Solved

CryptoDefense Cryptodefense On CLient Machine

Posted on 2014-04-09
5
388 Views
Last Modified: 2014-04-17
Hi;

A client has been infected with Cryptolocker (Cryptodefense) so some of their documents are encrypted.

Is there still a functioning solution other than paying these guys.

Alternately is there a way to unencrypt the files.
0
Comment
Question by:mavcom
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 24

Assisted Solution

by:aadih
aadih earned 200 total points
ID: 39988705
No. :-(

[Without a backup image, no way out.]
0
 
LVL 25

Accepted Solution

by:
Tony Giangreco earned 300 total points
ID: 39991281
If you are referring to CryptoLocker, it is not a virus or spyware. It's an encryption a hacker places on all your documents  local and network that encrypts your documents.

There are multiple lines of defense:

1. Installing a good firewall like Cisco, Sonicwall or Barracuda that includes content filtering to inspect packets as they are received and drop suspicious and known file types before they reach your network.

2. There are also some software firewalls that help but we believe a stand alone hardware firewall is best.

3. Installing a web based anti spam service that inspects email before it's received like the content filtering above. We use GFI Mail Essentials Online for this service.

4. Educate your users not to open email that looks irregular and from someone they do not expect. This is just plain common sense feature that some people don't use.

If you get hit with CryptoLocker, there are two solutions:

1. Restore from a backup to restore your registry back so it’s clean and restore your documents in unencrypted format.
2. Pay the ransom and hope they unlock your files.

Comodo AntiVirus says if you are running their anti virus and get hit with CryptoLocker, they "offer customers up to a $5,000 limited warranty against infection."

http://www.comodo.com/news/press_releases/2013/11/comodo-endpoint-security-protects-cryptoLocker-ransomware-virus.html

Hope this helps.
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 39997999
Have we provided the information you needed? There is no un-encryption solution.
0
 

Author Closing Comment

by:mavcom
ID: 40007351
Thank you.
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 40007370
Glad I could provide information. Hope it helps!
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question