The files on my PC's 2 drives have been altered by a virus; all files on both drives now have an extra extension of ".mbed"
Here you have a screenshot to get my point:
So what is the shortcut way for me to correct all these file extensions?
Asked
Active
Viewed 676 times
2
2 Answers
7
You have been infected by the Mbed ransomware. Do not use the computer, keeping it turned off, until you have cleaned it up using bootable antivirus media.
Your files have been encrypted, so renaming them will not help. The files may be lost, so I hope you have backups.
After the virus has been cleaned up and you can boot the computer,
you might try the
Emsisoft Free Ransomware Decryption Tools.
The best way to clean an infected computer is to format the hard disk and
reinstall everything, but you may find more instructions in the post:
How can I remove malicious spyware, malware, adware, viruses, trojans or rootkits from my PC?
harrymc
- 498,455
1
It's a STO/DJVU variant. Answer I typed here https://superuser.com/a/1748769/705502 applies to all STOP/DJVU ransomeware family encrypted files.
In short, if Emsisoft decryptor can not (yet) decrypt the files then your options are limited to file repair as only the first approximately 150 KB of the file are encrypted.
Whether or not file repair is possible depends on the file type, if someone already has gone through the trouble of attempting this and documented it, or your own willingness to investigate this.