Endpoint Protection

dear, good afternoon I have a problem with a user's computer using Windows 7 Enterprise operating system, the user received an email attachment but it has also put my team and I get these messages infected and can not access the files. I wonder if there solution to encryptors threats.

thank you for your help.

The only way to is to restore from a good working backup. Othrwise files are lost. Are you running all components for SEP?

Support Perspective: CTB-Locker and other forms of Crypto malware

https://www-secure.symantec.com/connect/blogs/support-perspective-ctb-locker-and-other-forms-crypto-malware

Recovering Ransomlocked Files Using Built-In Windows Tools

https://www-secure.symantec.com/connect/articles/recovering-ransomlocked-files-using-built-windows-tools

Cryptolocker Q&A: Menace of the Year

https://www-secure.symantec.com/connect/blogs/cryptolocker-qa-menace-year

First Response to: Cryptolocker \ Ransomcrypt\ Encryptor

https://www-secure.symantec.com/connect/articles/first-response-cryptolocker-ransomcrypt-encryptor

The Day After: Necessary Steps after a Virus Outbreak

https://www-secure.symantec.com/connect/articles/day-after-necessary-steps-after-virus-outbreak

https://www-secure.symantec.com/connect/forums/cryptolockercryptodefense-defenses

https://www-secure.symantec.com/connect/forums/there-fixtool-recover-files-encrypted-ransomware

System Infected: Trojan.Cryptolocker

http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=27046

Hello,

New variants of Trojan.Zbot and Cryptolocker are seen every day, unfortunately. Even with the latest definitions, AV alone is not enough to guarantee complete protection against every new strain that is developed.

Do be sure that you are using IPS, Download Insight, SONAR and other protections in the network. Also that a disaster recovery procedure (backup and restore) is in place in case the worst does happen.

New variants of these cryptolocking files are always being released into the wild. These articles contains very good advice on how to stay safe:

Support Perspective: CTB-Locker and other forms of Crypto malware
https://www-secure.symantec.com/connect/blogs/support-perspective-ctb-locker-and-other-forms-crypto-malware

Recovering Ransomlocked Files Using Built-In Windows Tools

https://www-secure.symantec.com/connect/articles/recovering-ransomlocked-files-using-built-windows-tools

Ransomcrypt: A Thriving Menace

https://www-secure.symantec.com/connect/blogs/ransomcrypt-thriving-menace

and also these resources:

Additional information about Ransomware threats

http://www.symantec.com/docs/TECH211589

Regards,

the problem I have is with a user equipment which has been contaminated trayanos that encrypt files, files with extension such as .pdf, .doc, .xls, .ppt has made to files with extension .ezz as I want to open the file simply nothing and leaves me open the file contents.
all this has gone from a link to buy tickets for air travel.

  I spent the stinger Mcafee but found nothing.

so the .dat McAfee endpoint is updated. is critical information is lost if the user is a manager. appreciate your help.

other image.

The only way to recover it is to restore from a known good backup.

You could try this site though to see if it can help.

https://www.decryptcryptolocker.com/

Hi Elmer Gomez,

Prevention is far better than a cure in the case of cryptolockers.  Once the files have been sabotaged, there is (in the great majority of cases) no tool or trick that will decrypt them.  Delete the corrupted files and restore from a backup, then strengthen defenses to prevent the computers from being infected again.

Support Perspective: CTB-Locker and other forms of Crypto malware
https://www-secure.symantec.com/connect/blogs/support-perspective-ctb-locker-and-other-forms-crypto-malware

Recovering Ransomlocked Files Using Built-In Windows Tools
https://www-secure.symantec.com/connect/articles/recovering-ransomlocked-files-using-built-windows-tools

Many thanks,

Mick