Gaston Mbey
asked on
question about Wallet Ramsomware Plus administrative Tools
Hello Experts
I have a DC that was attacked by a ramsomware and now all my shortcuts to the administrative tools are files with .wallet extension is there any way to reconstruct the shortcuts
I have a DC that was attacked by a ramsomware and now all my shortcuts to the administrative tools are files with .wallet extension is there any way to reconstruct the shortcuts
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
To make sure your files was not encrypted try run server manager from command prompt.
%SystemRoot%\system32\Serv erManager. msc
If this will work then only your shortcuts was affected
%SystemRoot%\system32\Serv
If this will work then only your shortcuts was affected
If it's ransomware, there's a good chance that those admin tools are encrypted with the key they are trying to sell back to you.
Best bet would be rebuild the DC from a backup, and enhance your security to prevent another attack.
What particular ransomware was it?