I luckily have never experienced this. I am talking about when your HD gets encrypted. My question is does this malware touch any attached drives or only main drive?
Ransomware
- Thread starter Donald
- Start date
- Status
Most if not all now go after any attached drive. That is why it is smart to have 2 external drives and 1 cloud provider storage that says it is setup to deter ransomware link ins to the cloud drive. With those 2 external drives (3 would be better if you have important data you cant lose), number them, and rotate a back up every 2 weeks, so if they put a delay in you still have a backup with MOST of your data. That is why 3 drives is safer. Also get a program that deters Ramsomware like Hitman Pro.Alert or Malwarebytes 3.0 Premium.
https://www.hitmanpro.com/en-us/alert.aspx
https://www.malwarebytes.com/
.
https://www.hitmanpro.com/en-us/alert.aspx
https://www.malwarebytes.com/
.
My experience is they don't encrypt, just scare you with a root program that prevents access. Go in the back door, run a root killer, malwarebytes, you can fix it.
Most encrypt, and some don't give you keys even if you pay, so you are really screwed. Only a few have back doors that AV companies and malware researchers can backdoor. That also maybe weeks to mouths after you get it that they get the backdoor scheme out for the commoner to use, and you need to get up and running within days.
Last edited:
Every drive attatched in my case.
Took quite some time to eradicate.
HitMan Pro worked for me.
Took quite some time to eradicate.
HitMan Pro worked for me.
I have no idea about the above posts.
I would think, as I have run into it, that most of these issues occur because people click and allow the ransomware further access to their system.
If I ever run across it, simply take your hands off the keyboard and manually turn off the computer using the power switch.
Your computer will ALWAYS start up as normal once shutting it down.
There is the possibility that the browser itself might be infected, you can always switch to a different browser, do malware scan if you wish, bleachbit your brownsers too.
Im no expert on this issue, been computing for decades now plus 3 kids now adults, always instructed them, DO NOT click, turn off the power button or your screwed. Doesnt mean it will work for everything, but has worked for us.
I would think, as I have run into it, that most of these issues occur because people click and allow the ransomware further access to their system.
If I ever run across it, simply take your hands off the keyboard and manually turn off the computer using the power switch.
Your computer will ALWAYS start up as normal once shutting it down.
There is the possibility that the browser itself might be infected, you can always switch to a different browser, do malware scan if you wish, bleachbit your brownsers too.
Im no expert on this issue, been computing for decades now plus 3 kids now adults, always instructed them, DO NOT click, turn off the power button or your screwed. Doesnt mean it will work for everything, but has worked for us.
Last edited:
Originally Posted By: LeakySeals
My experience is they don't encrypt, just scare you with a root program that prevents access. Go in the back door, run a root killer, malwarebytes, you can fix it.
+1 - Actually encrypting a HDD or SSD with any considerable amount of data would take forever and require a whole lot of free space. If you can run some sort of utility during a next boot to "fix" the problem, the problem had nothing to do with encryption; just likely some easily-set permissions.
My experience is they don't encrypt, just scare you with a root program that prevents access. Go in the back door, run a root killer, malwarebytes, you can fix it.
+1 - Actually encrypting a HDD or SSD with any considerable amount of data would take forever and require a whole lot of free space. If you can run some sort of utility during a next boot to "fix" the problem, the problem had nothing to do with encryption; just likely some easily-set permissions.
OVERKILL
$100 Site Donor 2021
Some of them most definitely encrypt. And yes, they take considerable time to perform the process. Utilities from ESET and other majors can be use to unencrypt the files in some cases, depending on which generation of the software was used. Since this software is constantly evolving, newer strains do not have decryption programs at this time.
http://support.eset.com/kb3433/?locale=en_US
Originally Posted By: ESET
Can encrypted files be recovered?
Modern Filecoders/Ransomware encrypt data using asymmetric methods and multiple types of encryption cyphers. In short, files are encrypted with a public key and are not able to be decrypted without the associated private key. With current ransomware, the private key is never located on the affected workstation or environment. This means that data will need to be restored from a good backup made prior to the infection.
If no backups are available, you can attempt to recover files from Shadow Copies. You can use Shadow Explorer, which you can download from the following web page: http://www.shadowexplorer.com/downloads.html
However, it is not uncommon for ransomware infections to delete Shadow Copies to prevent recovery of files.
http://support.eset.com/kb3433/?locale=en_US
Originally Posted By: ESET
Can encrypted files be recovered?
Modern Filecoders/Ransomware encrypt data using asymmetric methods and multiple types of encryption cyphers. In short, files are encrypted with a public key and are not able to be decrypted without the associated private key. With current ransomware, the private key is never located on the affected workstation or environment. This means that data will need to be restored from a good backup made prior to the infection.
If no backups are available, you can attempt to recover files from Shadow Copies. You can use Shadow Explorer, which you can download from the following web page: http://www.shadowexplorer.com/downloads.html
However, it is not uncommon for ransomware infections to delete Shadow Copies to prevent recovery of files.
JHZR2
Staff member
How does this happen? I can honestly say (knock on wood) ive never had a virus. And Im ALWAYS on a computer of some sort.
Too much porn watching? Its pretty obvious when an unsavory email with a questionable attachment comes through.
Too much porn watching? Its pretty obvious when an unsavory email with a questionable attachment comes through.
Yes, any attached devices, including USB Thumb drives.
I use software called "CrashPlan" on my Mac for about $60/year. I feel it is worth it. It gives me unlimited snapshots of a file going back in time however far I need to. Some backup services only retain the latest copy. If that copy is infected, then you're screwed.
I use software called "CrashPlan" on my Mac for about $60/year. I feel it is worth it. It gives me unlimited snapshots of a file going back in time however far I need to. Some backup services only retain the latest copy. If that copy is infected, then you're screwed.
my experience is from Nov 2014:
-attached drives
-network drives
-(stories of ) cloud drives like dropbox (i think they patched that hole now)
encrypted about 40GB of network data in 6.5 hours. this using a slow computer and slow network drive.
they asked about that data about 2 times in 3 years.....
all word, excel, pictures, pdf files
how did it happen:
-the Happy Ladies Network of course!
-fake youtube video link shared be a bunch of happy ladies
-also reported at that time fake pdf's (even if users educated about use the extension part of the file. NOPE, it was in the name)
-attached drives
-network drives
-(stories of ) cloud drives like dropbox (i think they patched that hole now)
encrypted about 40GB of network data in 6.5 hours. this using a slow computer and slow network drive.
they asked about that data about 2 times in 3 years.....
all word, excel, pictures, pdf files
how did it happen:
-the Happy Ladies Network of course!
-fake youtube video link shared be a bunch of happy ladies
-also reported at that time fake pdf's (even if users educated about use the extension part of the file. NOPE, it was in the name)
Originally Posted By: JHZR2
How does this happen? I can honestly say (knock on wood) ive never had a virus. And Im ALWAYS on a computer of some sort.
Too much porn watching? Its pretty obvious when an unsavory email with a questionable attachment comes through.
you travel a lot!
how many old /legacy systems you saw at pretty major manufacturers?
how many low iq managers? and probably they had access to computers since before i was conceived....
How does this happen? I can honestly say (knock on wood) ive never had a virus. And Im ALWAYS on a computer of some sort.
Too much porn watching? Its pretty obvious when an unsavory email with a questionable attachment comes through.
you travel a lot!
how many old /legacy systems you saw at pretty major manufacturers?
how many low iq managers? and probably they had access to computers since before i was conceived....
- Status
