Files downloaded from OneDrive encrypt my hard drive
I have some files on my OneDrive. If i download them to my hard drive, my whole hard drive gets encrypted after a couple of hours. This only happens with files coming from OneDrive. I tried Kasperky and Avira, also Hijackthis and Malwarebytes and they find nothing, so I assume this is a OneDrive problem.
Any thoughts?
hard-drive encryption onedrive
asked Jan 9 at 8:41
Horia Ionut BaciuHoria Ionut Baciu
11
add a comment |
I have some files on my OneDrive. If i download them to my hard drive, my whole hard drive gets encrypted after a couple of hours. This only happens with files coming from OneDrive. I tried Kasperky and Avira, also Hijackthis and Malwarebytes and they find nothing, so I assume this is a OneDrive problem.
Any thoughts?
hard-drive encryption onedrive
asked Jan 9 at 8:41
Horia Ionut BaciuHoria Ionut Baciu
11
3
Is it encrypted but usable, or encrypted and trash? This sounds like ransomware.
– fixer1234
Jan 9 at 8:50
Encrypted but unusable. There is no claim to be found anywhere, if it's ransomware.
– Horia Ionut Baciu
Jan 9 at 9:30
2
I'm not aware of an ordinary way in which downloaded files can encrypt an entire drive unless it's malware.
– fixer1234
Jan 9 at 9:42
You must be doing more than just downloading the files, if they're the actual cause of the encryption (infection?). So for one, don't execute them.
– Xen2050
Jan 9 at 10:24
add a comment |
I have some files on my OneDrive. If i download them to my hard drive, my whole hard drive gets encrypted after a couple of hours. This only happens with files coming from OneDrive. I tried Kasperky and Avira, also Hijackthis and Malwarebytes and they find nothing, so I assume this is a OneDrive problem.
Any thoughts?
hard-drive encryption onedrive
asked Jan 9 at 8:41
Horia Ionut BaciuHoria Ionut Baciu
11
I have some files on my OneDrive. If i download them to my hard drive, my whole hard drive gets encrypted after a couple of hours. This only happens with files coming from OneDrive. I tried Kasperky and Avira, also Hijackthis and Malwarebytes and they find nothing, so I assume this is a OneDrive problem.
Any thoughts?
hard-drive encryption onedrive
hard-drive encryption onedrive
asked Jan 9 at 8:41
Horia Ionut BaciuHoria Ionut Baciu
11
asked Jan 9 at 8:41
Horia Ionut BaciuHoria Ionut Baciu
11
asked Jan 9 at 8:41
Horia Ionut BaciuHoria Ionut Baciu
11
asked Jan 9 at 8:41
Horia Ionut BaciuHoria Ionut Baciu
11
asked Jan 9 at 8:41
Horia Ionut BaciuHoria Ionut Baciu
11
11
3
Is it encrypted but usable, or encrypted and trash? This sounds like ransomware.
– fixer1234
Jan 9 at 8:50
Encrypted but unusable. There is no claim to be found anywhere, if it's ransomware.
– Horia Ionut Baciu
Jan 9 at 9:30
2
I'm not aware of an ordinary way in which downloaded files can encrypt an entire drive unless it's malware.
– fixer1234
Jan 9 at 9:42
You must be doing more than just downloading the files, if they're the actual cause of the encryption (infection?). So for one, don't execute them.
– Xen2050
Jan 9 at 10:24
add a comment |
3
Is it encrypted but usable, or encrypted and trash? This sounds like ransomware.
– fixer1234
Jan 9 at 8:50
Encrypted but unusable. There is no claim to be found anywhere, if it's ransomware.
– Horia Ionut Baciu
Jan 9 at 9:30
2
I'm not aware of an ordinary way in which downloaded files can encrypt an entire drive unless it's malware.
– fixer1234
Jan 9 at 9:42
You must be doing more than just downloading the files, if they're the actual cause of the encryption (infection?). So for one, don't execute them.
– Xen2050
Jan 9 at 10:24
3
3
Is it encrypted but usable, or encrypted and trash? This sounds like ransomware.
– fixer1234
Jan 9 at 8:50
Is it encrypted but usable, or encrypted and trash? This sounds like ransomware.
– fixer1234
Jan 9 at 8:50
Encrypted but unusable. There is no claim to be found anywhere, if it's ransomware.
– Horia Ionut Baciu
Jan 9 at 9:30
Encrypted but unusable. There is no claim to be found anywhere, if it's ransomware.
– Horia Ionut Baciu
Jan 9 at 9:30
2
2
I'm not aware of an ordinary way in which downloaded files can encrypt an entire drive unless it's malware.
– fixer1234
Jan 9 at 9:42
I'm not aware of an ordinary way in which downloaded files can encrypt an entire drive unless it's malware.
– fixer1234
Jan 9 at 9:42
You must be doing more than just downloading the files, if they're the actual cause of the encryption (infection?). So for one, don't execute them.
– Xen2050
Jan 9 at 10:24
You must be doing more than just downloading the files, if they're the actual cause of the encryption (infection?). So for one, don't execute them.
– Xen2050
Jan 9 at 10:24
add a comment |
1 Answer
1
active
oldest
votes
This is usually caused by a RansomWare. Strangely, OneDrive doesn't seem to have an antivirus running on its servers. Probably OneDrive's filesystem is based on Linux.
What I recommend you to do and it usually works for me is to do the following:
Mount the OneDrive cloud in your Windows computer with a drive letter and then use an antivirus. The most effective for ransomware is Malwarebytes Antimalware. You download it here and you get a free trial. Don't worry.
Let's go to the steps:
1) Download rclone beta since production version has some issues with OneDrive
2) Unzip it in an easy-to-access place, usually C:rclone
3) Setup rclone in order to be able to use OneDrive
Open a Command prompt windows. Press Windows Button + R and type cmd.exe
Type:
cd
C:rclone
now type:
rclone config
Current remotes:
Name Type
==== ====
e) Edit existing remote
n) New remote
d) Delete remote
r) Rename remote
c) Copy remote
s) Set configuration password
q) Quit config
e/n/d/r/c/s/q>
Type N to add a new cloud provider (Google Drive, OneDrive etc)
Now type the name. Choose a simple and non capitalized name (ie myonedrive instead of MyOneDrive)
name>
Type of storage to configure.
Choose a number from below, or type in your own value
1 / Amazon Drive
"amazon cloud drive"
2 / Amazon S3 (also Dreamhost, Ceph, Minio)
"s3"
3 / Backblaze B2
"b2"
4 / Dropbox
"dropbox"
5 / Encrypt/Decrypt a remote
"crypt"
6 / Google Cloud Storage (this is not Google Drive)
"google cloud storage"
7 / Google Drive
"drive"
8 / Hubic
"hubic"
9 / Local Disk
"local"
10 / Microsoft OneDrive
"onedrive"
11 / Openstack Swift (Rackspace Cloud Files, Memset Memstore, OVH)
"swift"
12 / SSH/SFTP Connection
"sftp"
13 / Yandex Disk
"yandex"
Type "onedrive" for OneDrive.
Press ENTER. Do not type anything for client_id> and client_secret>
Next, press Y if you're running rclone on the same machine.
Remote config
Use auto config?
* Say Y if not sure
* Say N if you are working on a remote or headless machine or Y didn't work
y) Yes
n) No
y/n>
If we type Y, a browser windows will open. If you're not logged to OneDrive, it will ask you to login. Now authorize Rclone to access your files.
Success
Go back to rclone to continue
Your authorization code.
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d>
If it shows a fuzzy code as your authorization code, type y.
We're done.
Mounting your OneDrive folder
First, you have to download and install WinFSP on your Windows machine.
5) Now, using the same Command prompt Window, type the following:
rclone mount yourowndrive:folder D:
*You can replace yourowndrive with your OneDrive share name and **D:** with your favorite drive letter.
Now it's done. Keep your Command prompt Window open. Install Malwarebytes' Antimalware and scan and remove your ransomware. DO NOT open your files. Mounting your OneDrive share will not affect your Windows folders as long as you don't open your files directly.
Basically, just mount the share and scan/remove viruses.
answered Jan 9 at 11:11
G. L.G. L.
7311
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1392189%2ffiles-downloaded-from-onedrive-encrypt-my-hard-drive%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
This is usually caused by a RansomWare. Strangely, OneDrive doesn't seem to have an antivirus running on its servers. Probably OneDrive's filesystem is based on Linux.
What I recommend you to do and it usually works for me is to do the following:
Mount the OneDrive cloud in your Windows computer with a drive letter and then use an antivirus. The most effective for ransomware is Malwarebytes Antimalware. You download it here and you get a free trial. Don't worry.
Let's go to the steps:
1) Download rclone beta since production version has some issues with OneDrive
2) Unzip it in an easy-to-access place, usually C:rclone
3) Setup rclone in order to be able to use OneDrive
Open a Command prompt windows. Press Windows Button + R and type cmd.exe
Type:
cd
C:rclone
now type:
rclone config
Current remotes:
Name Type
==== ====
e) Edit existing remote
n) New remote
d) Delete remote
r) Rename remote
c) Copy remote
s) Set configuration password
q) Quit config
e/n/d/r/c/s/q>
Type N to add a new cloud provider (Google Drive, OneDrive etc)
Now type the name. Choose a simple and non capitalized name (ie myonedrive instead of MyOneDrive)
name>
Type of storage to configure.
Choose a number from below, or type in your own value
1 / Amazon Drive
"amazon cloud drive"
2 / Amazon S3 (also Dreamhost, Ceph, Minio)
"s3"
3 / Backblaze B2
"b2"
4 / Dropbox
"dropbox"
5 / Encrypt/Decrypt a remote
"crypt"
6 / Google Cloud Storage (this is not Google Drive)
"google cloud storage"
7 / Google Drive
"drive"
8 / Hubic
"hubic"
9 / Local Disk
"local"
10 / Microsoft OneDrive
"onedrive"
11 / Openstack Swift (Rackspace Cloud Files, Memset Memstore, OVH)
"swift"
12 / SSH/SFTP Connection
"sftp"
13 / Yandex Disk
"yandex"
Type "onedrive" for OneDrive.
Press ENTER. Do not type anything for client_id> and client_secret>
Next, press Y if you're running rclone on the same machine.
Remote config
Use auto config?
* Say Y if not sure
* Say N if you are working on a remote or headless machine or Y didn't work
y) Yes
n) No
y/n>
If we type Y, a browser windows will open. If you're not logged to OneDrive, it will ask you to login. Now authorize Rclone to access your files.
Success
Go back to rclone to continue
Your authorization code.
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d>
If it shows a fuzzy code as your authorization code, type y.
We're done.
Mounting your OneDrive folder
First, you have to download and install WinFSP on your Windows machine.
5) Now, using the same Command prompt Window, type the following:
rclone mount yourowndrive:folder D:
*You can replace yourowndrive with your OneDrive share name and **D:** with your favorite drive letter.
Now it's done. Keep your Command prompt Window open. Install Malwarebytes' Antimalware and scan and remove your ransomware. DO NOT open your files. Mounting your OneDrive share will not affect your Windows folders as long as you don't open your files directly.
Basically, just mount the share and scan/remove viruses.
answered Jan 9 at 11:11
G. L.G. L.
7311
add a comment |
This is usually caused by a RansomWare. Strangely, OneDrive doesn't seem to have an antivirus running on its servers. Probably OneDrive's filesystem is based on Linux.
What I recommend you to do and it usually works for me is to do the following:
Mount the OneDrive cloud in your Windows computer with a drive letter and then use an antivirus. The most effective for ransomware is Malwarebytes Antimalware. You download it here and you get a free trial. Don't worry.
Let's go to the steps:
1) Download rclone beta since production version has some issues with OneDrive
2) Unzip it in an easy-to-access place, usually C:rclone
3) Setup rclone in order to be able to use OneDrive
Open a Command prompt windows. Press Windows Button + R and type cmd.exe
Type:
cd
C:rclone
now type:
rclone config
Current remotes:
Name Type
==== ====
e) Edit existing remote
n) New remote
d) Delete remote
r) Rename remote
c) Copy remote
s) Set configuration password
q) Quit config
e/n/d/r/c/s/q>
Type N to add a new cloud provider (Google Drive, OneDrive etc)
Now type the name. Choose a simple and non capitalized name (ie myonedrive instead of MyOneDrive)
name>
Type of storage to configure.
Choose a number from below, or type in your own value
1 / Amazon Drive
"amazon cloud drive"
2 / Amazon S3 (also Dreamhost, Ceph, Minio)
"s3"
3 / Backblaze B2
"b2"
4 / Dropbox
"dropbox"
5 / Encrypt/Decrypt a remote
"crypt"
6 / Google Cloud Storage (this is not Google Drive)
"google cloud storage"
7 / Google Drive
"drive"
8 / Hubic
"hubic"
9 / Local Disk
"local"
10 / Microsoft OneDrive
"onedrive"
11 / Openstack Swift (Rackspace Cloud Files, Memset Memstore, OVH)
"swift"
12 / SSH/SFTP Connection
"sftp"
13 / Yandex Disk
"yandex"
Type "onedrive" for OneDrive.
Press ENTER. Do not type anything for client_id> and client_secret>
Next, press Y if you're running rclone on the same machine.
Remote config
Use auto config?
* Say Y if not sure
* Say N if you are working on a remote or headless machine or Y didn't work
y) Yes
n) No
y/n>
If we type Y, a browser windows will open. If you're not logged to OneDrive, it will ask you to login. Now authorize Rclone to access your files.
Success
Go back to rclone to continue
Your authorization code.
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d>
If it shows a fuzzy code as your authorization code, type y.
We're done.
Mounting your OneDrive folder
First, you have to download and install WinFSP on your Windows machine.
5) Now, using the same Command prompt Window, type the following:
rclone mount yourowndrive:folder D:
*You can replace yourowndrive with your OneDrive share name and **D:** with your favorite drive letter.
Now it's done. Keep your Command prompt Window open. Install Malwarebytes' Antimalware and scan and remove your ransomware. DO NOT open your files. Mounting your OneDrive share will not affect your Windows folders as long as you don't open your files directly.
Basically, just mount the share and scan/remove viruses.
answered Jan 9 at 11:11
G. L.G. L.
7311
add a comment |
This is usually caused by a RansomWare. Strangely, OneDrive doesn't seem to have an antivirus running on its servers. Probably OneDrive's filesystem is based on Linux.
What I recommend you to do and it usually works for me is to do the following:
Mount the OneDrive cloud in your Windows computer with a drive letter and then use an antivirus. The most effective for ransomware is Malwarebytes Antimalware. You download it here and you get a free trial. Don't worry.
Let's go to the steps:
1) Download rclone beta since production version has some issues with OneDrive
2) Unzip it in an easy-to-access place, usually C:rclone
3) Setup rclone in order to be able to use OneDrive
Open a Command prompt windows. Press Windows Button + R and type cmd.exe
Type:
cd
C:rclone
now type:
rclone config
Current remotes:
Name Type
==== ====
e) Edit existing remote
n) New remote
d) Delete remote
r) Rename remote
c) Copy remote
s) Set configuration password
q) Quit config
e/n/d/r/c/s/q>
Type N to add a new cloud provider (Google Drive, OneDrive etc)
Now type the name. Choose a simple and non capitalized name (ie myonedrive instead of MyOneDrive)
name>
Type of storage to configure.
Choose a number from below, or type in your own value
1 / Amazon Drive
"amazon cloud drive"
2 / Amazon S3 (also Dreamhost, Ceph, Minio)
"s3"
3 / Backblaze B2
"b2"
4 / Dropbox
"dropbox"
5 / Encrypt/Decrypt a remote
"crypt"
6 / Google Cloud Storage (this is not Google Drive)
"google cloud storage"
7 / Google Drive
"drive"
8 / Hubic
"hubic"
9 / Local Disk
"local"
10 / Microsoft OneDrive
"onedrive"
11 / Openstack Swift (Rackspace Cloud Files, Memset Memstore, OVH)
"swift"
12 / SSH/SFTP Connection
"sftp"
13 / Yandex Disk
"yandex"
Type "onedrive" for OneDrive.
Press ENTER. Do not type anything for client_id> and client_secret>
Next, press Y if you're running rclone on the same machine.
Remote config
Use auto config?
* Say Y if not sure
* Say N if you are working on a remote or headless machine or Y didn't work
y) Yes
n) No
y/n>
If we type Y, a browser windows will open. If you're not logged to OneDrive, it will ask you to login. Now authorize Rclone to access your files.
Success
Go back to rclone to continue
Your authorization code.
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d>
If it shows a fuzzy code as your authorization code, type y.
We're done.
Mounting your OneDrive folder
First, you have to download and install WinFSP on your Windows machine.
5) Now, using the same Command prompt Window, type the following:
rclone mount yourowndrive:folder D:
*You can replace yourowndrive with your OneDrive share name and **D:** with your favorite drive letter.
Now it's done. Keep your Command prompt Window open. Install Malwarebytes' Antimalware and scan and remove your ransomware. DO NOT open your files. Mounting your OneDrive share will not affect your Windows folders as long as you don't open your files directly.
Basically, just mount the share and scan/remove viruses.
answered Jan 9 at 11:11
G. L.G. L.
7311
This is usually caused by a RansomWare. Strangely, OneDrive doesn't seem to have an antivirus running on its servers. Probably OneDrive's filesystem is based on Linux.
What I recommend you to do and it usually works for me is to do the following:
Mount the OneDrive cloud in your Windows computer with a drive letter and then use an antivirus. The most effective for ransomware is Malwarebytes Antimalware. You download it here and you get a free trial. Don't worry.
Let's go to the steps:
1) Download rclone beta since production version has some issues with OneDrive
2) Unzip it in an easy-to-access place, usually C:rclone
3) Setup rclone in order to be able to use OneDrive
Open a Command prompt windows. Press Windows Button + R and type cmd.exe
Type:
cd
C:rclone
now type:
rclone config
Current remotes:
Name Type
==== ====
e) Edit existing remote
n) New remote
d) Delete remote
r) Rename remote
c) Copy remote
s) Set configuration password
q) Quit config
e/n/d/r/c/s/q>
Type N to add a new cloud provider (Google Drive, OneDrive etc)
Now type the name. Choose a simple and non capitalized name (ie myonedrive instead of MyOneDrive)
name>
Type of storage to configure.
Choose a number from below, or type in your own value
1 / Amazon Drive
"amazon cloud drive"
2 / Amazon S3 (also Dreamhost, Ceph, Minio)
"s3"
3 / Backblaze B2
"b2"
4 / Dropbox
"dropbox"
5 / Encrypt/Decrypt a remote
"crypt"
6 / Google Cloud Storage (this is not Google Drive)
"google cloud storage"
7 / Google Drive
"drive"
8 / Hubic
"hubic"
9 / Local Disk
"local"
10 / Microsoft OneDrive
"onedrive"
11 / Openstack Swift (Rackspace Cloud Files, Memset Memstore, OVH)
"swift"
12 / SSH/SFTP Connection
"sftp"
13 / Yandex Disk
"yandex"
Type "onedrive" for OneDrive.
Press ENTER. Do not type anything for client_id> and client_secret>
Next, press Y if you're running rclone on the same machine.
Remote config
Use auto config?
* Say Y if not sure
* Say N if you are working on a remote or headless machine or Y didn't work
y) Yes
n) No
y/n>
If we type Y, a browser windows will open. If you're not logged to OneDrive, it will ask you to login. Now authorize Rclone to access your files.
Success
Go back to rclone to continue
Your authorization code.
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d>
If it shows a fuzzy code as your authorization code, type y.
We're done.
Mounting your OneDrive folder
First, you have to download and install WinFSP on your Windows machine.
5) Now, using the same Command prompt Window, type the following:
rclone mount yourowndrive:folder D:
*You can replace yourowndrive with your OneDrive share name and **D:** with your favorite drive letter.
Now it's done. Keep your Command prompt Window open. Install Malwarebytes' Antimalware and scan and remove your ransomware. DO NOT open your files. Mounting your OneDrive share will not affect your Windows folders as long as you don't open your files directly.
Basically, just mount the share and scan/remove viruses.
answered Jan 9 at 11:11
G. L.G. L.
7311
answered Jan 9 at 11:11
G. L.G. L.
7311
answered Jan 9 at 11:11
G. L.G. L.
7311
answered Jan 9 at 11:11
G. L.G. L.
7311
7311
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1392189%2ffiles-downloaded-from-onedrive-encrypt-my-hard-drive%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
3
Is it encrypted but usable, or encrypted and trash? This sounds like ransomware.
– fixer1234
Jan 9 at 8:50
Encrypted but unusable. There is no claim to be found anywhere, if it's ransomware.
– Horia Ionut Baciu
Jan 9 at 9:30
2
I'm not aware of an ordinary way in which downloaded files can encrypt an entire drive unless it's malware.
– fixer1234
Jan 9 at 9:42
You must be doing more than just downloading the files, if they're the actual cause of the encryption (infection?). So for one, don't execute them.
– Xen2050
Jan 9 at 10:24