Jump to content

All my files was changed to .KEEP FILES

Recommended Posts

Dear Sir,

I got a problem with my server. All of a sudden all my files was changed to .KEEP Files. Malwarebytes or Eset not able to detect the problem.Can you please advise me what is the fix on this issue?


appreciate the help.


Thank you

Link to comment
Share on other sites

  • Administrators

If you had ESET installed at the time of infection, most likely its settings were not protected with a password, an attacker was able to log in with administrator rights and paused protection prior to running the ransomware.

If you are a user with a paid license, please submit the following to samples[at]eset.com:

- a handful of examples of encrypted files
- the ransomware note (payment instructions)
- logs collected on the infected machine with ESET Log Collector.

Link to comment
Share on other sites

Make sure your server OS has all security updates applied. Of note is Bluekeep worm patches and these just announced like worm vulnerabilities: https://forum.eset.com/topic/20484-patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-11811182/

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...