Virus rename the files randomly for the names and extensions

Jaenal

Estimable
Jan 22, 2016
5
0
4,510
Hi expert,I have problem with my files. They automatic converted to unknown name and extension. And the infected file increase day by day.

This is the corrupted files
https://drive.google.com/folderview?id=0B7gqD90v_6VAdFpOdUgyQjEtcHc&usp=sharing

What kind of this malware? And how can I to remove this?
I tried to scan use Malwarebayte, and the result is zero.
I tried to scan use Spy Hunter, it gets Omnibar.
I tried to recover my files use EaseUS, there are original file names with 0 byte and cannot recovered.

Anybody can help me?
Thanks before.
#Jae
 
Solution
Download RKill for bleeping computer, run the app and keep it running, this will attempt to stop the virus thus prevent renaming of any files, now follow through with Aldan's advice, at all times keep Rkill running, use this time to update malwarebytes etc...scan and remove infections.

NB: the author of RKill sometimes has variations of Rkill but renamed as Iexplore.exe, this fools the infection since the makers of the virus may attempt put programming in their virus to search if Rkill is present. So download both and test but dont run both variations at same time.

aldan

Distinguished
Apr 15, 2013
320
0
19,010
there is a specific order to do this.first download and run adwcleaner from bleeping computer.select clean to get rid of anything it comes up with.second download and run junkware removal tool,also from bleeping computer.it will delete anything it finds.third run a scan with malwarebytes and remove anything it comes up with.post the logfiles from each of these programs in your next post and we can go from there.
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.bleepingcomputer.com/download/junkware-removal-tool/
https://www.malwarebytes.org/mwb-download/

what antivirus program are you running?
 
G

Guest

Guest

+ 1 on this,and if it don't work you will have to reinstall windows
 

Jaenal

Estimable
Jan 22, 2016
5
0
4,510


Thank's for your answer.
This is the result of program scan that you mentioned above. https://drive.google.com/folderview?id=0B7gqD90v_6VAUVN1eS1GeEd1NEU&usp=sharing.
I hope my files can be resqued.
 

Jaenal

Estimable
Jan 22, 2016
5
0
4,510


I am sorry for link above, this is the link Files renamed by virus.
Because Malwarebyte cannot detects what happens on my laptop, but the renamed file randomly still continue.
I tried to rename back to the original file extension, but native program can't open it.

Thanks
 

zer0c00l587

Estimable
Jan 14, 2016
258
0
5,210
Download RKill for bleeping computer, run the app and keep it running, this will attempt to stop the virus thus prevent renaming of any files, now follow through with Aldan's advice, at all times keep Rkill running, use this time to update malwarebytes etc...scan and remove infections.

NB: the author of RKill sometimes has variations of Rkill but renamed as Iexplore.exe, this fools the infection since the makers of the virus may attempt put programming in their virus to search if Rkill is present. So download both and test but dont run both variations at same time.
 
Solution