Sign in to follow this  
not xcaliber

Live Ransomware encryption!

Recommended Posts

Okay this is getting worse,, apparently my fathers laptop was infected by the StopDjvu, and all the files were locked with a .PEZI extension , BUT here is the think, the ransomware jumped into my computer through the INTERNET!!! I swear i am so lucky , i mean i was literally sitting in front of my computer seeing the process start and do the enryption, i was viewing photos on my disk E and it started the encyrption process from disk E!

in front of my eyes as i watched seeing my files get locked , the only possible and smart thing to stop the process i could think of was to removing the LAN connection(internet) to my pc, THANKFULLY the encryption stopped after encrypting all the 16 useless files , those files were of no use . So yeah i got a little too lucky there.So what should i do now? i switched the mode to safe mode and i aint going back to regular windows until and unless i create a backup! , can i create a backup in safe mode?

  • Like 1

Share this post


Link to post
Share on other sites
On 6/6/2020 at 5:54 AM, not xcaliber said:

Okay this is getting worse,, apparently my fathers laptop was infected by the StopDjvu, and all the files were locked with a .PEZI extension , BUT here is the think, the ransomware jumped into my computer through the INTERNET!!! I swear i am so lucky , i mean i was literally sitting in front of my computer seeing the process start and do the enryption, i was viewing photos on my disk E and it started the encyrption process from disk E!

Do you share files on that drive with other computer on the network? Most ransomwares will encrypt shared files on other computers if they find them and have read/write access to them.

 

On 6/6/2020 at 5:54 AM, not xcaliber said:

can i create a backup in safe mode?

If you have a USB hard drive then the easiest thing to do is just copy files to it in Safe Mode, and then disconnect the USB drive when done.

Share this post


Link to post
Share on other sites
On 6/9/2020 at 8:33 AM, GT500 said:

Do you share files on that drive with other computer on the network? Most ransomwares will encrypt shared files on other computers if they find them and have read/write access to them.

 

i sent one file to the email mentioned in the _readme.txt file for the decrpytion test, i sent the file via my infected computer but clicked on the decrypted file download link through my un-infected PC , i think its because of that. well i also share files wilth computer on my network.

Share this post


Link to post
Share on other sites
4 hours ago, not xcaliber said:

i sent one file to the email mentioned in the _readme.txt file for the decrpytion test, i sent the file via my infected computer but clicked on the decrypted file download link through my un-infected PC , i think its because of that. well i also share files wilth computer on my network.

Sharing files over the network would usually be the reason for files being encrypted on other computers, however you should still check all computers for infections. If you haven't already run an Anti-Virus scan, then you can use Emsisoft Emergency Kit:
https://www.emsisoft.com/en/home/emergencykit/

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.