Posted on 03/21/2015 9:30:33 AM PDT by xzins
My geek friend said yeah ... it's a virus and he somehow re-formatted (I had lost my back-up CD) and got me back on track
I thought of this last night for no known reason (the event was about a year ago) and I thought ... the FBI or anyone that is named as a ransomware deliverer, should protect their own name and reputation by figuring out a patch and give it away free.
Ironic this thread shows up after I had thought of that klast night.
Good points all.
At this point just about everybody has a newer machine and an old one gathering dust. I made it a point a long time ago to use a “throwaway” laptop for all my internet browsing. It has no data on it and with a Ghost snapshot I can restore it in 20 minutes if I get a bug.
There’s no excuse for losing your stuff anymore.
On the side, it would seem every piece of evidence touched by the encryption would be invalidated. It was out of the chain of custody while encrypted and subject to manipulation while the pc was infected.
Both are overpriced bloatware. AVG and Malwarebytes both publish free versions and the paid versions are reasonably priced for what they offer; there are other good free ant-malware packages as well.
I run an image with Odin on a weekly basis. Runs in the background and takes rougly 18 hours. This is in addition to my nightly backup.
Something similar happened at work where one person’s pc was infected but they put a file on a shared drive which infected all those files and some other people had their pc’s infected who used files from the infected drive.
The company has backups for the network drives and was able to use them but anything new added to those network drives was lost and the other pc’s infected were wiped and a new image of Windows was put on as they could not remove the virus.
Copy your photos separate off the pc or you may lose all those memories.
I routinely backup, and verify the backup. I have multiple backups in case the latest one is compromised. That’s at home. At work. ..
That’s a good point.
The safest route is to back up your file and get an entirely new system, writing off the old equipment and old files.
This can stop the takeover.....Some people say to unplug form the Ethernet first but I don't know if that helps.
However, if you take regular backups then disconnect the backup device and only reconnect it to restore a file or to do the next backup, then yes, you can restore from there.
I back up regularly to a memory stick that I immediately remove once the backup is done. I NEVER leave it in the port.
Bump for reference.
Excellent point. I do that also (unmount the backup drive), but I took it for granted that of course people do that.... you're right, they don't.
Bump
That’s a very good point. Back up and remove back up device. Too easy to get sloppy and just sign off.
Roger that. I'm a belt and suspenders guy. Mirror raid with a time machine backup on the Mac Pro home server. Macbook Pro for browsing and preliminary work. Then a business workhorse desktop, another older Mac Pro, with no internet connection. This machine is Super Duper cloned periodically to an external HD. Then the kids use a PC desktop for homework. If that blows up, who cares dime a dozen
I realize the bigger issue is for those with offsite servers. The secret here is backing up. And maybe it's a good idea to eliminate web browsers from employees machines.
Download Kaspersky Rescue Disk 10 ,boot computer from it clean out Ransomware ,D’oh
An earlier poster pointed out that the ransom originators could have changed your files, and they should not be used again.
The suggestion it’s better to back up and start over completely. That seems logical to me.
An earlier poster, criticalj, pointed out that the ransom originators could have changed your files, and they should not be used again.
The suggestion it’s better to back up and start over completely. That seems logical to me.
Agree with your recommendations, and would add one.
I use Firefox with an add-on called ‘No Script’. It blacklists all scripts unless you explicitly allow them. You can white-list known-good sites and it will remember them.
Keep much of the stuff from getting in in the first place, so you don’t end up having to dig it out of your OS.
I had Dr. Spyware, which did a great job.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.