Start Free TrialLog in
Avatar of Sukesh Shukla
Sukesh Shukla

asked on 

Windows server 2008

Every 15 20 days all my files get encryted word excel pdf gets encrpted. I checked with eset antivirus team they say it is not virus. Cyberoam firewall also denies it is not hacking. I have RDS working . How do i recover the encrypted file and ensure it doesnot re appears again.
Please advise.
Microsoft Legacy OSMicrosoft Server OSWindows Server 2008
Avatar of undefined
Last Comment
WORKS2011
Avatar of John
John
Flag of Canada image
Every 15 20 days all my files get encrypted word excel pdf gets encrypted

That would be the Cryptowall virus. Make sure you have a good regular backup of good files and then scan thoroughly for malware. When done, scan with Malwarebytes (malwarebytes.org)
Avatar of Sukesh Shukla
Sukesh Shukla

ASKER

Sir any tips to ensure that my system is safe from such viruses. Also is there any antivirus that scans or identify such threats. Please advise some good anti malaware too
Avatar of John
John
Flag of Canada image
Cryptowall has been out for a while, so any good commercial up-to-date antivirus should be able to protect against it. My clients all use Symantec Endpoint Protection.
Avatar of Thomas Zucker-Scharff
Thomas Zucker-Scharff
Flag of United States of America image
Are you seeing anything like this:

http://www.precisesecurity.com/rogue/cryptolocker-ransomware?

I agree with John, it sounds a lot like Cryptowall, a variant of Cryptolocker.  Your best bet is a clean reinstall (baremetal) from backup - rebuilding the server.  Make sure your baremetal backup is prior to any of these problems.  If you need the files that have been encrypted, you will need to carefully restore them after you have rebuilt the server, preferably in a vm.
Avatar of Thomas Zucker-Scharff
Thomas Zucker-Scharff
Flag of United States of America image
Have you tried also using chameleon from MalwareBytes?  Download and run the svchost file in the chameleon directory.
ASKER CERTIFIED SOLUTION
Avatar of WORKS2011
WORKS2011
Flag of United States of America image
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Windows Server 2008
Windows Server 2008

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

86K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent