Recover 99% of files from BoL Vpred infection

by Sozin - 08-07-2015, 05:56 AM
Nan Ihier Gelair Mordor
Posts:
2,636
Joined:
Jan 2015
Likes:
299
Credits:
7,823
Reputation:
89
2 Years of Service
#1
OP
Posted: 08-07-2015, 05:56 AM
You are free to have this leak but bear in mind, it's not mine, so don't bother me if the links/program/source/whatever stop working. I take no responsibility of this, use at your own risk.
~Sozin





Since Vpred from BoL got hacked a bunch of malicious commands were launched, deleting both your programs and personal data (at least desktop, documents and standard user folders).
In the official topic is said to do a system restore to try to recover these files. In few words:
"You" deleted personal files, not only system ones, but also files like .doc, .xls, .txt etc etc. These files are not recovered by default with system restore.
DO NOT USE SYSTEM RESTORE! It will only revert windows registry and installed softwares to the given point.
Doing so not only you won't recover your personal files, but you also will write on random "free" space on your hard disk, with the risk to compromise your deleted files forever.
When you delete files with the default methods (like hitting canc, and launching these commands too) files are not really deleted, just the space they were using is marked as "free space". When you write new things/files, random space is taken, with the risk to "overwrite" your poor files, loosing your last chance to recover them.
In fact, some softwares are able to scan your free space to find old and deleted files from your hard disk, so you can just give them a try.

Please register or login in order to unlock hidden content.

If you did nothing since the loss of files, you will be able to recover almost everything (99% or even 100%, it all depends on luck and how much you wrote on the HDD since commands got deployed).
Note: with this method you only recover your personal data. If you want to give a try restoring your installed software and windows registry, you can save these datas to another drive, plug your hdd back and then use the system restore option. This way you already analyzed the free space so you won't loose anything else while system restore will run.
Do not let your difficulties fill you with anxiety, after all it is only in the darkest nights that stars shine more brightly. - Ali(a.s)

Developer( PHP, Python, C++, HTML+CSS, JS I am available for Hire. Message Me for details.
Newbie
Posts:
19
Joined:
Nov 2016
Likes:
0
Credits:
3
Reputation:
0
1/2 Year of Service
#2
Posted: 08-05-2017, 10:45 PM
thx for sharing alot i will check it
Newbie
Posts:
15
Joined:
Jul 2017
Likes:
0
Credits:
15
Reputation:
0
#3
Posted: 10-07-2017, 04:02 AM
give me this pack of lol
Member
Posts:
158
Joined:
Jun 2015
Likes:
10
Credits:
4
Reputation:
4
2 Years of Service
#4
Posted: 10-07-2017, 04:15 AM
This is interesting. It's too bad that there's no way around WannaCry 2.0 yet, though.
Member
Posts:
123
Joined:
Jun 2017
Likes:
2
Credits:
0
Reputation:
0
#5
Posted: 20-07-2017, 07:01 AM
Thank you very much for that leak, i love it)
Newbie
Posts:
16
Joined:
Aug 2017
Likes:
0
Credits:
0
Reputation:
0
The last reply on this thread is older than a month. Please do not unnecessarily bump it.
Register an account or login to reply
Create an account
Create a free account today and start posting right away. It only takes a few seconds.
Login
Log into an existing account.
1 Guest(s)