Jump to content

  • Announcement

    The HyperSpin 2 beta is here!

    We’re starting the first public testing phase with Platinum Members to keep the scope manageable while we test the current feature set and begin to add more. In the future, we’ll provide a version for basic members as well.  On behalf of the entire HyperSpin team, we look forward to another exciting adventure with our community.

Read Me: Please use the correct SUPPORT forum for reporting issues.

Crypto locker virus

danwelsh

By danwelsh
in Off Topic

Recommended Posts

danwelsh Newbie

danwelsh

Posted
Posted

Anyone run into this malware? I'm having a heck of a time trying to get my arcade up and running again......I wasted around 10 hours reinstalling HS and Windows the first time I had it.....had mame all setup, was working on hyper marquee and malware bytes said it blocked a malware attempt like 3 times in a row then bang I noticed some files were renamed to .crypt and encrypted.......any foolproof way to keep this virus away? I noticed that it happened as soon as I tethered my iPhone and am wondering if my carriers network is spreading this crap.....I think this time I'm just going to download everything on my MacBook and transfer to the arcade through external drives.....to top it all off I had malware bytes updated to the latest database, I've worked on computers since 95 and never ran into something this aggravating before.....

epayson85 Newbie

epayson85

Posted
Posted

Are you getting a pop-up on your arcade comouter telling you to pay a ransom? If so it's because you are downloading things you shouldn't. These viruses are only spread via executable programs. Sometimes files hide themselves as other types but are actually executable and infect your computer.

If you don't have the ransom screen on your arcade then it means another computer on your network is infected. Typically they only can encrypt network files on mapped network drives so don't map any arcade drives on other computers.

Good rule of thumb for any dedicated machine is dont browse the web with it. My htpc and arcade do not ever go on the web. Anything I do on them is done on a test machine first. If it works well I transfer it over and set it up.

danwelsh Newbie

danwelsh

Posted
  • Author
Posted

That's the thing.....I didn't download anything other than HS, rocket launcher, and the Roms I had already before and I downloaded .net framework 4.5.1 from Microsoft.....and malware bytes direct from their website.....like I said it happened right after I tethered my iPhone to it but I do agree with not using it for the net which I had just connected to get a few things

danwelsh Newbie

danwelsh

Posted
  • Author
Posted

Yes I got the popup when I restarted the first time I got it.....then I formatted everything did a fresh install and it happened again but like I said only when I connected to the network

epayson85 Newbie

epayson85

Posted
Posted

Yea you downloaded something you shouldn't have. Rarely it can come from websites but typically it's going to be attached to something you downloaded.

You said you formatted everything, Did you only format the OS drive? Do you have other drives that hold roms? Unfortunately all of your files are infected now. When you connected to the network it was able to connect to its server and create an encryption key to start it all over again. You are going to need to get some virus cleaning software... Not malware scanners. Clean all your drives follow the directions to get rid of that virus. Then I would still reformat your OS drive again. Even emulators like pj64 could technically have something like this in the installers. You have to be really careful what you download and where you are getting them from.

Also the most important thing is make backups. I have images of my OS drive, hyperspin drive, and full backups of all my roms. You just don't know what could happen and don't want all that work gone.

danwelsh Newbie

danwelsh

Posted
  • Author
Posted

No....I formatted all 4 drives in my cab and yes I wish I would have had backups but I don't....luckily the mame romset was backed up a long time ago on my sisters laptop, thanks for the advice epayson85

epayson85 Newbie

epayson85

Posted
Posted

Bummer. I've never heard of it. Reminds me I haven't backed up in 4 weeks now.

I have never gotten one... knock on wood... but they are NASTY.  Its ransomware.  They encrypt your files and won't unlock them until you pay like $200 in bitcoins.  The odds of you getting your files back after paying probably aren't good either haha.  Not to mention there is nothing preventing them from doing it again.  I have a local backup server for my arcade, my HTPC, and all my other random PCs.  Then I also have everything backed up to the cloud as well.  You just can't be too careful.  

Metalzoic Newbie

Metalzoic

Posted
Posted

I just back mine up to an over-the-counter Seagate Backup Plus drive that I leave plugged into it.

Generally back it up once a month or after any big additions/changes.

dougan78 Rookie

dougan78

Posted
Posted

I just back mine up to an over-the-counter Seagate Backup Plus drive that I leave plugged into it.

Generally back it up once a month or after any big additions/changes.

Leaving it plugged in wont save you from a ransom virus. I would get another drive to swap around at least or do not go on the internet with that computer. Good luck.
Metalzoic Newbie

Metalzoic

Posted
Posted

Leaving it plugged in wont save you from a ransom virus. I would get another drive to swap around at least or do not go on the internet with that computer. Good luck.

Yeah, I'd leave it disconnected until I need it if this machine wasn't such a pain to move and get to the drive.

  • 2 weeks later...

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...