Cyber criminals and hackers know that there is big money to be made. The malware industry is big business and criminals are making full use of their questionable programming talents to reap their ill gotten gains. So where does that leave the likes of you and me? Unfortunately simply downloading an anti-virus program and then forgetting about it is no longer enough. After all no sooner has the latest version of an anti-virus program or security patch been released then a brand new piece of malware will be launched to combat the latest security measures. Take a moment to think about when the last time you updated your anti-virus was...
What is firstname.lastname@example.org ransomware?
It is one of the more unpleasant types of malware that you can come across and it can really get the stress levels rising if you have been unfortunate enough to have fallen victim to it. Ransomware's goal is to con you into handing over a sum of money – usually a not inconsiderable sum of money either! In addition to this it can cause real damage to your files and PC's operating system. How does it achieve this: by playing on our insecurities and vulnerabilities.
As with so many of the other sorts of malware, the clue is in the name when it comes to understanding just what it is that email@example.com ransom virus can do. If you have been infected, the program will take your files and programs hostage and hold them to ransom. It does this by attacking your operating system and then encrypting the data on your computer so that everything is rendered inaccessible. So, yes, that does mean that you will now be unable to open your files, personal documents, work PowerPoints or spreadsheets, and all of those lovely family vacation photos you also have stored on your device. It leaves a text file named VIRUSFUCKEDYOURFILES with the following information:
If you wish to get all your files back, you need to pay 3 BTC.
How to get bitcoins?
1. google bitcoin ATMs
2. google localbitcoins dot com
3. google: buy bitcoins
This is the only way to get your files back.
There’s no way to decrypt them without the original key.
The price is non-negotiable.
After paying 3 BTC and emailing the confirmation of payment you will be provided with a decoder.
If you don't trust me, you can email one of your files, I will decode it and send it back to you.
However, if the file you're requesting to decode is valuable, I will send you either a quote from it or a screenshot.
I apologise for any inconvenience caused.
Let me know if you want to proceed.
Thank you for cooperation.
This virus encrypts and renames files by adding unique ID and firstname.lastname@example.org at the end of each file. Example of an infected PDF file: DOC EHD.email@example.com. The virus may also change file formats, for example from .pdf to .fff or something like that, so don't be surprised if you can't recognize new file format.
So what's the solution?
Obviously continually ensuring that your anti-virus and patches are all up to date is an absolute must but when it comes to defending yourself against a malware attack, educating yourself about the latest issues and staying alert are also essential. If you have a recent backup, wipe your hard disk and reinstall your files. If you don't, try Shadow Explorer program or search your computer for previous versions of files. If you are lucky enough you may find files that were not encrypted. But before restoring your files, please remove the ransomware and related malware files from your computer. To do so, please follow the steps in the removal guide below. If you have any questions, please leave a comment down below. Good luck and be safe online!
Written by Michael Kaur, http://deletemalware.blogspot.com
Step 1: Removing firstname.lastname@example.org virus and related malware:
Before restoring your files from shadow copies, make sure the ransom virus is not running. You have to remove this malware permanently. Thankfully, there are a couple of anti-malware programs that will effectively detect and remove this malware from your computer.
1. First of all, download and install recommended anti-malware scanner. Run a full system scan and remove detected malware.
Important! If you can't download or run it, please restart your computer in Safe Mode with Networking or Safe Mode and try again.
2. Then, download ESET Online Scanner and run a second scan to make sure there are no other malware running on your computer.
That's it! Your computer should be clean now and you can safely restore your files. Proceed to Step 2.
Step 2: Restoring files encrypted by email@example.com virus:
Method 1: The first and best method is to restore your files from a recent backup. If you have been regularly performing backups, then you should use your backups to restore your files.
Method 2: Try to restore previous versions of files using Windows folder tools. To learn more, please read Previous versions of files.
Method 3: Use RakhniDecryptor tool from Kaspersky.
Method 4: Using the Shadow Volume Copies:
1. Download and install Shadow Explorer. Note, this tool is available with Windows XP Service Pack 2, Windows Vista, Windows 7, and Windows 8.
2. Open Shadow Explorer. From the drop down list you can select from one of the available point-in-time Shadow Copies. Select drive and the latest date that you wish to restore from.
3. Righ-click any encrypted file or entire folder and Export it. You will then be prompted as to where you would like to restore the contents of the folder to.
Hopefully, this will help you to restore all encrypted files or at least some of them.