not xcaliber 1 Report post Posted June 6 Okay this is getting worse,, apparently my fathers laptop was infected by the StopDjvu, and all the files were locked with a .PEZI extension , BUT here is the think, the ransomware jumped into my computer through the INTERNET!!! I swear i am so lucky , i mean i was literally sitting in front of my computer seeing the process start and do the enryption, i was viewing photos on my disk E and it started the encyrption process from disk E! in front of my eyes as i watched seeing my files get locked , the only possible and smart thing to stop the process i could think of was to removing the LAN connection(internet) to my pc, THANKFULLY the encryption stopped after encrypting all the 16 useless files , those files were of no use . So yeah i got a little too lucky there.So what should i do now? i switched the mode to safe mode and i aint going back to regular windows until and unless i create a backup! , can i create a backup in safe mode? 1 Quote Share this post Link to post Share on other sites
GT500 823 Report post Posted June 9 On 6/6/2020 at 5:54 AM, not xcaliber said: Okay this is getting worse,, apparently my fathers laptop was infected by the StopDjvu, and all the files were locked with a .PEZI extension , BUT here is the think, the ransomware jumped into my computer through the INTERNET!!! I swear i am so lucky , i mean i was literally sitting in front of my computer seeing the process start and do the enryption, i was viewing photos on my disk E and it started the encyrption process from disk E! Do you share files on that drive with other computer on the network? Most ransomwares will encrypt shared files on other computers if they find them and have read/write access to them. On 6/6/2020 at 5:54 AM, not xcaliber said: can i create a backup in safe mode? If you have a USB hard drive then the easiest thing to do is just copy files to it in Safe Mode, and then disconnect the USB drive when done. Quote Share this post Link to post Share on other sites
not xcaliber 1 Report post Posted June 12 On 6/9/2020 at 8:33 AM, GT500 said: Do you share files on that drive with other computer on the network? Most ransomwares will encrypt shared files on other computers if they find them and have read/write access to them. i sent one file to the email mentioned in the _readme.txt file for the decrpytion test, i sent the file via my infected computer but clicked on the decrypted file download link through my un-infected PC , i think its because of that. well i also share files wilth computer on my network. Quote Share this post Link to post Share on other sites
GT500 823 Report post Posted June 13 4 hours ago, not xcaliber said: i sent one file to the email mentioned in the _readme.txt file for the decrpytion test, i sent the file via my infected computer but clicked on the decrypted file download link through my un-infected PC , i think its because of that. well i also share files wilth computer on my network. Sharing files over the network would usually be the reason for files being encrypted on other computers, however you should still check all computers for infections. If you haven't already run an Anti-Virus scan, then you can use Emsisoft Emergency Kit:https://www.emsisoft.com/en/home/emergencykit/ Quote Share this post Link to post Share on other sites
