Cryptolocker virus infection
Hello Experts,
A client of ours has been hit with a cryptolocker virus. The client uses a Domain controller running Server 2003 which we are in the process of upgrading.
They also use drop box & recently this has been compromised.
Attached are the file types which are contained in each subfolder that has been encrypted.
We are currently running Sophos Enterprise 5.2.1 R2. Any advice would be appreciated as we are unable to restore unless we pay the ransom fee.
A client of ours has been hit with a cryptolocker virus. The client uses a Domain controller running Server 2003 which we are in the process of upgrading.
They also use drop box & recently this has been compromised.
Attached are the file types which are contained in each subfolder that has been encrypted.
We are currently running Sophos Enterprise 5.2.1 R2. Any advice would be appreciated as we are unable to restore unless we pay the ransom fee.
ASKER
Please find the image attached. We have checked our backup retention period & this runs up to 14 days only. The infection occurred on the 17th of Sept
Capture.PNG
Capture.PNG
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
this is a stinker of a virus everyone, make sure AV is up to date and backups are robust.
There is no attachment. Can you repost? Thanks.