New
#1
Ransonware question
I hope I am not tempting fate by saying this, but so far I have had no problem, but as it seems to get ever more widespread I thought I'd do something before the possible event rather than have to do it after! I installed Malwarebytes anti-ransomware beta today on all my PCs and am hoping that's a step in the right direction. I already use MailWasher for my email and so delete all less than 99% legitimate-looking emails on the server before they reach me. My worry is going to a legit website with malicious code embedded - has that happened to anyone?
The question is wanted to ask is this: if you are unlucky enough to get a ransomeware attack, but have all your data backed up (say on an external HDD), and maybe a drive image too, how would you go about cleaning the PC of the malware before restoring the backups. Do you delete all the encrypted files and simply replace them with the backup? Is there not a chance that plugging in an external drive with the backup would cause all those files to be encrypted too? Is the ransomware 'vigilant' in that way, or could that only happen if you ran the same file that installed the ransonware in the first place?
Been Googling this with no real answer to these points; maybe someone here knows how this works..
Thanks,
Martin