Wake n Bake, Nothing Better!

Laughing Grass

Well-Known Member
Idk I wouldn't trust it they usually leave back doors. I got an old ransomware in like 2011 and did what you said above, It worked initially but was never the same, wound up trashing the computer.

For the school we had to do all kinds of craziness, including replacing about 25% of their servers, and then finding out later that they had gotten into about 50% of them and laid traps, but I am in more of an overlord role than a nerd at the keyboard role.

All I'll say is I would not be comfortable with the actions you have taken so far, if I was in your shoes. I have not dealt with egregor before and deal with this stuff at more of a corporate level than a personal level, so feel free to ignore my paranoia.
I'm not ignoring your paranoia, trust me I lived it. I may seem nonchalant about it on here, but I was dying inside. October was shitacular month! Lost my grow, lost my photos and videos and lost our income. I'm doing the best I can with what I have.
 

curious2garden

Well-Known Mod
Staff member
No it was over a million dollars in bitcoin. The ransomware was egregor, which I think is fairly new. https://www.upguard.com/blog/what-is-egregor-ransomware I'm not in a position to replace my tech right now. Since this is all software a wipe and reload should clear everything no?
Just replace the machine's hard drive. I wouldn't even try to format and rewrite it. HD's are cheap, but I remember this and your valuable data is on an external, right?
 

Laughing Grass

Well-Known Member
Just replace the machine's hard drive. I wouldn't even try to format and rewrite it. HD's are cheap, but I remember this and your valuable data is on an external, right?
Yea it's a 2tb external drive. I don't really care about the data that's on the computers. We also have an old windows 7 hp computer that runs crestron and our camera software. I'd have no idea how to get that running again if I wiped that computer. Sentinel one identified qakbot and the ransomware on the windows computers and said it removed it and there hasn't been any alerts since.
 
Top