Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

computer infected with malware please see screenshot

Posted on 2016-10-26
6
Medium Priority
?
37 Views
Last Modified: 2016-10-26
what do I use to get rid of it?
malware.png
0
Comment
Question by:frankbustos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 20

Accepted Solution

by:
Russ Suter earned 2000 total points
ID: 41860765
That isn't just malware. It's ransomware. Removing it is not the hard part. If you don't have a backup of your files you will have to make a choice:

1. Pay the ransom and hope that it works (not a guarantee and not a good idea)
2. Give up on your data and reformat your PC.

The 2nd option is probably extreme but if your data is a gonner anyway you might as well start fresh.

Basically what has happened is that a malicious program has gone through your computer and encrypted most, if not all, of your documents. A very few ransomware programs don't use very good encryption and have been cracked. You can try one of the tools designed to do that. Here are a couple of links to help you out.
https://noransom.kaspersky.com/
https://success.trendmicro.com/solution/1114221-downloading-and-using-the-trend-micro-ransomware-file-decryptor
http://www.avg.com/ww-en/ransomware-decryption-tools
A Google search for "decrypt ransomware" will reveal more.

Unfortunately, the only solid defense against this sort of ransomware is a good backup strategy. If you don't have that your chances are slim for recovering your data. Sorry, I wish I had better news for you.
0
 

Author Comment

by:frankbustos
ID: 41860772
You kidding me?
0
 
LVL 20

Expert Comment

by:Russ Suter
ID: 41860774
Unfortunately I'm not kidding you. See those shortcuts on your desktop that look like plain documents? They are probably links to files that are now encrypted and therefore not recognized by the operating system.

There's a very good chance that all of your text documents, pictures, music files, videos, Microsoft Office documents, etc... are encrypted now. Check your documents folder and see if they have different file extensions now. They probably do. :(

If you don't already have your PC set to show file name extensions you should do that now. Open a file explorer window and click the "View" tab. Check the boxes I highlighted in the screenshot.
File Explorer OptionsKnowing what the file extension is can help identify the variant of ransomware you are dealing with and may help direct you to a solution.
This online tool can also possibly help: https://id-ransomware.malwarehunterteam.com/
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 25

Expert Comment

by:madunix
ID: 41861002
Most ransomware is typically programmed to automatically remove itself after the encrypting is done since they are no longer needed.  Only one thing that's a guaranteed fix - good backups.
http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/how-crypto-ransomware-spreads-is-it/50b629d8-060c-4004-a1e9-d99571062773?page=1
0
 
LVL 19

Expert Comment

by:*** Hopeleonie ***
ID: 41861006
@frankbustos
Russ Suter is not kidding you and I second him.
0
 

Author Closing Comment

by:frankbustos
ID: 41861029
Ok got it thanks
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Change your password...do it now!. Probably the easiest point of access to your account is through guessing your password. If your password is guessable, do change it now. If not for your sake but for everyone else in your friends list. Remember …
An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question