globe ransomware

TrendMicro has updated the Trend Micro Ransomware File Decryptor to support Globe:
https://success.trendmicro.com/portal_kb_articledetail?solutionid=1114221

You can also try:
https://id-ransomware.malwarehunterteam.com/
https://www.nomoreransom.org/

More info:
http://www.bleepingcomputer.com/news/security/the-globe-ransomware-wants-to-purge-your-files/

Do you have any valid backups of the files?

Hi,

there is a decryptor for Globe, on link https://decrypter.emsisoft.com/globe
You will need to have at least 1 or few files, from backup, that are encrypted, so that  application can compare them, and locate key.

Regards,
Ivan.

First remove all the PC's from the network, then scan them for the virus. If you can't find the virus on the PC's, find those that have encrypted files or the ransom-note, and if found, re-image them.

The server itself is very unlikely to actually have been infected by the virus, as you don't read emails or browse the web directly on the server. But the folders connected PC's have access to on the server get encrypted by those PC's. Only if this happens to be a Remote desktop server would the server itself get infected in normal use.

So while your PC's are disconnected and you are searching for the virus or re-imaging them, you can restore your files to the server from your backups.

i have a backup however there is a single folder "DATA" in mysql folder which is not backed up for some reason and the folder is infected . Let me try all the options and i will get back to you

Best Regards

Any news, tom_uae?