
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 41768011
You have the Crypto Virus, right?  Did you restore from backup?
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 41787141
Have you restored from backup?
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A few years ago I was very much a beginner at VBA, and that very much remains the case today.  I'll do my best to explain things as I go in the hope that other beginners can follow.  If you just want to check out a tool that creates a Select Case fu…
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
This video shows where to find templates, what they are used for, and how to create and save a custom template using Microsoft Word.
In a previous video Micro Tutorial here at Experts Exchange (http://www.experts-exchange.com/videos/1358/How-to-get-a-free-trial-of-Office-365-with-the-Office-2016-desktop-applications.html), I explained how to get a free, one-month trial of Office …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question