This malware is pretty easy to remove
Just boot to safe mode and tell it to show all hidden files and folders and system files.
There are 3 main folders the ransom malware always hides.
You'll find a weird exe in the root of those folders.
Check to make sure the malware didn't remove any of your program shortcuts (Start / all programs). if your program folders appear to be empty go to c:\users\(username)\local\temp and look for a folder called smtp
. Inside that folder (if you have it) you will find folders numbered 1 through 4. One folder contains desktop icons, another folder contains your program shortcuts it deleted. Remember to restore those before you run ccleaner, other wise it will delete them.
if all of your files appear to be hidden then download and run this application. http://www.bleepingc...ownload/unhide/
This will go through and remove the hidden file attribute from all of your files. if your files are not hidden then skip to the next step.
Now run the following apps
and then make yourself a Kaspersky Rescue disc, and boot from it, update it and and do a full scan
Then download and run patchmypc from www.patchmypc.net which will check to make sure all of your 3rd party software is up top date, such as Adobe reader, flash, java and a bunch of others. it will then update all of the software with 1 click.