DirectShowSource could not open as... - Page 2

StainlessS · 27th November 2019, 00:12

Quote:

Originally Posted by TCmullet

when I was ransomware attacked 2 years ago and the system was chock full of "gigaquads" of video files waiting for me to work on, I discovered months later that both DGSource and Mpeg2Source would SKIP OVER the corrupted (encrypted) header to find that other than the 1st few seconds, the rest of the video and audio was INTACT! Gee, was I thrilled to discover THAT! I don't have $6000 to pay an evil extortioner.

Had you already (DG)Indexed the files (prior to extortion) or were they indexed after they were made 'non-playable' ?

[ie was it the pre-existing indexing that enabled defeat of blackmailer, or did they index ok even after being obfuscated].

EDIT: I assume that DgSource also indexes files akin to DgIndex.

EDIT: And I dont suppose that you still have samples of the obfuscated files, or do you ?
And what types of files worked OK, VOB ? [I'm guessin' VOB or TS or Mpeg2 Program Stream], and were there any file types that generally did not work OK.

TCmullet · 26th January 2022, 02:07

Hi Stainless (if you're still around to read this and are still interested). Sorry I didn't notice your post with questions back then. DGSource etc. were able to build their index AFTER the video file (TS, M2TS, or whatever) was encrypted. And I'm not sure if I saved any of the damaged video files. (Would take a lot of hunting to check.)

In the years since this episode, I am saddened as I hear other reports of ransomware attacks. I don't know if most attacks were via Remote Desktop. But it is a relative EASY set of steps to go through to prevent Windows from being attacked in that way. ALL the loopholes were open in my case. Some of the loopholes were CRIMINAL NEGLIGENCE by Microsoft in setting up the defaults for login retry counts. It's not even easy to change them (as it's not well-documented), so all the more reason why MS should have set defaults that would not allow easy invasion by RDT invaders. The losses I had ended up being very irritating only, unlike the life-threatening disasters these criminals cause to many victims.

StainlessS · 26th January 2022, 17:09

Quote:

Would take a lot of hunting to check.

No sweat, I'de actually forgotten all about it.

26th January 2022, 02:07	#22 \| Link
TCmullet Registered User Join Date: Nov 2003 Posts: 365	Hi Stainless (if you're still around to read this and are still interested). Sorry I didn't notice your post with questions back then. DGSource etc. were able to build their index AFTER the video file (TS, M2TS, or whatever) was encrypted. And I'm not sure if I saved any of the damaged video files. (Would take a lot of hunting to check.) In the years since this episode, I am saddened as I hear other reports of ransomware attacks. I don't know if most attacks were via Remote Desktop. But it is a relative EASY set of steps to go through to prevent Windows from being attacked in that way. ALL the loopholes were open in my case. Some of the loopholes were CRIMINAL NEGLIGENCE by Microsoft in setting up the defaults for login retry counts. It's not even easy to change them (as it's not well-documented), so all the more reason why MS should have set defaults that would not allow easy invasion by RDT invaders. The losses I had ended up being very irritating only, unlike the life-threatening disasters these criminals cause to many victims.