In August we got whacked by ransomware (Lukitus). Yesterday completely by chance I was poking around on the core server and found some encrypted files. I searched the whole server and found many more. Nothing runs on this machine but the O/S (Server2012) and RR.
Looking at the repository is appears that some config files got encrypted but that RR just made new ones? The other, larger (proprietary) files like ids, map, etc all seem untouched. Everything still runs fine and the recovery points from that date range have long since cycled out. The base images are from long before.
Do I hose this whole core and start over or just leave it alone? Making three new base images and a new chain for no compelling reason does not really appeal to me.