Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 46
  • Last Modified:

computer infected with malware please see screenshot

what do I use to get rid of it?
malware.png
0
frankbustos
Asked:
frankbustos
1 Solution
 
Russ SuterCommented:
That isn't just malware. It's ransomware. Removing it is not the hard part. If you don't have a backup of your files you will have to make a choice:

1. Pay the ransom and hope that it works (not a guarantee and not a good idea)
2. Give up on your data and reformat your PC.

The 2nd option is probably extreme but if your data is a gonner anyway you might as well start fresh.

Basically what has happened is that a malicious program has gone through your computer and encrypted most, if not all, of your documents. A very few ransomware programs don't use very good encryption and have been cracked. You can try one of the tools designed to do that. Here are a couple of links to help you out.
https://noransom.kaspersky.com/
https://success.trendmicro.com/solution/1114221-downloading-and-using-the-trend-micro-ransomware-file-decryptor
http://www.avg.com/ww-en/ransomware-decryption-tools
A Google search for "decrypt ransomware" will reveal more.

Unfortunately, the only solid defense against this sort of ransomware is a good backup strategy. If you don't have that your chances are slim for recovering your data. Sorry, I wish I had better news for you.
0
 
frankbustosAuthor Commented:
You kidding me?
0
 
Russ SuterCommented:
Unfortunately I'm not kidding you. See those shortcuts on your desktop that look like plain documents? They are probably links to files that are now encrypted and therefore not recognized by the operating system.

There's a very good chance that all of your text documents, pictures, music files, videos, Microsoft Office documents, etc... are encrypted now. Check your documents folder and see if they have different file extensions now. They probably do. :(

If you don't already have your PC set to show file name extensions you should do that now. Open a file explorer window and click the "View" tab. Check the boxes I highlighted in the screenshot.
File Explorer OptionsKnowing what the file extension is can help identify the variant of ransomware you are dealing with and may help direct you to a solution.
This online tool can also possibly help: https://id-ransomware.malwarehunterteam.com/
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
madunixChief Information Security Officer Commented:
Most ransomware is typically programmed to automatically remove itself after the encrypting is done since they are no longer needed.  Only one thing that's a guaranteed fix - good backups.
http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/how-crypto-ransomware-spreads-is-it/50b629d8-060c-4004-a1e9-d99571062773?page=1
0
 
*** Hopeleonie ***IT ManagerCommented:
@frankbustos
Russ Suter is not kidding you and I second him.
0
 
frankbustosAuthor Commented:
Ok got it thanks
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now