Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Afraid to use e-mail flash and videos link after ransomware attack


  • Please log in to reply
3 replies to this topic

#1 jamesrivard

jamesrivard

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:52 PM

Posted 17 July 2017 - 08:30 AM

Hi,
 
 
I'm not sure if this is the right thread to post this in, and if it's not, I'm sorry; maybe it would have belonged better in "General PC Help"... But I'm really looking for an answer I can't seem to find. Here goes my situation:
 
I've suffered a ransomware attack on my work computer a few weeks ago. The ransom has been paid and we got my files back (and a backup plan has been set up so we don't find ourselves stuck in that same situation should it happen again). The decrypted files were put back on the computer after it's been wiped clean and all is well on that side.
 
What bothers me though is that I have no idea when or how that virus entered my computer and how long it took to encrypt my all explainer video files . I know that ransomwares can travel through the computer to infect any external drives that could have been connected to it, and I have connected a few USB flash drives in the weeks before getting the stupid "what happened to your files" message. So I'm wondering: how do I know whether or not those USB flash drives are infected? How can I even safely verify that??
 
Would you have an answer or a solution for me? 
 
 
Thanks a lot in advance!

Edited by jamesrivard, 17 July 2017 - 08:32 AM.


BC AdBot (Login to Remove)

 


#2 Demonslay335

Demonslay335

    Ransomware Hunter


  • Security Colleague
  • 3,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:22 AM

Posted 17 July 2017 - 08:40 AM

What ransomware was it? That might help determine how you were infected. The most common vectors are spam email (don't open unsolicited attachments, especially ones with executable extensions or macros), exploit kits (keep your OS, browsers, plugins, etc. updated), and RDP hacks (don't expose RDP to the internet, use strong passwords).

 

USB devices cannot infect a system by just plugging it in *typically. If you don't open an executable on it, you're fine. It probably just encrypted files on it if it was plugged in during the infection.

 

*There are such things with exploits and the like, but a ransomware is not going to drop something capable of doing that. At least none that have been seen.


logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic]

ransomnotecleaner-25.png RansomNoteCleaner - Remove Ransom Notes Left Behind [Support Topic]

cryptosearch-25.pngCryptoSearch - Find Files Encrypted by Ransomware [Support Topic]

If I have helped you and you wish to support my ransomware fighting, you may support me here.


#3 JohnC_21

JohnC_21

  • Members
  • 23,644 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:11:22 AM

Posted 17 July 2017 - 08:41 AM

This BC guide hopefully helps you from getting infected again.

 

https://www.bleepingcomputer.com/news/security/how-to-protect-and-harden-a-computer-against-ransomware/



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:22 AM

Posted 17 July 2017 - 02:26 PM

The best defensive strategy to protect yourself from malware and ransomware (crypto malware) infections is a comprehensive approach to include prevention and your best defense is back up, back up, and more back up on a regular basis. Preferably keeping a separate, offline backup to a device that is not always connected to the network.For more suggestions to protect yourself from ransomware infections, see my comments (Post #2) in this topic...Ransomware Avoidance...it includes a list of prevention tools.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users