Today I was fortunate to come across a new encryption virus. I say new cause its new to me.
I had a computer come to me with problems of persistent pop-ups.
Upon checking this system I was given a boot drive is missing error.
Naturally I checked the hard drive first. It was present and working perfectly.
So start taking steps to repair boot partition, then I realize the install partition is gone.
After checking the drive I see the recovery partition is still there.
I open up the recovery partition to find help_decrypt.txt and html and others with similar name
all dated months ago. opening these file only yields scrambled symbols inside and no clue as
to the virus name. It appears that when he failed to pay the ransom that they somehow wipe his drive.
I have no other clue and no other files to go by for this incident. I say its new because I have never see
encryption virus do this. Anyone ever see this before?
Edited by hamluis, 23 February 2016 - 07:16 PM.
Moved from Crashes/BSODs to General Security - Hamluis.