4 Replies Latest reply on Nov 23, 2016 2:59 PM by catdaddy

    Question about ransomware

    deacon

      Hello! I'm new here and I want to ask you 2 questions. My computer is infected with virus that changed all files extensions to .aesir and claim 1.5 BTC for decryption.

      So:

      1) Is there is a chance to decrypt my files for free?

      2) A lot of sites in Google like  Link removed so others cannot try to access it  promote different tools and claims that it will help. It is possible that software that cost 50$ can recover my files?

      Thank for your replies.

        • 1. Re: Question about ransomware
          catdaddy

          To further address your concerns, could you kindly elaborate on exactly the infection in which you are referring to? Please be informed that I removed the link inserted, that was a (Download) that could be considered 'Suspicious'

           

          In regards to being capable of recovering your files that have been encrypted, in the majority of cases\if not all I would say not.. Hopefully you have Backed up your files. Perhaps someone with more knowledge will pick up this thread,and add to the discussion.

           

          All the very Best,

          Cliff

          Moderator

          Consumer Products

          • 2. Re: Question about ransomware
            exbrit

            It's probably too late now, but at the first sign of trouble such as this, you should do a hard power off to stop it dead in its tracks.  Then reboot into Safe Mode and try System Restore to an earlier time.   If successful then temporarily disable System Restore to delete the infected restore point.

            Often questions are asked as to why antivirus software allows this to happen, it's because most of the time the infection is caused by a human action (or inaction in some cases), such as a mouse click and keyboard stroke, just one of those is usually all that's needed to activate the malicious download which then encrypts your files and demands a ransom.

            Never pay it as that would be financing organized criminals.  All you can hope for is that what I just started with works.

             

            Some of the older ransomware have decryption tools, have you any idea what the name of this one is?

             

            Meanwhile read this for some further information and tools (long read but could help you):  Anti-Spyware/Malware & Hijacker Tools

            • 3. Re: Question about ransomware
              exbrit

              I forgot to mention that McAfee and other antivirus software do stop most of the original ransomware, but unfortunately these entities are morphing on an almost daily basis so it's difficult to cover them all, and absolutely new ones appear almost as frequently.

              • 4. Re: Question about ransomware
                catdaddy

                I am inclined to agree;) Thank you for your input Mate.