Windows 10: Malware Trying to Encrypt my Hard Drives Solved

Page 1 of 3 123 LastLast

  1. Posts : 18
    Win 10 Pro 64bit
       13 Oct 2017 #1

    Malware Trying to Encrypt my Hard Drives


    Hi all,

    I have somehow acquired some malware that keeps trying to encrypt my files but I have a program running called CyberReason which blocks it everytime it tries to do its evil deed. Yet it does not clean the ransomware from my PC.

    What is the best ransomware cleaner, preferably free?

    The ransomware keeps adding folders to all of my drives with different name and tries to hide them. But I can see them since I have Show Hidden Folders enabled. Every time I delete them, they come back with a different name within a minute or so. Here are some of the names:

    Adate167
    Zconfig194
    Acdata102
    Xpackage86

    Inside these folders are files of various types like "wise align.doc" and "cigarette.liberal.xls" with a total of 10 files in each folder. They amount to 1.68 MB.

    I have included wise align.doc as an attachment but I DO NOT advise anyone to open it! I include it only in the hope that someone knows how to analyze it and let me know what the name of this ransomware is.

    Does anyone recognise this particular ransomware and know of a good cleaner that will kill it dead?
    Last edited by essenbe; 13 Oct 2017 at 20:56. Reason: remove attachment
      My ComputerSystem Spec

  2.    13 Oct 2017 #2

    Setting aside name calling and politics.......download Malwarebytes, it's free and use the trial period. This will give you real time protection and highly recommend you buying it. Then run it and let it do it's thing and when it finds malware let it clean it. Next, download Norton Power Eraser and run it and select for root kits and a restart will be required. It should find some stuff that's deeply embedded
      My ComputerSystem Spec


  3. Posts : 18
    Win 10 Pro 64bit
    Thread Starter
       13 Oct 2017 #3

    Plankton said: View Post
    Setting aside name calling and politics.......download Malwarebytes, it's free and use the trial period. This will give you real time protection and highly recommend you buying it. Then run it and let it do it's thing and when it finds malware let it clean it. Next, download Norton Power Eraser and run it and select for root kits and a restart will be required. It should find some stuff that's deeply embedded
    OK, I have tried both of these scanners and the problem still exists. This malware is hidden really well and is putting these folders back on all four of my drives within a minute of my deleting them--with new names of course but still easily identifiable.

    Any other ideas?
      My ComputerSystem Spec


  4. Posts : 4,509
    10 Home x64 (1709) (10 Pro on 2nd pc)
       13 Oct 2017 #4
      My ComputersSystem Spec

  5.   My ComputerSystem Spec


  6. Posts : 18
    Win 10 Pro 64bit
    Thread Starter
       14 Oct 2017 #6

    Thanks for your help folks! I really appreciate it!

    It will be until at least Saturday night before I can get to trying these solutions.

    One problem I have had with the offline AV scanners is that they say they can't remove any viruses they find because Win 10 (latest edition) won't let them access the files in a way that they can delete them.

    Does anyone know why this is and how to get around it?

    I download the AV program and run it from a CD in its own program before Win 10 can boot. But they just won't delete the viruses they claim to find due to this problem with the latest builds of Win 10, like Creator's Update.
      My ComputerSystem Spec

  7.    14 Oct 2017 #7

    Forget trying to remove issue!

    Once infected, the bigger issue is what else has been compromised?

    Change online passwords immediately, especially banks, ebay, amazon, paypal etc. Do this from another pc or phone etc.

    Check those accounts have not ben compromised.

    Then forget trying to fix issues. Backup valuable data to an external drive, and do a clean reinstall.

    Overkill maybe but it is not a question if you can afford to take time to do this, but whether you can afford NOT to take time.
      My ComputerSystem Spec


  8. Posts : 16,956
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
       14 Oct 2017 #8

    These articles my give you some helpful advice.

    How to rescue your PC from ransomware | PCWorld

    The No More Ransom Project
      My ComputerSystem Spec

  9.    14 Oct 2017 #9

    cereberus said: View Post
    Forget trying to remove issue!

    Once infected, the bigger issue is what else has been compromised?

    Change online passwords immediately, especially banks, ebay, amazon, paypal etc. Do this from another pc or phone etc.

    Check those accounts have not ben compromised.

    Then forget trying to fix issues. Backup valuable data to an external drive, and do a clean reinstall.

    Overkill maybe but it is not a question if you can afford to take time to do this, but whether you can afford NOT to take time.
    Yep....totally agree.
      My ComputerSystem Spec

  10.    14 Oct 2017 #10

    Todd said: View Post
    Hi all,

    I have somehow acquired some malware that keeps trying to encrypt my files but I have a program running called CyberReason which blocks it everytime it tries to do its evil deed. Yet it does not clean the ransomware from my PC.

    What is the best ransomware cleaner, preferably free?

    The ransomware keeps adding folders to all of my drives with different name and tries to hide them. But I can see them since I have Show Hidden Folders enabled. Every time I delete them, they come back with a different name within a minute or so. Here are some of the names:

    Adate167
    Zconfig194
    Acdata102
    Xpackage86

    Inside these folders are files of various types like "wise align.doc" and "cigarette.liberal.xls" with a total of 10 files in each folder. They amount to 1.68 MB.

    I have included wise align.doc as an attachment but I DO NOT advise anyone to open it! I include it only in the hope that someone knows how to analyze it and let me know what the name of this ransomware is.

    Does anyone recognise this particular ransomware and know of a good cleaner that will kill it dead?
    Can you give us a screenshot of what CyberReason says when it blocks something? Curious to know what this is. Does it happen all the time, or any time, or just when you're visiting certain websites?
      My ComputerSystem Spec


 
Page 1 of 3 123 LastLast

Related Threads
IBM warns of malware on USB drives shipped to customers | ZDNet
My Windows 10 Home laptop will recognize all of my flash drives but won't recognize any of my external hard drives. They all use to show up but now they aren't. The hard drives show up in disk manager but won't show up in file explorer. I hooked...
Securely encrypt drives before syncing them to Amazon S3 Cloud in AntiVirus, Firewalls and System Security
I intend to backup my whole system, secondary and external HDDs to Amazon Cloud. Currently my drives are not encrypted at all. I'm running Windows 10 (no UEFI). I was wondering what is the best way to securely encrypt private data before...
Greetings group. I have a 2 month old hard drive that failed on my desktop PC, taking My Documents with 7 years worth of data. I had just moved the folder to the new drive and hadn't gotten a chance to backup yet. I'm trying to check Recycle bins...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 18:19.
Find Us