Details about .Adage Virus

.Adage Virus is a new member of the Phobos ransomware family, very similar to .Help virus. Once the computer virus gets inside the PC system, it would start seeking out some pre-determined file formats. The predetermined file formats normally include different documents, images or other files that happen to be significant to the victims.  When the scan of your hard drives for the pre-set file types is carried out, .Adage continues with encryption stage of the said documents – it does this through creating a copy of each file with the new copy being locked via an encryption code. The whole idea is that, once the process of copying the files is executed, the initial data files would get deleted. The last stage of the infection is when the PC virus displays a message on the consumer’s PC desktop with directions on exactly how to execute a ransom money transfer so as to have the computer files recovered. If all of this sounds familiar to you (because you have likely already experienced it), we may be capable of helping you remove .Adage and deal with the consequences of its attack. 

Dangers associated with .Adage ransomware

In the first place, you need to keep in mind the fact that a typical Ransomware cryptoviruses, such as .Adage, doеs no operate in any way similar to the conventional malicious programs (for example Trojans) which, unfortunately, makes it more challenging to cope with than any other computer infection. What’s more, the majority of the common anti-malware products may be proven ineffective in the battle against this kind of danger. This is due to the fact that usually, no representative of Ransomware can or will immediately harm your system in any way. Therefore, there is almost nothing to provoke the reaction of your anti-virus tool.

Needless to say, one of the first concerns that pops-up within one’s mind, when they realize that they are being blackmailed for the access to their personal files, is if they should make the money payment to regain their access or disobey the hackers. Normally, most system security professionals would advise against going for the ransom payment. Always remember that even in case the online hackers behind .Adage are given the money, they can always demand more or simply keep holding your personal data hostage without reason whatsoever. An additional frustrating possibility that you should take into account as well is the fact that even if you get the decryption key, it could still be unable to restore the access to the encrypted computer data. In both of those scenarios, your money will be gone and your files would still remain locked. That’s why our suggestion is to first explore some other potential techniques that you can try out in an attempt to unseal your personal files that won’t require from you to spend any money. And if the alternative solutions fail, you can always return to considering the ransom payment that the crooks behind .Adage require as your last option.

SUMMARY:

[add_third_banner]

Remove .Adage Virus Ransomware Removal Guide

1: Preparations

Note: Before you go any further, we advise you to bookmark this page or have it open on a separate device such as your smartphone or another PC. Some of the steps might require you to exit your browser on this PC.

2: Task Manager

Press Ctrl + Shift + Esc to enter the Task Manager. Go to the Tab labeled Processes (Details for Win 8/10). Carefully look through the list of processes that are currently active on you PC.

If any of them seems shady, consumes too much RAM/CPU or has some strange description or no description at all, right-click on it, select Open File Location and delete everything there.

Also, even if you do not delete the files, be sure to stop the process by right-clicking on it and selecting End Process.

3: IP related to .Adage

Go to c:\windows\system32\drivers\etc\hosts. Open the hosts file with notepad.

Find where it says Localhost and take a look below that. 

If you see any IP addresses there (below Localhost) send them to us here, in the comments since they might be coming from the .Adage.

[add_forth_banner]

4: Disable Startup programs

Re-open the Start Menu and type msconfig.

Click on the first search result. In the next window, go to the Startup tab. If you are on Win 10,  it will send you to the Startup part of the task manager instead, as in the picture:

If you see any sketchy/shady looking entries in the list with an unknown manufacturer or a manufacturer name that looks suspicious as there could be a link between them and .Adage , disable those programs and select OK.

5: Registry Editor

Press Windows key + R and in the resulting window type regedit.

Now, press Ctrl + F and type the name of the virus.

Delete everything that gets found. If you are not sure about whether to delete something, do not hesitate to ask us in the comments. Keep in mind that if you delete the wrong thing, you might cause all sorts of issues to your PC.

6: Deleting potentially malicious data – .Adage

Type each of the following locations in the Windows search box and hit enter to open the locations:

%AppData%

%LocalAppData%

%ProgramData%

%WinDir%

%Temp%

Delete everything you see in Temp linked to .Adage Ransomware. About the other folders, sort their contents by date and delete only the most recent entries. As always, if you are not sure about something, write to us in the comment section.

7: .Adage Decryption

The previous steps were all aimed at removing the .Adage Ransomware from your PC. However, in order to regain access to your files, you will also need to decrypt them or restore them. For that, we have a separate article with detailed instructions on what you have to do in order to unlock your data. Here is a link to that guide.

The post Remove .Adage Virus (Ransomware Removal + File Recovery) appeared first on Malware Complaints.