August 27th, 2023, 23:41
August 28th, 2023, 11:40
terminator2 wrote:RAW by encrypting both boot sectors. ?
August 29th, 2023, 8:19
Arch Stanton wrote:terminator2 wrote:RAW by encrypting both boot sectors. ?
Is that all it did as far as you can tell? Can you still see MFT?
August 29th, 2023, 15:10
August 29th, 2023, 23:52
Arch Stanton wrote:I don't care much for the scan log and first 100 MB won't show us MFT.
Stuff like this is of no help, https://forum.hddguru.com/download/file ... &mode=view, it makes no sense to view an MBR as MFT entry.
If the DMDE scan result, https://forum.hddguru.com/download/file ... &mode=view is result of full scan then indeed it looks like no MFT results unfortunately so far.
So hopes the ransomware is dumb (with limited CIH virus type damage), leaving easy to repair or work-around damage, seems futile.
Powered by phpBB © phpBB Group.