Cumulus Support

Hi.

Is there any chance I can find the day file anywhere else or retrieve it? I got hit with a ransom virus, all files got encrypted. I was able to grab the Cumulus files except for the dayfile.txt

Apparently the .ini files were left alone but pretty much every other got renamed and locked.

All I'm looking for is the dayfile because my last backup was Dec 22nd and I at least want to have the day data since then.

Thanks.

Have you looked in the backup folders? There will be copies in there. but as they have the same same as the 'live' version, presumably they were encrypted too.

Note that the dayfile.txt editor in Cumulus can restore a reasonable approximation for the missing days, if you have the monthly log files. It's not clear from what you say whether that's the case.

As a word of warning on the ransom virus. I had a customer that got hit and even an attached backup hard drive was encrypted. He lost a lot of photos. I suggest NOT leaving the backup hard drive plugged in.

Curious, how did the virus manage to infect the machine? Email, internet?

steve wrote:Have you looked in the backup folders? There will be copies in there. but as they have the same same as the 'live' version, presumably they were encrypted too.

Note that the dayfile.txt editor in Cumulus can restore a reasonable approximation for the missing days, if you have the monthly log files. It's not clear from what you say whether that's the case.

Thanks Steve, You've been really great at all these threads in this forum. We all appreciate that. I do not have December monthly log nor did I back Cumulus up Dec 22nd like I thought I did. Last time I backed it up was Nov 17th so things end there.

However, I do have the "Month" extremes for December since a backup folder was still around yesterday and that file was still good.

I assume I'll have to manually do things or just leave that period blank.

Also.. on the topic... Perhaps we can have at least 15 backup folder files instead of the 9? Sometimes I close and open Cumulus twice a day and that creates 2 backup folders a day

Super-T wrote:As a word of warning on the ransom virus. I had a customer that got hit and even an attached backup hard drive was encrypted. He lost a lot of photos. I suggest NOT leaving the backup hard drive plugged in.

Luckily it wasn't plugged in. Ouch. That would be more devastating. Thanks for the tip and reminder!

I am in process of trying to retrieve or recover partitions and all that stuff from the drive. We'll see. I don't think the files are "deleted" or "lost"...more like locked.

duke wrote:Curious, how did the virus manage to infect the machine? Email, internet?

No idea. I'm very vigilant and cautious opening or even looking at any email senders I don't know. So I'm guessing from the net. I'm only on weather sites but you know sometimes you get lost Googling something. I don't click unrecognized links so this is all strange but I did download some ActiveX stuff. Hmmm

Whats funny is I changed some settings on my PC to try to get my security web cam working again and I bet that opened up the can right there.

Try restoring to a previous date.
Depending on the variant you might be able to restore data from previous date.

txweather wrote:Try restoring to a previous date.
Depending on the variant you might be able to restore data from previous date.

Thanks. That was my first response after booting in safe mode. Nope. All restore points gone! Got a new laptop.

Cumulus was 1st Priority to set up along with GREarth.

Cambium wrote:Also.. on the topic... Perhaps we can have at least 15 backup folder files instead of the 9? Sometimes I close and open Cumulus twice a day and that creates 2 backup folders a day

Cumulus also creates a daily backup, so no matter how often you start and stop it, there will always be backups going back ten days. 10... 15... where do you stop? I suppose I could make it configurable (in a future version of MX). But the Cumulus "backups" are not a substitute for taking regular proper backups yourself of all of your data.

Yes there is no substitute for for regular backups, but sh*it happens
I'm sure you tried different approaches already, a quick search found lots of info.
This site had some pretty good advice,
https://malwaretips.com/blogs/remove-cr ... ker-virus/

Some good alternatives that might be able to recover your data.