Link to home
Start Free TrialLog in
Avatar of Gaston Mbey
Gaston MbeyFlag for Cameroon

asked on

question about Wallet Ramsomware Plus administrative Tools

Hello Experts

I have a DC that was attacked by a ramsomware and now all my shortcuts to the administrative tools are files with .wallet extension is there any way to reconstruct the shortcuts
Avatar of Sean Plemons Kelly, CISSP
Sean Plemons Kelly, CISSP
Flag of United States of America image

Gazambey,

If it's ransomware, there's a good chance that those admin tools are encrypted with the key they are trying to sell back to you.

Best bet would be rebuild the DC from a backup, and enhance your security to prevent another attack.

What particular ransomware was it?
ASKER CERTIFIED SOLUTION
Avatar of Tom Cieslik
Tom Cieslik
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
To make sure your files was not encrypted try run server manager from command prompt.

%SystemRoot%\system32\ServerManager.msc

If this will work then only your shortcuts was affected