Questions tagged [ransomware]
A type of malicious software designed to block access to a computer system until a sum of money is paid.
47
questions
-1
votes
3
answers
816
views
My computer is hacked, All files were renamed as YYZA file extension, how to rename or remove YYZA Extension? [duplicate]
My Laptop got attacked by a virus and nearly every file including Photos, Videos and Documents extension were changed to YYZA , meaning .jpg was changed to .YYZA, How to recover or remove that ...
1
vote
1
answer
324
views
How to have an app be trusted by Windows to bypass the "Ransomeware protection"?
I have a Windows desktop software that needs to write new folder/files into the %USERPROFILE%\Documents\ folder.
There is a Windows option, under "Ransomware protection", that protects "...
- 249
1
vote
1
answer
128
views
Is situation (with GPG) possibly a malware attack?
I am taking care of an ubuntu server (22.04) and suddenly I was not able to access some files via FTP. I checked a few things and noticed a gpg root process consuming a lot of CPU. It kept restarting ...
- 121
0
votes
1
answer
189
views
Cybereason just appeared on status bar
I've been using Manjaro for a while, but last week a new icon appeared on the status bar. When right-clicking it says it is from Cybereason (see below), but I did not install it. Try to figure out ...
- 1
1
vote
3
answers
2k
views
How do I check if files have been encrypted by Ransomware?
Is there any way to check if the current files (files of a computer/user/hard disk/NAS ) have been encrypted with ransomware by a third party?
Would it be possible to open all files according to their ...
- 11
1
vote
1
answer
174
views
Do ransomware decryption tool really work and what's proper way to fix it? [closed]
My laptop got infected with ransomware, files got encrypted and it tells me to pay to them.
As I know I have a few options:
Pay the ransom and hope the cybercriminals keep their word and
decrypt the ...
- 302
1
vote
0
answers
134
views
How do I recover files on a Linux web server after an attack by Makop Ransomware?
My web server was running a critical web service for my company network and was attacked by the Makop Ransomware. The majority of the php files and the databases have all been encrypted. Is there a ...
0
votes
0
answers
54
views
Ransomware hack usb controller [duplicate]
Apology to poor english , i am 56 year old , from macedonia , maybe the superuser isnt a best place to ask , but google lied to me some times so i dont trust it ,
My boss in work is dumb as a bike and ...
0
votes
1
answer
88
views
QDLA Remove and Decrypt
Good day, I have been hacked anonymously, that all my files was been renamed or encrypted by a ransomware STOP/DJVU. Is there someone out there can decrypt or solve this? Need Instruction. Thank you ...
- 1
0
votes
1
answer
390
views
ls command on a Synology NAS via SSH returns "ls: cannot read symbolic link"
DISCLAIMER: I know nearly nothing of unix based things, shell etc...
A month ago a ransomware (0xxx) infected my Synology NAS. I contacted an expert to know if there's anything I can do. He told me to ...
0
votes
1
answer
37
views
Ransomware affected Files can be used.?
My pc was hacked with internal drive and external, i turnoff the computer and disconnected external drives and done clean installation on internal, Does ransomware affected files on external hard ...
0
votes
0
answers
31
views
How to decrypt all my personal files which is encrypted by window after window 10 reset? [duplicate]
All my personal files and excel files are encrypted by window when i reset window 10. Now i am not able to open my excel files. In all my files, the extension .geno is added in all the files (Mouse ...
- 1
2
votes
1
answer
296
views
Can ransomware affect ejected external hard drive? [closed]
Can ransomware affect an external hard disk on Windows that has been ejected using "Safely remove" feature while keeping the drive plugged into my PC?
0
votes
1
answer
166
views
I have accidentally put ransomware protection on my C drive
I have enabled ransomware protection but accidentally put c drive in my protected folder now it is not letting me change any settings neither is it letting me disabling the setting. Help
0
votes
1
answer
235
views
Will the System Restore bring back Ransomware even after using an anti-virus?
I have been attacked by a Ransomware STOP djvu vs extension .npsk. I will be able to remove it soon, but after that, I want to use System Restore to recover my original file that not been encrypted ...
0
votes
1
answer
293
views
Is there any way to scan Windows XP folders for viruses from Windows 10
We know that Windows XP is passed away long time before. But still I like to use ( or I have no other way because some old software work only on XP). Most of the anti-virus and malware protection ...
- 3,717
3
votes
3
answers
3k
views
How to wipe a disk completely that has been encrypted by ransomware
Recently my HDD was encrypted by a ransomware attack (I have no idea which encryption method has been used) and as a result I cannot access the contents of my HDD (see how Disk 1 seems in the first ...
- 201
0
votes
1
answer
60
views
Corrupted windows and lost image file
My PC got attacked by a hets ransom virus. It corrupted my windows and encrypted all the files on my PC, including the original windows image file that came with the laptop. I now understand the ...
- 111
0
votes
0
answers
40
views
Mbed ransomware attack on my PC [duplicate]
My pc attacked by Mbed ransomware virus and all files get encrypted.
To kill this virus, I have scanned my full system with bootable anti-virus
and used Emsisoft Decryptor to decrypt files.
But this ...
- 149
2
votes
1
answer
2k
views
How to recover files encrypted by norvas ramsomware
I just caught a ransomware that encrypted many of my files and I need to get them back. Now they all end in .NORVAS and I can't find a way to decrypt them back. I tried with data recovery pro, shadow ...
- 21
0
votes
0
answers
53
views
Files encrypted with af21 file extension
I have a set of files which got encrypted during the recent ransomware attack. All of the files have a common extension .af21 . I am able to play the video files using VLC, although they have the same ...
- 43
0
votes
0
answers
77
views
How do I recover my data from a ransomware .rumba?
My laptop got infected with a ransomware. It add extension .rumba to my files. How do recover my data? I've tried all the method in the google first page of "How to remove .rumba" to no avail. I ...
- 650
0
votes
0
answers
370
views
Windows 10 Controlled folder access, when turned on does it prevent games from saving in documents?
Its a feature of windows 10 defender, but it doesn't explain itself well. When turned on, it takes you to a page where there is a list of folders its protecting like Documents and Pictures. They cant ...
- 31
2
votes
0
answers
962
views
Allow rundll32.exe in Windows 10 ransomware protection settings?
When trying to import photos from my phone, Windows' ransomware protection (controlled folder access) blocked rundll32.exe from writing to my Pictures photo.
Would it be OK to put rundll32.exe on ...
- 2,680
0
votes
1
answer
297
views
Requesting Advice On Preventing Ransomware (also very odd text in my win.ini cfg)
I had just recently prevented a ransomware attack and am still looking for malware as I am curious. I had looked in my win.ini file this morning and found some odd text that even Google Translate ...
1
vote
1
answer
139
views
Laptop PC stuck at startup, formatted, now data unrecoverable, looks encrypted
Someone asked me to recover data from a laptop computer (Sony Vaio), after a Windows reinstall (Windows 8) through the startup recovery procedure.
Prior to that, the computer was malfunctioning : it ...
- 855
0
votes
1
answer
736
views
Is it possible to remove BitLocker functionality from Windows?
Is there any way to remove BitLocker functionality from Windows?
BitLocker has recently been used by ransomware to lock a friend's drive. He is now supposed to pay bitcoin to some hackers to get the ...
- 763
-1
votes
1
answer
3k
views
Randomly Named Files appearing in Hidden folders (virus?)
I have random hidden folders containing files with randomly generated file names I haven't created appearing in my Documents Folder (which is synced to OneDrive).
e.g. OneDrive\Documents\2016-11-08 ...
- 29
2
votes
0
answers
148
views
Duplicate files with weird extensions – ransomware?
I'm a little afraid to get bashed since this is super non-specific but this is exactly my problem. I'm finding weird file duplicates on my computer – with the same name as the original file but an ...
- 69
1
vote
1
answer
230
views
How to protect data on connected pendrive from Ransomware?
This question is specific to some measures that I have already taken with a pen drive as described below. I have a pendrive that’s always connected to my Windows PC. I run a script at logon that takes ...
- 1,708
0
votes
1
answer
140
views
How to browse the net safely with Windows computers?
I have Windows 7 and Window 10 laptops. I'm thinking of a bullet-proof way to protect the computers from network threats such as the ransomware attacks that have been running wild during the last few ...
- 441
-1
votes
1
answer
158
views
Windows 7: Can we keep internal HDD from being accessed by ransomwares with "disable" or "unmount"?
I'm trying to find an alternative way to protect my daily backup-disk from malware, while the HDD is still connecting to a SATA port on the motherboard.
(This is temporally. I can't afford a portable ...
0
votes
2
answers
1k
views
How to decrypt files after BTCWare Gryphon?
My PC got affected by BTCWare Gryphon.
I have tried different software such as Data Recovery Pro, 360 Document Protector, Kaspersky, and so on, but they couldn't help me.
ID Ransomware claims that ...
0
votes
1
answer
190
views
Decrypt files after Petya ransomware attack in 2017 [duplicate]
Does anybody know if the recent flavour of Petya ransomware (active in June 2017) is somewhat different from one that appeared back in 2016?
I am only interested in the decrypting approach.
This was ...
- 1,562
0
votes
1
answer
255
views
Why is windows 10 encrypting so many files?
My current status: Paranoid.
Monday night I had a friend over and we were making travel plans on my computer.
A message appeared at some point asking about backing up encrypted files. I stupidly ...
- 115
1
vote
0
answers
75
views
How do the ransomware viruses perform their encryption?
I know the classic setup ... open a file, click a link -- bam: malicious code execution. Oh noes!
But how does that lead to "all my files are suddenly encrypted"?
The operative word here is "...
- 1,419
0
votes
0
answers
3k
views
Disable wmic - Windows Management Instrumentation
Regarding Petya ransomware, I read that is advisable to disable vmic, afaik aka "Windows Management Instrumentation" in services.msc.
But if I am stopping this, this will also stop "Security Center",...
- 123
0
votes
1
answer
151
views
Is encrypted but online USB PenDrive safe from ransomware attack?
Using TrueCrypt I have encrypted the entire backup pen drive but it's always connected to my Windows 7 PC.
As a result when normally dismounted it does not have a recognized file system. Only a drive ...
- 1,708
-3
votes
1
answer
189
views
Have I been attacked by the WannaCry ransomware? [duplicate]
I am (deliberately) still running XP on my main home PC. Since the attack of the WannaCry ransomware, I have been unable to reach Windows Update (or any other Microsoft website) with Internet ...
2
votes
1
answer
2k
views
Access Windows 10 Safe Mode from startup
I have an Asus machine running up-to-date Windows 10. With all the Ransomware panic going around ittakes me back to when I was victim of a type-3 Ransomware attack (lockout). The way I managed to ...
- 266
-3
votes
1
answer
4k
views
How to protect my Windows machine from Wanna Cry (Wanna Crypt) ransomware attack and how to remove Wanna Cry? [duplicate]
When i wrote this question in SuperUser there was not any information and solution about Wanna Cry attack in SuperUser. So this is not a duplicate question and has special information and useful ...
- 163
-2
votes
2
answers
2k
views
Should I do online transaction [WannaCry Ramsomeware]
Can I do online transaction safely without getting affected by WannaCry Ramsomeware? If I do, then how would I be affected?
The site I'm trying is Amazon.
- 99
0
votes
0
answers
167
views
Will you see ransomware activity like WannaCry in Resource Monitor? [duplicate]
I understand that in order to encrypt terabytes of data, a ransomware must work hard for hours on HDD and perhaps for under an hour on SSD.
So it has to leave obvious signs of doing so.. right?
...
- 2,444
5
votes
0
answers
2k
views
Is this a ransomware?
I just got this window on my main computer:
Apparently, it's from Windows. I checked, and the process EXE file is the original one (efsui.exe or something like that). However, I don't use EFS (I ...
- 13.3k
1
vote
1
answer
166
views
How does ransomware work? [closed]
If it's possible to get a full rundown on how ransomware usually works in encrypting files, that would be nice.
I know ransomware encrypts all files with AES-256 for speed, but where does RSA come in?...
- 11
0
votes
0
answers
74
views
Ransomware attack [duplicate]
My desktop has been hijacked by ransomware. They won't let me reach the login screen. Even tried safe mode, but I can't get past the virus. I have a bootable linux mint USB, can I boot it on the PC ...
- 13
5
votes
2
answers
774
views
How to remove BUYUNLOCKCODE Ransomware [duplicate]
A ransomware appears to have been circulating for the past few weeks. It encrypts data files and creates a BUYUNLOCKCODE.txt ransom note in all directories where a file was encrypted.
This ...
- 506