There is probably not much they can do. Encrypted files are hard to decrypt without a key and as of now, it can take multiple years, sometimes even tens of years.
If they had a backup, then it is probably best to just recover the files using it.
If not, they should start making them and be more careful from now on.
Comment has been collapsed.
In short make backups of the encrypted files as they may be recoverable in the future.
long version:https://malwaretips.com/blogs/remove-u2k-ransomware-virus/
Comment has been collapsed.
Once i got infected with the same thing all the drives were empty visually but the files were there occupying the space. So someone told me to use star sign before the file name in search engine and it worked for me files were there but just invisible. Sry for the bad english :)
Comment has been collapsed.
I know this is maybe just pure luck, but I haven't been using any additional antivirus software except for Windows Defender(which is effing annoying and I often just turn it off completely) since when Windows 10 came out. And I don't remember getting any virus, malware, crypto miner or anything else. In addition,I visit a lot of unfamiliar websites literally everyday, often very suspicious and those blocked by chrome, but I just yolo it and skip all the warnings, yet I'm clean.
Comment has been collapsed.
Fingers crossed. If you have a good ad blocker, you skip a lot of the crap that could come your away already.
Ofc there's still phishing and that's how most people get those kinds of infections so staying vigilant is essential.
However it happens to just click something or catch a bad llink by mistake and I feel for people who get infected by those ransomware a--holes.
There were quite a few hospitals that were targeted by ransomware during the beginning of the pandemic in 2020. Scumbags have no decency.
Comment has been collapsed.
They ransomed the entire health service here in Ireland during the pandemic. https://en.wikipedia.org/wiki/Health_Service_Executive_ransomware_attack
Total scumbags. Some patients had to have procedures postponed. It was insane. They have no conscience at all.
Comment has been collapsed.
That's a good point. Viruses of old used to make themselves known pretty fast. Most recent ones are sneakier and can operate hidden for a while before you even know they're there... which also makes backups problematic when ransomware is involved.
Comment has been collapsed.
Often times ransomware will exploit vunerabilities in software that's not up to date including operating systems. I always see posts from people on the net about how they won't update there OS(7 and 8) to one that's supported(windows 10 and 11), that's just a nightmare waiting to happen. Even with a great AV, the OS itself is at very high risk and no AV is 100% effective.
Comment has been collapsed.
I don't know, maybe it's all about general scrupulousness with my PC and understanding when you should open random file and when you're not. I dust my PC regularly, changing thermal interfaces every year or so and always controlling things like temps, voltages and CPU, GPU, SSD, RAM or whatever load. It's not OCD, just my buzz bug, to always check performance and all the things connected, I just love doing it since my childhood. So I never really had anything stolen e.g. passwords or credit cards info and didn't see any banners with demand of money to encrypt your data.
P.S. To better understand what weirdo I am - usually, when I first launch some demanding game I start it with MSI afterburner on, checking the CPU/GPU load, correcting frametimes by limiting FPS in driver to e.g. 55, my way is just crank everything to ultra and make it work as smoothly as possible on my config. And I always encounter bugs in games, even in most polished ones. Where my friends are having hitch free experience, I manage to crash the game etc. So maybe my option is to become QA someday :D Sometimes it is just the hardware combination which causes games to break, but a few times I helped my friends to find bugs and stutters on their own machines.
Comment has been collapsed.
If you think that opening a file is all you have to worry about, then you probably should do a lot more research about what threats are out there and how they function.
Comment has been collapsed.
If you know the threats and how they fuction, then why would you only use Google Chromes browser security, which really doesn't do anything to protect your pc. Even with Chrome's security you "yolo it and skip all the warnings". You may be extremely lucky and not have anything on your pc based on what you said, but to assume it's clean, especially based on what you've stated already is extremely ignornant.
Comment has been collapsed.
I have an off-site backup for all the necessary things. Extremely ignorant is to assume that any AV software will save your machine from getting infected. For years chrome security thing and WIndows Defender were only blocking files that I intentionally download so I mostly don't use em. All necessity of AV software is just bogus and far-fetched for me. For online payment I have SSL and 3-D secure, on the rest I'm fine on my own for many years.
Comment has been collapsed.
The FACT is that AVs and other security solutions DO save people's devices every single day from online threats. No AV is 100% in protecting, but it's better to have something that is made that has been proven to help protect your pc then nothing at all and YOLO it and assume that your pc is clean.
Comment has been collapsed.
For most important data ALWAYS have off-line backup (external SSD/HDD drive)!
Comment has been collapsed.
Maybe something here will work.
https://www.emsisoft.com/ransomware-decryption-tools/free-download
Comment has been collapsed.
See if he has a recent restore point made and revert to it?
Comment has been collapsed.
1,956 Comments - Last post 1 minute ago by misterhaan
11 Comments - Last post 23 minutes ago by eeev
1 Comments - Last post 26 minutes ago by SymphonyARG
12 Comments - Last post 1 hour ago by gaudigabriels
9 Comments - Last post 1 hour ago by FlameB1
47,140 Comments - Last post 5 hours ago by JMM72
16,403 Comments - Last post 6 hours ago by MLD
366 Comments - Last post 7 seconds ago by Keepitup
146 Comments - Last post 35 seconds ago by Vampus
10 Comments - Last post 1 minute ago by areks1024
70 Comments - Last post 4 minutes ago by OneNonLy
85 Comments - Last post 8 minutes ago by eeev
222 Comments - Last post 39 minutes ago by HustlaOG
5 Comments - Last post 43 minutes ago by SergeD
Is there any way to fix this? It encrypted everything in his laptop
Comment has been collapsed.