Jump to content


  • Content Count

  • Joined

  • Last visited

Profile Information

  • Location
  1. I'm not totally sure how they got access to my password, I have now changed to a more complex password all round. I'm not totally sure what you mean by firewall your RDP to specific IP addresses, the only way I access this computer when out and about is via Teamviewer, so that itself may have been a way for them to gain access. I haven't reinstalled it since.
  2. Unfortunately my backups were compromised on my NAS storage as well. I will be picking up a newer NAS that supports SMB 3 soon and starting from scratch, also I believe they managed to get on to my HTPC and encrypt a few files on there but I have shut that down and not had chance to look at it just yet, that simply has my ripped movie collection for viewing around the house via DLNA.
  3. The email has been sent to the email address as requested. What are the next steps?
  4. Hello, I was the victim of an RDP Scarab trojan early this morning that has encrypted all the files on my hard drives and NAS with the ".sfs" file suffix. I have ran malwarebytes and that has cleared up a few files and a few registry changes also a complete scan of NOD32 has also cleaned a few things up. I 1st noticed the issue when my computer was logged out this morning as it's never logged out, I had to use a usb boot tool to change my password as it had been changed and when doing this I noticed a new user account called "localadmin" I changed the password to that and also disabled the account just in case. When I finally managed to log in I noticed that the following pieces of software had been uninstalled: teamviewer ESET Nod32 Malwarebytes Also my firewall had been disabled and the onedrive client installed, I fixed those issues and then restarted as requested by malwarebytes. Once logged back in my torrent client auto started and advised me that essentially every torrent had missing files, so I checked locations and noticed all my media, movies, anime etc had the ".sfs" added to the file names and that's when I noticed the "HOW TO RECOVER ENCRYPTED FILES.TXT" in 1 of the folders. I have read in a few support forums that ESET have developed a Scarab decryption tool, how can I get hold of this to recover my files? I am currently a paid user of Nod32 Antivirus.
  • Create New...