General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsRansomware: normally I try not to post this kind of superduper ultra-geeky thing in GD but....
ransomware is a huge threat.
XPost from CHaS:
http://www.democraticunderground.com/109517121
CryptoWall ransomware removal instruction and ways to restore the encrypted files
http://pcfixhelp.net/viruses/2878-how-to-remove-cryptowall-virus-and-restore-encrypted-files
CryptoWall is the malicious software that was developed by hackers to earn money in illegal way. Actually, this software penetrates users PC and encrypts all text and image files on it. After that, user receives a message with ransom. In general, the message says: Give your money, or we will destroy the encrypted files. This scheme isnt 100% efficient, because some users just dont store the important files on unprotected computers. This business is really profitable for hackers, and they develop the new versions of such programs every month. All ransomware with crypto- prefix in its name is just another version of CryptoWall. If your PC was infected by one of these programs we have good news for you. Its curable, and you have good chances to restore your data without paying a ransom.
How CryptoWall Virus works
CryptoWall, as any other ransomware, is very dangerous. But when it isnt installed on your PC its not more than usual virus, which can be stopped in usual ways. It gets into your computer with emails, from free file-sharing services and other suspicious websites. The knowledge of basic principles of internet-security will help you to avoid all websites, from which CryptoWall can get into your system. Any kind of anti-viral programs also will be helpful to prevent the infection.
But is the virus already is in your system, and you received a message then the work is done. All files are encrypted and you have to deal with it in some way. The message says that files couldnt be decrypted, and you have only one option: to pay a ransom (between 500 and 1000 dollars). These scammers lie, and you have not one, but three techniques that will help you to regain your data. But these techniques are not related to decryption. Its actually impossible to decrypt such cipher without a key, because the algorithms of encryption, used by CryptoWall (RSA-2048, RSA-4096 and AES-128) are perfect. You can possibly bruteforce it, but it will take thousands of years for each file. But, the techniques, which we talked about, are related to the hidden functions of your own PC. All these methods are described in the chapter How to decrypt your files.
How to remove CryptoWall Virus from the computer
The removal of this virus is very important, but its a simple part. And remember: when the virus will be removed, you will lose a chance to restore the files through paying a ransom. So, remove it only if you have another chance to restore data, or you are ready to lose the files completely. Some users think that the removal is equal to decryption. Its not true. The files will remain encrypted, but the new files will be safe. The removal can be performed manually, or with help of anti-viral software. The manual removal technique is described below this paragraph. If you prefer an automatic removal we advise you to use SpyHunter. This tool has more than 100K of users around the world, and their PCs are reliably protected from CryptoWall and other similar threats. You will need to purchase this tool, download it and launch a full scan. Click here to download Spyhunter and remove virus automatically.
much more at link
Maeve
(42,282 posts)Backup important files to a stand-alone device on a regular basis. Altho most of these jerks are targeting businesses, anyone can be hit.
And you don't have to be careless to have it happen (altho carelessness increases the risk(; our server was hit by a hacker's bot. It was set up to send out spam, which our software caught, but before that started, a ransomware bot hit thru the hacker's backdoor. Fortunately, there are no files kept on the server and the rest of our system was protected. Hubby was able to clear it and patch the backdoor, but only because he is a belt-and-suspenders type. He's had to clear computers for several clients, some of whom have lost data to this crap.
steve2470
(37,457 posts)pnwmom
(108,978 posts)dembotoz
(16,804 posts)not flooding, not power surges, you
down load the wrong thing
respond to the wrong email
disaster recovery is not just about water and fire anymore