Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Backup the best defense against (Cri)locked files

19 Nov 2013   #1
Brink
Microsoft MVP

64-bit Windows 10 build 10159
 
 
Backup the best defense against (Cri)locked files

Quote:
Crilock also known as CryptoLocker is one notorious ransomware that's been making the rounds since early September. Its primary payload is to target and encrypt your files, such as your pictures and Office documents. All of the file types that can be encrypted are listed in our Trojan:Win32/Crilock.A and Trojan:Win32/Crilock.B descriptions.

Crilock affected about 34,000 machines between September and early November 2013.

Once Crilock encrypts your file types, they are rendered unusable. The malware shows a message that covers your desktop and demands you pay a ransom to have access to your files again. The ransom can be paid with various online currencies such as BitCoin, CashU, MoneyPak, Paysafecard, and Ukash. Once you pay, the malware author will supposedly give you back the private keys used in encryption. However, we don't recommend doing this as there is no guarantee that paying will lead to recovering your documents and, in effect, you're giving criminals some of your hard-earned money.
Read more at: Backup the best defense against (Cri)locked files - Microsoft Malware Protection Center - Site Home - TechNet Blogs


My System SpecsSystem Spec
.

19 Nov 2013   #2
Tews

64-bit Windows 8.1 Pro
 
 

My System SpecsSystem Spec
19 Nov 2013   #3
whs
Microsoft MVP

Vista, Windows7, Mint Mate, Zorin, Windows 8
 
 

Another good reason to make frequent images for the system and the data.
My System SpecsSystem Spec
.


19 Nov 2013   #4
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

I'm wondering why they can't track the money trail to catch who is doing this.
The good guy's know the methods of payment so their must be an account registered to somebody or some company to receive the funds. Follow the money as they say. When caught have a Sunday after church hanging. Make sure CNN and Alcazar has reporter there.
That should slow down this kind of thing being done so often.
My System SpecsSystem Spec
19 Nov 2013   #5
whs
Microsoft MVP

Vista, Windows7, Mint Mate, Zorin, Windows 8
 
 

That would be a useful job for the NSA - rather than snooping on th pope and other dignitaries.
My System SpecsSystem Spec
19 Nov 2013   #6
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

I believe you got a great idea whs.
They could do it with no problem if directed to do it.

In my opinion NSA is needed but it needs to be controlled.
To the best of my knowledge NSA is under the guidance of the White House and the NSC. NSA's directives can change in a heart beat.
Some one gave orders to NSA to snoop on lets say the Pope.
I don't believe that NSA does things on a whim.
My System SpecsSystem Spec
19 Nov 2013   #7
whs
Microsoft MVP

Vista, Windows7, Mint Mate, Zorin, Windows 8
 
 

I really don't know how they operate. But they sure stirred up a bee's nest in Europe. People are appalled and disgusted about their practices. But our goverments are in one boat with them. They even have offices at our airports and ports with boots on the ground. How could they be there without our goverment letting them.

I wonder what the the US public would say if our secret services were snooping on the US president and members of congress and had people screened (and often rejected to fly) by our services in US airports.
My System SpecsSystem Spec
19 Nov 2013   #8
Cr00zng

Windows 7 64-bit, Windows 8.1 64-bit, OSX Maverick
 
 

The payment by Bitcoin and/or MoneyPack aren't easy to track, these are basically cash based transactions. At the current time NSA has no authority/capability to follow the money trace, either in the US and/or foreign countries.

They can eavesdrop on the chancellor, check airlines passenger lists in foreign countries, but believe it or not, the financial transactions aren't that easy to trace. Mainly for the reason that financial institutions do not cooperate without a court order, even then they'll challenge the court order first. They also encrypt their data, both locally and over the wire that pretty much useless for the NSA, even if it is captured. No, it's not a simple SSL based encryption...

The better option for people is to have NSA take down the command and control servers for CryLock and/or block access to them, if they are in foreign countries. Grabbing the hackers would even be better, but it is not always possible when these people are in foreign countries. Sending in the drones would be overdoing it...

While backups are good to have the files accessible, if Crylock hits, choose the backup options carefully. It will encrypt the data on the local and network drives as well. Depending on the settings for the system restore, it could be a viable option. The system restore files, by default, cannot be modified. But then again, Crylock is downloaded by a root kit on the system, that in theory could modify the ACL for the system restore files. If you want to get technical...
My System SpecsSystem Spec
19 Nov 2013   #9
whs
Microsoft MVP

Vista, Windows7, Mint Mate, Zorin, Windows 8
 
 

Quote:
At the current time NSA has no authority/capability to follow the money trace, either in the US and/or foreign countries.


Quote:
While backups are good to have the files accessible, if Crylock hits, choose the backup options carefully. It will encrypt the data on the local and network drives as well. Depending on the settings for the system restore, it could be a viable option. The system restore files, by default, cannot be modified. But then again, Crylock is downloaded by a root kit on the system, that in theory could modify the ACL for the system restore files. If you want to get technical...
The way to go is to put your images on an external disk that is disconnected when no imaging activity takes place.
My System SpecsSystem Spec
19 Nov 2013   #10
PSCO2007

Windows 7 Professional X64
 
 

Quote   Quote: Originally Posted by Brink View Post
Quote:
Crilock – also known as CryptoLocker – is one notorious ransomware that's been making the rounds since early September. Its primary payload is to target and encrypt your files, such as your pictures and Office documents. All of the file types that can be encrypted are listed in our Trojan:Win32/Crilock.A and Trojan:Win32/Crilock.B descriptions.

Crilock affected about 34,000 machines between September and early November 2013.

Once Crilock encrypts your file types, they are rendered unusable. The malware shows a message that covers your desktop and demands you pay a ransom to have access to your files again. The ransom can be paid with various online currencies such as BitCoin, CashU, MoneyPak, Paysafecard, and Ukash. Once you pay, the malware author will supposedly give you back the private keys used in encryption. However, we don't recommend doing this as there is no guarantee that paying will lead to recovering your documents and, in effect, you're giving criminals some of your hard-earned money.
Read more at: Backup the best defense against (Cri)locked files - Microsoft Malware Protection Center - Site Home - TechNet Blogs
Exactly how I got back my comp after FBIMONEYPAK locked my comp!

Trueimage saved me again.
My System SpecsSystem Spec
Reply

 Backup the best defense against (Cri)locked files




Thread Tools





Similar help and support threads
Thread Forum
all compressed files...locked!
hello, I have a problem, every compressed file that I create (right click/shortcut menu...send to...compressed (zipped) folder) finishes by placing a lock icon, which I assume means that it cannot be transfered to another computer and at risk of being inaccessible at some later point-in-time (just...
General Discussion
Locked out of files.....yes another one of those
I'v been here multiple times and you guys always help me when i need it but i have been searching for the solution for a while and still not success when i built a new comp i hooked up my harddrives and had access to some files but not all and made due with what i had and would eventually come...
General Discussion
files locked!
i have just discovered a folder in my music folder that contains about 18 albums all of the files within are locked how can i change this ,i have tried to change permissions in the properties /security but no joy any ideas?
General Discussion
Files and documents locked ?
Hey Folks, A few days ago I picked up a particularly nasty trojan that began running ads in my desktop background - Just audio, but still annoying. I tried removing it using Malwarebytes and Spybot. Oddly enough, since then, I've had further problems. One is the browser redirects randomly to...
General Discussion
All my files are locked? AHH!!
Ok, this is a nightmare. I do a lot of photoshop graphics for work. I open a file in photoshop and edit...then save....WRONG!! It says I cannot save because it is locked. ALL MY FILES ARE LOCKED? How do I correct this insanity?
General Discussion
Backup files fail to backup files in Program Files
The test result is under Win7 build 7000 1. Open backup and restore center 2. Set backup settings a. Choose backup locations to local disk,for example f:\ b. Choose c. What do you want to back up? Only choose the folder of c:\program files\windows photo viewer\ ...
Backup and Restore

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 23:58.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App