RockyTwiz Posted June 5 ID:1641158 Share Posted June 5 Following the collapse of the family business, while salvaging the hard drives from the company PC's, we have retrieved a key drive with the most important company files. The majority of the files on the key drive were apparently encrypted by ransomware more than 10 years ago, but some later files have not been encrypted. I'm not sure what if anything the former user did when the ransomware appeared. When I connected the infected drive to my laptop via USB and ran MB Premium, I got 20 infected files with general malware and PUP's, of course I quarantined those. The encrypted files are still visible in Explorer, however they each have a new file extension. Is there a procedure using MB and other software to decrypt these files ? Also I have MB scanned my laptop and no malware is detected. I have also ESET-scanned the laptop, no problems detected. Do I need to do anything else ? Link to post Share on other sites More sharing options...
Solution Porthos Posted June 5 Solution ID:1641161 Share Posted June 5 10 minutes ago, RockyTwiz said: Is there a procedure using MB and other software to decrypt these files ? Malwarebytes cant. Sign up for a forum account on BleepingComputer and follow the directions from these topics. Ransomware Help & Tech Support https://www.bleepingcomputer.com/forums/f/239/ransomware-help-tech-support/ How to Post a Topic Asking for Help With Ransomware https://www.bleepingcomputer.com/forums/t/608844/how-to-post-a-topic-asking-for-help-with-ransomware/ ID Ransomware - Identify What Ransomware Encrypted Your Files https://www.bleepingcomputer.com/forums/t/608858/id-ransomware-identify-what-ransomware-encrypted-your-files/ https://id-ransomware.malwarehunterteam.com/ Thank you Link to post Share on other sites More sharing options...
RockyTwiz Posted June 5 Author ID:1641286 Share Posted June 5 Thanks. I'll pursue the solution you suggested for the encrypted drive. Meanwhile, is there anything else I should do to protect my laptop from getting the ransomware infection ? MB premium scans show nothing, ESET Online scans show nothing. Link to post Share on other sites More sharing options...
Porthos Posted June 5 ID:1641288 Share Posted June 5 (edited) 6 minutes ago, RockyTwiz said: Meanwhile, is there anything else I should do to protect my laptop from getting the ransomware infection ? Do not open unknown, unexpected attachments in emails. Do not use P2P software to download copywritten content or hacked/cracked software also avoid sites that offer such software. Keep backups of all important data on an external drive and keep that drive disconnected from your system unless doing a backup. Edited June 5 by Porthos Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 5 Root Admin ID:1641347 Share Posted June 5 We can assist you in scanning your computer if you like, but so can the team over on Bleepingcomputer. The reason we recommend to go there is because they may possibly know if your specific attack has tools to recover your data or not. If you're not concerned about the data then we can help you scan the computer. But if not worried about the data you might want to also consider doing a CLEAN install of Windows. Clean Install Windows 10 & 11 (2023) https://answers.microsoft.com/en-us/windows/forum/all/clean-install-windows-10-11-2023/1c426bdf-79b1-4d42-be93-17378d93e587 Also, please review the following topic Bypass Microsoft Online Account Creation during installation of Windows 11 https://forums.malwarebytes.com/topic/296613-bypass-microsoft-online-account-creation-during-installation-of-windows-11/ For staying safe, see the following The following information will help you to keep your computer and data safer as well as improve your overall privacy Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site. https://www.howtogeek.com/780233/best-password-manager/ Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/ Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download https://patchmypc.com/about-us Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2 Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/ Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security Malwarebytes Browser Guard Google Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee Microsoft Edge: https://support.malwarebytes.com/hc/en-us/articles/4413298736787-Install-Malwarebytes-Browser-Guard-on-Microsoft-Edge-browser Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/ uBlock Origin Google Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm Microsoft Edge: https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin Cybersecurity basics & protection Everything you need to know about cybercrime https://www.malwarebytes.com/cybersecurity Further reading if you'd like to keep up on the malware threat scene: Malwarebytes Blog https://blog.malwarebytes.com/ Link to post Share on other sites More sharing options...
Recommended Posts