Welshman
Platinum Member
I have been experiencing some relatively minor but annoying issues with my computer in the last few weeks. I have been using Norton Anti-Virus for years and have never been aware of any viruses on any of the computers that I have. A friend suggested that I download a copy of Avast free, run a scan with it and see if it would detect anything that Norton didn't. I've always thought that I should disable my existing AV while installing a new program, to avoid installation conflicts, so I did. I believe that was a HUGE mistake.
After downloading, I ran a scan with Avast, and it found A BUNCH of "threats" which it "resolved". One threat in particular (debrovorda?) kept registering about every 5 seconds. After about 45 minutes, since this was the only threat it was finding, I stopped the scan. I then got a prompt to restart the computer so Avast could complete the install, and do a boot scan, which I did. Avast indicated a threat, resolved it, and my computer started normally.
When I attempted to open my email program (Outlook), I got a message that the file could not be found, and Outlook wouldn't open. I then tried to open Word (which I use as my email editor), and noticed in my "recent files" a file called "Decrypt Instruction". I opened it and read that all my files (which seem to be Word ands Excel) had been encrypted and if I wanted the decryption key to click a link and apparently PAY for the key - RANSOMWARE!
I've searched the web and so far, my results have not been promising. I did find a site - FireEye-Fox IT - that claimed they could decrypt if a sent a sample file, but when I did, they said the files were not encrypted. I suspect that I have a newer version of the ransomware than they have a fix for.
All my files are there, but when I open them, it's just gibberish. I had created a restore point before I downloaded Avast, and restored, but the malware is still there. I even went back and restored from a day earlier - still there.
Of course, I don't have a very current back-up of these files (lazy), but even so, I don't know how to make sure the virus is removed, so that I don't have this happen again.
Any ideas? I'm sick about this. I'm a spreadsheet kind of a guy, and can't get to any of them - nor emails, contacts or documents.
I'm a fairly cautious guy. I never open any strange emails or go to odd sites or click on or download anything that I don't know. I think it's ironic that in attempting to get "extra" protection, I ended up in this mess.
Thanks for any help.
After downloading, I ran a scan with Avast, and it found A BUNCH of "threats" which it "resolved". One threat in particular (debrovorda?) kept registering about every 5 seconds. After about 45 minutes, since this was the only threat it was finding, I stopped the scan. I then got a prompt to restart the computer so Avast could complete the install, and do a boot scan, which I did. Avast indicated a threat, resolved it, and my computer started normally.
When I attempted to open my email program (Outlook), I got a message that the file could not be found, and Outlook wouldn't open. I then tried to open Word (which I use as my email editor), and noticed in my "recent files" a file called "Decrypt Instruction". I opened it and read that all my files (which seem to be Word ands Excel) had been encrypted and if I wanted the decryption key to click a link and apparently PAY for the key - RANSOMWARE!
I've searched the web and so far, my results have not been promising. I did find a site - FireEye-Fox IT - that claimed they could decrypt if a sent a sample file, but when I did, they said the files were not encrypted. I suspect that I have a newer version of the ransomware than they have a fix for.
All my files are there, but when I open them, it's just gibberish. I had created a restore point before I downloaded Avast, and restored, but the malware is still there. I even went back and restored from a day earlier - still there.
Of course, I don't have a very current back-up of these files (lazy), but even so, I don't know how to make sure the virus is removed, so that I don't have this happen again.
Any ideas? I'm sick about this. I'm a spreadsheet kind of a guy, and can't get to any of them - nor emails, contacts or documents.
I'm a fairly cautious guy. I never open any strange emails or go to odd sites or click on or download anything that I don't know. I think it's ironic that in attempting to get "extra" protection, I ended up in this mess.
Thanks for any help.
