finance_teacher
asked on
Cryptowall 3.0 -- Removal
I easily restored from my backup therefore NO big deal.
** What RESTORE TOOLS do you recommend if
someone does not have backup based
on the below ?
========================== ========== ========== ========== ===
SPECS
** Windows 8.1 machine
** running updated Symantec Antivirus and Windows updates
** somehow got Cryptowall 3.0 virus
** local files are encrypted
** What RESTORE TOOLS do you recommend if
someone does not have backup based
on the below ?
==========================
SPECS
** Windows 8.1 machine
** running updated Symantec Antivirus and Windows updates
** somehow got Cryptowall 3.0 virus
** local files are encrypted
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I think drive-by is also something where the risks are reduced with proper user education. The user is always the biggest risk of all.
I agree, user education is paramount. Although somethings cannot be helped. I practically grill my wife on proper security practices when using a computer. She is an ESL teacher and is constantly looking for new relevant material. One day she visited an ESL site she had probably been to over 100 times and malware was downloaded onto our laptop. She called me over immediately (luckily it was at night and I was home) and I was able to squash the bug before it had time to do anything. But the site apparently had malvertising on it. Malware advertising is not easily caught and it usually takes some time before the website where it is hosted realizes they have been hit. Since most websites use third party advertising companies and those companies are more easily hacked, malvertising is an easy way for malware writers to gain a foothold.
More recently malvertising has been used to download a trojan onto target computers which then contacts a C&C server that downloads the ransomware payload.
More recently malvertising has been used to download a trojan onto target computers which then contacts a C&C server that downloads the ransomware payload.
None, as they don't exist.
Teach your clients to make backups properly of any data that is important to them. Teach them not to use outdated OS's like XP, and that they must keep their OS and software fully patched. Have them use updated AntiVirus software, and the Windows firewall should never be off. Have them only use standard user accounts when they are logged in, and not accounts with admin rights. If they need to do something that requires admin rights they can always start the program "As Administrator", or UAC should pop up. This makes it a lot harder for unwanted stuff to get installed. Teach them to never open attachments if they aren't expected.
Basically, teach them common sense, and it will be a lot harder to get infected.