Initially, get into safe mode download CCleaner so to clean/disable any programs running at start-up and later uninstall them!
Scan your system with a legit free or pro version antivirus (FULL SCAN)
Enable your OS to show hidden & system files and folders. Go to your user local settings folder under TEMP and also same at your Windows\System32 folder.
Look and delete (credit to thisisu ):
Now go to http://support.kaspersky.com/faq/?qid=208286527 and download and follow the steps!
Solved! Good Luck cause I noticed there are quite few out there!
quote
Scan your system with a legit free or pro version antivirus (FULL SCAN)
Enable your OS to show hidden & system files and folders. Go to your user local settings folder under TEMP and also same at your Windows\System32 folder.
Look and delete (credit to thisisu ):
- %userprofile%\local settings\temp\<random 10 letter folder> - For example: Mlqjqjqjq
- %windir%\system32
Now go to http://support.kaspersky.com/faq/?qid=208286527 and download and follow the steps!
Solved! Good Luck cause I noticed there are quite few out there!
quote
The RannohDecryptor utility allows decrypting files affected by Trojan-Ransom.Win32.Rannoh infection.
The RannohDecryptor utility has a GUI.
Signs of infection
Infection changes names and extensions of files in the following manner: “locked-<original_name>.<4 random characters>”.
How to disinfect a system
- Download RannohDecryptor.exe;
- Run RannohDecryptor.exe on the infected host;
- A reboot may be required once the utility completes the disinfection.
How to use the utility
- Run RannohDecryptor.exe.
- Click Start scan to begin the process.
To start the decryption, the utility will ask to indicate path to at least one encrypted file.
The utility searches for and decrypts encrypted files.
The utility can decrypt files using a single pair – one encrypted file and one decrypted. - To delete copies of encrypted files named like “locked-<original_name>.<4 random characters>” after a successful decryption, use the option Delete crypted files after decryption.
- By default, the utility log is saved on system disk (the one with the operating system installed).
Log file name is UtilityName.Version_Date_Time_log.txt.
For example, C:\RannohDecryptor.1.1.0.0_02.05.2012_15.31.43_log.txt
Command line options:
uquote-l <log_file_name> - create a log file with given name.
-y – close the utility after decryption.
No comments:
Post a Comment