Hello from Lisbon

[Gerstacker]

Hi guys!

Linux virgin here, briefly dabbled with Ubuntu back in 2007/8 or so, but switched back to Windows again due to incompatibility issues between OpenOffice and Microsoft Word formatting for my university papers.

Was using a heavily tweaked Windows 7 (which I installed on a laptop which had come with Windows 8 factory-installed) for the last 5 years without incident, except those ubiquitous, unnerving updates.

Almost exactly 1 week ago, as I surfed the web seeking cooking tips, due to surfing without anti-virus, anti-spyware, anti-malware, or anything of the sort (yes, looking back, that was either brave or brazen), my system was overrun by the fresh GandCrab ransomware. With the added complication of my possessing no backups of any of my now encrypted data.

Instead of paying up I decided to leave the 5-year-old laptop intact, purchase a new one with the ransom money, and set sail from Windows definitively for (hopefully) safer pastures.

I still hold out the hope that eventually a smart Alec will create a universal decryptor for the virus and I'll be able to retrieve my precious data, which had items from as far back as 2003 or so.

And here I am


PS
Since I was exclusively a Windows user for about 20 years I'm quite clueless where LInux is concerned and will probably be starting some threads here asking for help very soon. I hope that won't be too annoying!

[phd21]

Hi Gerstacker,

Welcome to the wonderful world of Linux Mint and its excellent forum!

It would help to know more about your system setup. If you run "inxi -Fxzd" and "lsusb" from the console terminal prompt, highlight the results, copy and paste them back here, that should provide enough information.

It sure was risky to say the least to use MS Windows or Mac without having up to date anti-virus and anti-malware software running. Don't you have any backups? Everyone should have backups of their important folders and files even if you use a free cloud provider's storage. I use an external USB drive and cloud storage from "pCloud" (10gb free & great linux client), "Mega.nz" (50gb free & great linux client), "Google Drive (15gb free, "Insync" is a great client and there are other options for this).

Assuming you still have the MS Windows partition on your system, you might be able to recover some or all of your data by using the tools described below and then creating and booting to a "rescue CD/DVD" of Kaspersky, Avira, Dr.Web, etc... and scanning all attached drives which would try to remove any other viruses and malware; whether a bootable rescue disk could undo an already ransomware encrypted volume (drive or partition) from a ransomware attack, I do not know.

From what I just read there are tools that can undo this ransomware right now from BitDefender, Malwarebytes, etc... Once you have your files decrypted, run an anti-virus scan, and backup!

Hit by ransomware? This new free decryption tool for GandCrab might help
http://www.zdnet.com/article/hit-by-ran ... ight-help/

free decryption tool for GandCrab
https://labs.bitdefender.com/2018/02/ga ... -for-free/

GandCrab ransomware. How to remove? (Uninstall guide)
https://www.2-spyware.com/remove-gandcr ... mware.html

Google Search results for GandCrab ransomware
https://www.google.com/search?q=GandCra ... =firefox-b

FYI: There are at least a couple really good cooking and recipe software packages in the Software Manager or Synaptic Package Manager (SPM).




Hope this helps ...

[Gerstacker]

Hi PHD21,

thank you for your considered reply!

I've been having trouble enabling driver cache on the Disks program for my optical drives, which are seen by Linux Mint as external drives for some reason. This might have to do with the fact that I installed this Linux OS on a laptop which had Windows 10 factory-installed overriding the previous partitions (there was only one) by manually partitioning it at the start of installation from bootable USB iso so without selecting dual boot mode.

Here are the results of the info from the prompt you requested:

System: Host: akhenaten-XPS-13-9360 Kernel: 4.13.0-36-generic x86_64 (64 bit gcc: 5.4.0)
Desktop: Cinnamon 3.6.7 (Gtk 3.18.9-1ubuntu3.3) Distro: Linux Mint 18.3 Sylvia
Machine: System: Dell (portable) product: XPS 13 9360
Mobo: Dell model: 0TPN17 v: A00 Bios: Dell v: 2.5.1 date: 01/25/2018
CPU: Quad core Intel Core i7-8550U (-HT-MCP-) cache: 8192 KB
flags: (lm nx sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx) bmips: 15936
clock speeds: max: 4000 MHz 1: 2000 MHz 2: 2000 MHz 3: 2000 MHz 4: 2000 MHz 5: 2000 MHz
6: 2000 MHz 7: 2000 MHz 8: 2000 MHz
Graphics: Card: Intel Device 5917 bus-ID: 00:02.0
Display Server: X.Org 1.18.4 drivers: intel (unloaded: fbdev,vesa)
Resolution: 3200x1800@59.98hz
GLX Renderer: Mesa DRI Intel Kabylake GT1.5
GLX Version: 3.0 Mesa 17.2.8 Direct Rendering: Yes
Audio: Card Intel Device 9d71 driver: snd_hda_intel bus-ID: 00:1f.3
Sound: Advanced Linux Sound Architecture v: k4.13.0-36-generic
Network: Card-1: Qualcomm Atheros QCA6174 802.11ac Wireless Network Adapter
driver: ath10k_pci bus-ID: 3a:00.0
IF: wlp58s0 state: up mac: <filter>
Card-2: Atheros usb-ID: 001-004
IF: null-if-id state: N/A speed: N/A duplex: N/A mac: N/A
Drives: HDD Total Size: NA (-) ID-1: /dev/nvme0n1 model: N/A size: 256.1GB
Optical: No optical drives detected.
Partition: ID-1: / size: 46G used: 6.3G (15%) fs: ext4 dev: /dev/nvme0n1p1
ID-2: /home size: 175G used: 131G (79%) fs: ext4 dev: /dev/nvme0n1p2
ID-3: swap-1 size: 16.06GB used: 0.00GB (0%) fs: swap dev: /dev/nvme0n1p3
RAID: No RAID devices: /proc/mdstat, md_mod kernel module present
Sensors: System Temperatures: cpu: 61.5C mobo: N/A
Fan Speeds (in rpm): cpu: N/A
Info: Processes: 270 Uptime: 7:00 Memory: 2863.1/7573.8MB
Init: systemd runlevel: 5 Gcc sys: 5.4.0 Client: Shell (bash 4.3.481) inxi: 2.2.35

Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 006: ID 0c45:670c Microdia
Bus 001 Device 005: ID 04f3:2234 Elan Microelectronics Corp.
Bus 001 Device 004: ID 0cf3:e300 Atheros Communications, Inc.
Bus 001 Device 003: ID 046d:c52b Logitech, Inc. Unifying Receiver
Bus 001 Device 008: ID 046d:c05b Logitech, Inc. M-U0004 810-001317 [B110 Optical USB Mouse]
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

The fact that this scan comes up saying "no optical drives detected" is worrying, to say the least. Perhaps there was a crucial Samsung (or Toshiba? Don't know the drive make) NVMe SSD firmware update which I skipped before beginning the wipeout. I did update the BIOS successfully beforehand though and do the whole AHCI switch-up which I read about online.

To clear up any confusion: this is a brand new laptop purchased on Monday and obtained on Wednesday (28.2), which I went out and got to replace my GandCrab-plagued Toshiba Z930 which had stood by me stoically for 5 years. Lol it's ironic, to say the least, that the day I went to pick the new rig up BitDefender released a universal decryptor!!! Thanks for linking that here I'll see if I can decrypt up my old rig and transfer all the (clean) data over to my new Linux-embedded machine.

Another strange occurrence (with the new Linux Mint rig) is that I've managed to connect my Bose Mini Soundlink to the Bluetooth, but the laptop continues playing on its own sound even after the connection is successfully established (?)

[But perhaps these queries should be taken to the appropriate quarters, so apologies if I'm transgressing forum rules here...]


PS
Thanks for the cooking tips PHD! Will check it out

[kc1di]

Hello Gerstacker and welcome to the Linux Mint Forums,
Good to have you here! Enjoy

[WharfRat]

Hello Gerstacker

Welcome to Linux Mint and the Linux Mint forum

[Gerstacker]

Thanks guys

It's good to be here.

[JerryF]

Bem vindo, e boa tarde.