• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 41
  • Last Modified:

User opened email with a bad word doc malware or virus in it

It created a bunch of shortcuts and with the original folder names, Hid the original folders and renamed them to a sid The shortcut if you click on it contains the sid folder name in the command line (they tried to create a script that deleted the folder if you clicked on the shortcut but it didnt work on the NAS we have luckily.  The hard part is right clicking each shortcut looking at the sid name and then renaming and unhide the correct folder.  Has anyone had this and is there any kind of tool to put everything back?
0
charles18602
Asked:
charles18602
  • 4
1 Solution
 
JohnBusiness Consultant (Owner)Commented:
Are the files in the folders encrypted?  It looks like the Crypto virus or another kind of virus that affects folders.

Since your NAS is OK (and the contents I assume), isolate this machine immediately, format it, reinstall Windows and recovery the documents from the NAS.
0
 
JohnBusiness Consultant (Owner)Commented:
@ charles18602 - Did you restore from a backup?
0
 
JohnBusiness Consultant (Owner)Commented:
You have the Crypto Virus, right?  Did you restore from backup?
0
 
JohnBusiness Consultant (Owner)Commented:
Have you restored from backup?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now