From jukefox@jukejoynt.com Thu Mar 05 08:21:24 2015
Subject:OT: Re: Dave Garfield VIRUS
I've actually had some success defeating these guys (knock wood) but it's a royal PITA! The best defense is a good defense, in the form of a reputable anti-virus software constantly up, updated and running.
That admonition aside, I was able to recover a computer that was hijacked by cryptowall (or something very similar, using the same modus operandi) by removing the hard drives, scanning them from another PROTECTED machine (removing all infected files), copying all the cleaned files onto a third set of clean drives, reformatting the original program drive, reinstalling the OS and programs, finally installing the new data drives. I could probably have reinstalled the cleaned data drives, but didn't want to take the minimal risk that something may remain resident. The only reason I retained the program drive was that much of the software needed to run on it registers to both the drive AND the processor. Fortunately, this was a business machine and not running striped drives in a RAID array...that would have complicated recovery substantially!
Sounds like a lot of trouble...and it is...and if you don't know what you're doing (and most computer users don't, actually) you can easily infect the recovery machine as well. These pirates build the virus this way on purpose...so that 1) you would never think it possible to recover your files without their "help," and 2) that even if it did occur to you to call in a tech, the cost would be at least twice the ransomed demand.
Best advice: keep your studio machines completely off the internet! Make certain your online machine is running a reputable mainstream anti-virus/anti-spam client that is frequently updated (any it least daily) and that all software is kept up to date. ALWAYS RUN BEHIND FIREWALLS! Never click on suspicious links or links from folks you do not know or were not expecting. NEVER open attachments from people you do not know unless first scanned by a reputable malware detector. ALWAYS USE COMMON SENSE!
Follow all those guidelines and you may still get infected...really cautious folks get viruses every day and nobody is consistently vigilant...even those who are occasionally get fooled. But you reduce your chances of getting taken down substantially.
The best advise from all of this is that, if you are not running a good, REPUTABLE, established anti-virus software that constantly updates and conducts frequent scheduled scans, while constantly monitoring all Internet pathways, get one and get it installed immediately.
Best,
Fox