|
virus
Oct 17, 2016 4:37:30 GMT -5
Post by Macsbeach98 on Oct 17, 2016 4:37:30 GMT -5
The machine will still run? If you can still copy some of the files onto a flash drive then plug the flash drive into another computer just one of your benching operating systems that you dont mind losing (in case the files corrupt it) and see if you can change the extensions to what they should be and they will open Ok. For example a couple of jpegs and word docs to start with. You never know until you try. If the files will work normally on another operating system then you can copy all of the data files off to another hard drive. The reason I recommend using Ubuntu direct off the CD to copy the files off is the virus wont come with the files, the virus wont even be running under Ubuntu. I have seen ransomware viruses that have just done that before. Changed the file extensions.
Actually its been quite a while since I have seen a ransomware virus. They are not a new thing.
If you have never used Ubuntu before just type it into your browser and download the desktop version ISO then right click on it and burn it to disk with Win7 then boot from the disk while it boots up it will ask you if you want to install it or run it from the CD, of course run it from the CD when you get to the desktop you can navigate the drives and copy files off to another drive or flash drive its pretty easy to use.
|
|
|
virus
Oct 17, 2016 4:40:24 GMT -5
Post by ozz on Oct 17, 2016 4:40:24 GMT -5
i have to say, i thought overclocking was hard to understand, this takes computer things to another level, you guys are amazing just to be able to say try this ,that , and know what its gunna do , my mind boggles
|
|
|
virus
Oct 17, 2016 10:09:16 GMT -5
Post by Vinster on Oct 17, 2016 10:09:16 GMT -5
|
|
|
virus
Oct 17, 2016 10:19:26 GMT -5
Post by Vinster on Oct 17, 2016 10:19:26 GMT -5
The machine will still run? If you can still copy some of the files onto a flash drive then plug the flash drive into another computer just one of your benching operating systems that you dont mind losing (in case the files corrupt it) and see if you can change the extensions to what they should be and they will open Ok. For example a couple of jpegs and word docs to start with. You never know until you try. The scary is with this is you don't know where the virus is and could copy it to another system. Using a Linux Boot CD is safe, plug the infected drive and a blank drive to the system and copy what you can. Then go here and get a few bootable anti-virus/ransomeware CD's www.geckoandfly.com/2621/usb-bootable-dos-antivirus-for-unbootable-windows-xp-and-vista/then boot with it and scan the copy drive to make sure you didn't move the virus too before plugging it in another system. need to figure out though which ware you got hit with to pick the right tool... here are also 11 free bootable anti-virus distro's; www.digitalcitizen.life/top-free-bootable-antivirus-rescue-discs-windows-pcsVin
|
|
|
virus
Oct 17, 2016 14:40:27 GMT -5
Post by mrpaco on Oct 17, 2016 14:40:27 GMT -5
After working on his rig all day. That virus was a MONSTER. It disabled the restore point so obviously I couldnt do a restore. I was able to locate and remove the bug it self, but still left all the files encrypted. Was able to recover a good portion of the more important financial docs via excels Recent location. Will give your suggestion a shot Pete, moving a file to a different pc/OS. Hey Vin; you know an awful lot about virus's.... Hmmmmmmm Just kidding. Will give your suggestion a go as well. For what ever reason, the way I originally set up the network, the only drives affected were the 2 on his PC. Did not hit any other on the network. Thank goodness. That would have been TOTAL DEVASTATION. If you look at my original pic to the left, you'll see just 12 of the 28 systems on our network
|
|
|
virus
Oct 17, 2016 15:04:09 GMT -5
Post by Vinster on Oct 17, 2016 15:04:09 GMT -5
Nah, I once did as you are doing and took care of 30 or so systems and 2 servers. some of the single guys would would get porn snatched viruses and I was always expected to fix them on Monday "cause my computer is a piece of shit and isn't working".
So I know and feel your pain. happy it didn't spread on to other devices. Researching I've found that a few other people I know got hit with this. I've helped a few small companies setup their backup scheme and this failure isn't fully accounted for. So I need to go back and rethink this...
glad its getting slowly sorted out. very happy it's not a complete loss.
Vin
|
|
|
virus
Oct 18, 2016 16:17:14 GMT -5
Post by mrpaco on Oct 18, 2016 16:17:14 GMT -5
what would be the best method and/or tool/app to use to re-image the drive?
|
|
|
virus
Oct 19, 2016 8:27:11 GMT -5
Post by Vinster on Oct 19, 2016 8:27:11 GMT -5
Acronis is what I use. but there are free tools out there. I remember Drive Image XML wasn't too bad for a free solution.
Acronis is nice as it has a scheduler and will backup the PC to a external or network drive in the backround. Set it and forget it.
Vin
|
|
|
virus
Oct 19, 2016 8:54:25 GMT -5
Post by georgekokovinis on Oct 19, 2016 8:54:25 GMT -5
Macrium Reflect Pro.
|
|