Raanvalen Ramos 0 Posted November 27, 2019 Share Posted November 27, 2019 Good afternoon We have server that was infected with a Ransomware. It was possible to extract some of the information from the SysCollector, and various information to determine a possible solution efsw_logs.zip efsw_logs2.zip efsw_logs3.zip Ransonware.rar Link to comment Share on other sites More sharing options...
Administrators Marcos 5,252 Posted November 27, 2019 Administrators Share Posted November 27, 2019 Files were encrypted by Filecoder.Crysis. Decryption is not possible. Unfortunately ELC logs appear not to be collected properly. Please make sure that ESET is installed, activated and updated prior to collecting logs with ELC. Also I'd recommend installing the latest version of EFSW 7.1 over the existing 6.5 first. Link to comment Share on other sites More sharing options...
Recommended Posts