^^^If you ever see this window and you don't have any backups, go in the corner of the room and cry!!
Up until recently most viruses were mainly just scare tactics not too terribly difficult to remove...at worse it would leave the operating system in an unusable state. This new infect in really no different in that regards the infection itself can be removed fairly quickly by a professional computer expert. However, unlike past ransom ware like fake anti-viruses or the FBI Warning Virus that disabled you're computer but didn't do damage to actual important documents and photos. This new virus 'cryptolocker' encrypts almost all user data. Office files, pdf, photos, financial data, etc. There is no way to decrypt these files without paying the ransom and getting the private key.
Worse still if your computer is part of a network and has access to shared drives those files will get encrypted as well....that also includes any backup drive that's attached to your computer rendering any backups useless.
Here's a few things to prevent it:
- Don't ever open files from e-mails you don't trust or just look 'strange' a strange website address with random numbers or symbols, a zip file especially if the e-mail purports to be from a bank, delivery company (ups fedex postal service), a bank, etc. None of these institutions are ever going to send you a zip file so right off that bat expect the file to be malicious.
- Have off-site backup, I recommend backblaze for home users CLICK HERE it's very easy to sign up and install, there's no configuring needed. For customers with servers please contact me to schedule an appointment to configure a off-site backup for your business. GO NOW AND BACKUP YOUR COMPUTER BEFORE YOU READ ANYMORE, NOW!!!
- If you are infect and see the image above, as soon as you do pull the plug it's probably too late for your computer but you may save other computers on the network.
- Have an up-to-date antivirus and protection, a lot of techs disagree with me but I've liked Norton ever since they've rewritten their application a couple years back I run it on my machine. If you get it just make sure you go into settings and then antivirus settings, turn boot protection to aggressive and sonar protection to aggressive. Buy Norton here http://amzn.to/1bwfpOH good for 3 computers. It protects against all known variants but as always it's a cat and mouse game, should you run into a new variant before Norton has a chance to update well....you'll be restoring from the backup you've just made.
- Contact JRD Tech, we can setup software restrictions to prevent executable files from running in known locations this virus hides out in.
So what happens if you get infected and have no backup, should you pay the $300 ransom or however much it is depending on the variant? The concensus is that you should NOT pay since if these criminals don't make any money they might not bother with this sort of method in the future. However, if this is your life on the computer, cherished memories or important financial or business information that you can't stand to lose then well you don't have much of a choice and from what I've read, paying does in fact decrypt the files. Of course if you do decide to pay the ransome please make sure to call a professional like JRD Tech to make sure the infection is completely erradicated so it doesn't decide to rear it's head a few weeks later and demand more money.