Cryptolocker Malware.

Just read in my Computeractive magazine about the above ransomware that is really horrible. The magazine recommends installing CryptoPrevent tool (www.snipca.com/10690) - I Googled Cryptoprevent tool and managed to download it for free. Just thought I'd post this on here for information.
FBG40
19:08 Fri 22nd Nov 2013
 
Best Answer


No best answer has yet been selected by fbg40. Once a best answer has been selected, it will be shown here.

For more on marking an answer as the "Best Answer", please visit our FAQ.

1 to 4 of 4

Some extra precautions to take.

Make sure you have backup copies of ALL your personal files on an external hard drive. Preferably one that is NOT plugged in to your PC so it does not get encrypted.

A spare copy of your important personal files on CD or DVD would also be useful (good idea to have important files backed up in at least two places).

If you have more than one PC in the house, copy personal files onto the other PC as a spare or backup.

Consider reducing the number of personal files you have on your PC to a minimum. I have most of my personal files on external hard drive and work with them from there. I have almost no personal files on my PC, just Windows and a couple of personal files.

Consider using software to make an "image" of your hard disk. I have an image of my Windows files stored on an external hard drive. If I need to "reinstall" Windows I can do it in less than 10 minutes.

There are a number of programs you can use to make an image of your hard disk. I use Macrium Reflect Free Edition, which as it says, is free, and has been excellent for me for making images of my hard disk. I have done numerous restores from these images and it works every time.

There are other products like Acronis True Image and so on.

DONT assume this Cryptolocker will not happen to you, it can happen to anyone.

Even if it does not happen, taking precautions like I have listed above may save you losing important personal files.
Very good post.

See also this living article on Bleeping Computer:
http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information#prevent
Further to the article, do not leave your backup device connected to your computer after backing up because Cryptolocker can infect any device with a normal drive letter (C:, D:, E: etc.). Have at least three backup devices and use them in rotation.

The FBI are involved. If you do hear of a case, please tell them.
http://www.fbi.gov/scams-safety/e-scams

I have seen thousands of these emails stopped at our email gateway. They generally contain what appears to be a Zipped PDF which explodes to an autorun EXE. Lately it's not been the usual fake DHL etc. emails but more recently fake Telephone Messages which look quite plausible if you happen to have that service.

Beware: The virus keeps changing. By the time I finish typing, this will be out of date.

Disclaimer: Do your own research, back up your data frequently, no two Microsoft Windows PCs are the same, no warranty intended or implied.
Very good post from @VHG about imaging your PC.

Further to @fbg40 I have yet to evaluate the Windows Group Policy changes invoked by the "CryptoPrevent tool", but I really like the concept. Not just for Cryptolocker.

Hi fbg40,
I did the same thing yesterday. Fortunately, I've made a full back-up on Monday onto a separate external drive ,which is now in the bottom of my wardrobe!

1 to 4 of 4

Latest posts