Dismiss Notice
Join Physics Forums Today!
The friendliest, high quality science and math community on the planet! Everyone who loves science is here!

An HTML and computer securIty question

  1. Apr 28, 2016 #1
    Hi, some of my html and txt files have added the extension .crypt, i.e, they have become .txt.crypt and .htm.crypt. Now I deletes .crypt extension from .htm files but now they do not open correctly. How can I open correctly with internet explorer?

    Thank you.
     
  2. jcsd
  3. Apr 28, 2016 #2

    Borg

    User Avatar
    Science Advisor
    Gold Member

    That doesn't sound good. I haven't experienced it but it sounds like a ransomware attack.
     
  4. Apr 28, 2016 #3
    Yes, there is an attack and they want 500 dollars to decrypt them. But I have taken a backup all of my files. I will try to make a soft recovery for win8. How can this attack happen?
     
  5. Apr 28, 2016 #4

    Borg

    User Avatar
    Science Advisor
    Gold Member

    Visiting the wrong site or opening the wrong file is the most common way of getting infections like this. You should always be especially wary of anything that shows up in your email - even if it comes from someone that you know.

    Before you connect any backup to your computer, make sure that you have cleared the existing infection or it could infect your backups as well.
     
  6. Apr 28, 2016 #5
    You should try and identify the specific brand of ransomware.

    The first hit when googling "ransomware .crypt" (no quotation marks) is https://blog.kaspersky.com/cryptxxx-ransomware/11939/
    I hope this helps.

    This makes me think of a post stack-something of a guy that cracked the problem for some ransomware.
    you might be able to find it, don't know if it is relevant.
     
  7. Apr 28, 2016 #6
    Here is an alert - US and Canada, about ransomware and where you can get it - email, web sites, compressed files,
    https://www.us-cert.gov/ncas/alerts/TA16-091A
    Home users and businesses affected.

    Symantec estimates ( 2012 ) 400k$ per single C2 server ( whatever that is ) paid out from users.
    Slightly profitable for the ransom people.
     
  8. Apr 28, 2016 #7
    why cannot police catch them? Which antivirus program can protect from them? Antimalwarebytes was installed when this happened.

    If we haven't any antivirus program installed, how can we activate window's preinstalled protection program?

    Thank you.
     
  9. Apr 28, 2016 #8

    Borg

    User Avatar
    Science Advisor
    Gold Member

    A better question would be how to protect yourself. These days, you have to be the first line of defense for your computer. Police are mostly limited to their own jurisdictions such that a police dept. in Florida can't do much about malware coming from Russia. Antivirus software is only as good as its last update and won't generally protect you from yourself. Did you install any "free software" recently? Did you go to a 'free' music or movie site and click on anything? Is your browser and all of it's plugins up to date?
     
  10. Apr 28, 2016 #9
    How can I check wheter or not my browser's plug-in is up-to-date? Even I do not know if there is any plug-in my browser. There are only 4 websites which I usually visit to download free things so how can I determine whether or not these four sites are dangerous?
    Thank you
     
  11. Apr 28, 2016 #10

    Borg

    User Avatar
    Science Advisor
    Gold Member

    It depends on your browser. If your browser is Firefox, click on Tools -> AddOns. It will bring up a page where you can update any plugins. I would also google every plugin to verify that it is legitimate.

    If you're going to any website to download 'free' movies, you're just begging to get infected. For the websites that you are visiting, I would start by googling phrases like how to get a computer virus.
     
  12. Apr 28, 2016 #11

    Borg

    User Avatar
    Science Advisor
    Gold Member

    Another note. Protection is not just about installing antivirus software and assuming that you're protected. You have to take a layered approach to protect yourself. This includes but isn't limited to
    • Installing antivirus software and keeping it up to date
    • Installing a firewall. Many viruses will initially install a small script that will try to connect to a web site to perform additional tasks such as installing software or sending private information to the site. A good, up-to-date firewall will let you know as soon as anything new tries to go to the internet.
    • Keep your computer's OS up to date with patches.
    • Treating all links and downloads with great suspicion. If you are visiting a new site, google it with phrases like 'virus' added to the search. You can get lots of advanced intell before you go there and do anything. You can get infected from some sites just by opening the page if your browser or computer isn't up to date on its patches.
     
  13. Apr 28, 2016 #12
    Usually they reside in countries with weak laws and police forces. Do not pay. Try Borg's suggestions.
     
  14. Apr 28, 2016 #13
    Disabling Java in your browser is also a good thing. Only turn it on, and when on at the highest security settings, when you go to a website -that you know is fine- that requires Java.

    I suspect doing a clean install Windows 8 will be the best way forward. To protect yourself, invest in anti-malware and anti-virus software. I use G Data Total Protection as well as Emsisoft Anti-Malware. But you could always use the security program that comes with Windows -- https://www.microsoft.com/en-us/safety/pc-security/windows8.aspx
     
  15. Apr 29, 2016 #14
  16. Apr 29, 2016 #15
    attack.png
    A moment ago, when I was in Youtube something strange happened. Now I cannot understand what is happening? Would someone guide me?

    Thank you.
     
  17. Apr 29, 2016 #16
    Have you done a full virus and malware scan yet?
     
  18. Apr 29, 2016 #17
    I have made a soft recovery, but then plugged a flash memory which include virüs but I have to do this because of wireless driver. After connecting to internet and updating antivirus program, Norton started to catch them. I have made a full system scan because antivirus might do it in the background. Antivirus is giving some responses automatically.

    Thank you.
     
  19. Apr 29, 2016 #18
    attack2.png


    This is the another notification from Norton as Activity 11 instead of 16 . Am I under attack? Is someone try to access to my PC now?

    Thank you.
     
  20. Apr 29, 2016 #19
    Yes but it appears to be blocked. Do a full system scan now.
     
  21. Apr 29, 2016 #20
    I have started to do it but I have a better idea. I would like to make them lost my track. How can I become invisible to them? How are the attackers finding me on the internet among millions of computers.

    Thank you.
     
Know someone interested in this topic? Share this thread via Reddit, Google+, Twitter, or Facebook

Have something to add?
Draft saved Draft deleted



Similar Discussions: An HTML and computer securIty question
  1. Computer Security (Replies: 3)

  2. HTML question (Replies: 9)

  3. Computer security (Replies: 28)

  4. HTML/CSS Question (Replies: 6)

Loading...