Ransomware Defeated

Published on
179 Points
Last Modified:
Edward Kivell
Computer consultant from 1989 to present. web site -  www.resourcewiz.com
Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.

The owner of a plumbing and heating company opened what he thought was a safe email about a FedEx tracking number. The email turned out a ransomware scam. Thus, within a nanosecond, all of the data files were encrypted. The attached external backup drive was also encrypted.
The thieves had a message that the owner had to pay a ransom in bitcoin to get access to an encryption key, So, after, I calmed the owner down, I did the following:

A) Removed the ransomware virus using the program, Malwarebytes.
B) Recovered hidden copies of the encrypted files using ShadowExplorer.

The free version of Malwarebytes successfully removed the ransomware infection after scanning the hard drive.  The recovery program, ShadowExplorer, allows you to browse Windows Shadow Volume Copies created by the Windows Vista, Windows 7, Windows 8, and Windows 10 Volume Shadow Copy Service. When these Shadow Volume Copies are created, they also create copies of changed data files on your computer.  ShadowExplorer allows you to use the Shadow Volume Copies to restore files back to previous versions or even to restore a deleted file. The features of ShadowExplorer include -

1.    Reveal currently available copies of files.

2.    The user can browse through the available Shadow copies.

3.    Allows the user to recover files and folders.

Make sure that Volume Shadow Copy is enabled under services.  Here is a Youtube video, https://www.youtube.com/watch?v=VlcKJ-2mEg0 created by MalwareLess, that visually explains the use and the various recovery screens of ShadowExplorer.

So, the files were restored and the owner didn't have to pay a ransom.

For those who wish to avoid the trap of Ransomware, there are anti-ransomware utilities suchas Ransomfree by Cybereason, Anti-ransomware Tools by Trend Micro, Kapersky Anti-Ransomware Tool to name a few.


Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

Join & Write a Comment

Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month