When the ransomware is started it will display the above lockscreen so that you cant use your computer. It will also change your encrypted files extensions to .EXE and then infect them with malicious code that allows it to spread to other computers when the files are opened. If one of these files is then double-clicked it will launch the encrypter and encrypt and infect any new files. If one of these files is double-clicked on a previously unaffected computer, then this computer will become encrypted and infected as well.
Potentially the most dangerous feature of this ransomware is that it will look for unmounted network shares and mount them as a drive letter on your computer. It will then proceed to encrypt and infect the files found on these network shares as well. All previous ransomware infections would only target drive letters on the existing computer and would ignore unmapped network shares. Operation Global III on the other hands raises the ante by going after all network shares and infecting any files or executables it finds on them. As Windows by default does not display file extensions, someone on another computer would open one of these files not realizing that they are executables and then their computer would become infected as well.
The good news is that the decryption key for each file is stored inside the encrypted file. This allowed Nathan Scott, aka DecrypterFixer, to create a program that patched the virus/ransomware so that you can decrypt your files for free. After using his tool when you double-click on a file, instead of encrypting other files, it would decrypt it. Nathan has put together a YouTube video that describes how to use his patcher to disable the encryption routine and allow you to decrypt your files. This video can be found below.
To summarize the above vide, in order to use his tool to decrypt your files you must keep the malware active and running on your computer. While the screenlocker is open you can still Alt+Tab to the desktop in order to access your applications. Once at your desktop, start a web browser and download the Operation Global III Ransomware Patcher and save it to your desktop. Once it is downloaded, double-click on the program and you will see the patcher as shown below.
To patch the malware so you can decrypt your files, please click on the Patch button. The patcher will patch the ransomware program and automatically minimize the lock screen. You can then double-click on your affected files to decrypt them.
Unfortunately, the routine used by Operation Global III to infect executables is buggy and when you decrypt them they may no longer work. Therefore you will need to reinstall many of the applications that were infected. With this said, it is strongly advised that you reinstall Windows and all of your applications after you recover your data files. This will guarantee that your computer is working properly again.