Windows Laptop attacked by Ransomware
- Thread starter Sumit74
- Start date
NanditaRoy
Disciple
Did your friend tried to download any files via torrent , crack software or kms pico ?
vink
Disciple
if you are sure about ransomware name or family, might checkout https://www.nomoreransom.org
Sumit74
Disciple
He installed some Ad blocker.
NanditaRoy
Disciple
Details ?
Sumit74
Disciple
From chrome extention store.
For now he got new windows installed and formatted everything and saying the laptop working fine now.
He now wants suggestion for any good antivirus.
So suggest some good antivirus.
Thanks.
enthusiast29
Skilled
Kaspersky free + basic internet browsing etiquettes. Use ad-blocker extension such as uBlock origin which would usually block ads/clickbait downloads etc.
NanditaRoy
Disciple
Would highly recommend Bitdefender
So all his data gone?or did he manage to recover?
I don't think ransomware ever comes from these. I used a lot of such stuff on Windows and Mac both and never had any problem. These days, bad stuff comes from fake software (not cracked software) such as, some link giving you a 100 MB version of photoshop which is impossible, some other link telling you that your pc is infected and you should install a new anti virus/ad blocker/anti xyz software. Lastly, ransomware mostly comes from phishing emails. For example, 99% of the hacked Youtube and facebook accounts are due to phishing emails or facebook message containing links and software.
Sumit74
Disciple
All gone he said he was using it from 2012-13.
100Mb photoshop is possible I have a photoshop setup just 91mb which I downloaded in 2018 and it works pretty good, although not using it anymore.
Last edited:
6pack
ex-Mod
Damn. And the price of external hdd is cheap too. Could have bought a 4TB drive for around 7k and saved stuff for years on it. I see people cry only after something happens to their "important" data which doesn't have even one backup. ¯\_ಠ_ಠ_/¯
bobbyprajan
Disciple
Wouldn't ransomware encrypt the files in the external drive as well when he connects it to the laptop !!
6pack
ex-Mod
I'm not saying leave the drive connected to the laptop 24/7. Only use it for copying important data and then remove it. If it's connected when the ransom ware attacks, it will also get encrypted. But if it was not connected, then you won't lose data. You can then easily format the laptop and recover from the external drive.
bobbyprajan
Disciple
Ransomware reveals itself only after it has encrypted most of your files. From the time of infection till it exhibits the notice, it resides in the memory and transparently decrypts the encrypted files, so there is no way to know that you are infected. One possible way to know that the backed up data is not already encrypted is to check the same in another known-to-be-clean system. If the data is already encrypted it cannot be accessed in the clean system
Ransomware is a difficult problem to deal with, follow safe and secure computing guidelines to avoid infection
TinTinSnowy
Adept
You can enable Smart App Control for new W11 installations. https://support.microsoft.com/en-us...-control-285ea03d-fa88-4d56-882e-6698afdb7003
For advanced users just run a WDAC policy to allow only trusted apps or default deny policy as comfortable. No stress of infection.
For advanced users just run a WDAC policy to allow only trusted apps or default deny policy as comfortable. No stress of infection.
enthusiast29
Skilled
I would like to share a youtube channel I follow for security related things...
Maybe a naive question, sometimes if they get paid do they send the decryption key and can all data be recovered again?
vink
Disciple
in theory yes, but its not guranteed.
also most malware just encrypts the files and dont keep the file structure, so you have to remember and put files back in their place.