Just got infected, got lucky to react fast and stop encrypting before my imprtant stuff got encrypted. Managed to stop it by turning off pc and disabling from start up and disconnecting lan cable. Now I am in safe mode. Becouse I still have my files unencrypted, I would like if someone could my help how to get rid of the this virus without formating whole system.
I deleted files in temp folder, file from startup "Sdfsd" and all suspicious files next to that one in appdata. Deleted .job file in windows/Task folder.
Encrypted files are .DOCM
Does this virus spread if I connect usb to my pc and than somewhere else. Is it safe if it does to after unpluging from infected system to format usb using otg adapter with android phone and then putting programs for removal of virus.
Virus started by encrypting most of the desktop and than my 😧( cannot remove smiley for some reason)D disk drive folders from the bottom to the top by name. I stoped it while it was encrypting steamlibary, luckily I had se big games in size so I had time to react.
As I said I would appreciate help to remove it and one last thing, is it safe to turn connection back on and go out of the safe mode?
Writing from a phone.
Just got an idea. Since my system is installed on ssd, but all important files are on hdd, will I be safe if I unplig hdd, reinstall windows and after that plug back hdd. Is virus only stored on system partition? Is it a smart idea to do that?