Got hit with CTB-Locker.....

[SkvLTD]

And still no idea how exactly since I haven't downloaded anything unusual around the time it happened, nor anything from email (never even open sketchy ones) and unfortunately noticed something being off a little too late - most images, ps files, docs and texts got encrypted with the obvious demand for ransom $. Ironically no pending work got hit, nor most recent stuff I haven't backed up, but this still majorly sucks. I'm sure someone will come up with a means to recovery in the future and I'll back up more often now, but be careful surfing the net guys and gals!

What tipped me off was comp slowing down and ~10 COM Surrogate processes running, stopping and running again over-loading the CPU. Figured it was something bad and scheduled a boot scan that nailed the sucker.

 

[skater]

I run OS X and Linux, so I don't worry too much about this with my computers, but my wife uses Windows. I need to make sure things copied to our network share on the Linux server are set to read only.

The best defense, of course, is still good backups. I try to make sure I have double everything, and we upload our pictures to Amazon Glacier regularly. The one concern I have is that "recent" pictures might not be as protected, having not had the chance to go to Glacier yet. Usually, though, copies of those reside on more than one computer.

 

[SkvLTD]

I'm really only bummed about losing misc. things like tax PDFs, but I sent them off to all relevant places already and if really needs be can get them back. Ironically my stash of N-Photo was completely unscathed and folders before and after it got shredded to bits. Music and videos were untouched as well. Very good few zips as well.

 

[PapaST]

Sorry to hear that. Good thing you caught it relatively quickly. Sounds like you were well prepared and with this encryptor that's probably the best you can expect.

 

[AC016]

Some good info on prevention in the links below. The information in the links will also tell you what CTB locker is all about, what it does and how it usually infects systems.

Support Perspective: CTB-Locker and other forms of Crypto malware...and Upatre | Symantec Connect

CTB-Locker virus: How to protect your systems, and what to do if infected - TechRepublic

https://kc.mcafee.com/resources/sit...US/McAfee_Labs_Threat_Advisory-CTB-Locker.pdf

Knowing what you are up against is the best protection. Personally, i don't keep any files on my laptop. They are all offloaded onto my external hard drive, which is always offline until i want to use it.