Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander2015-04-13 07:26:24
Malware
Alexander, 2015-04-13 07:26:24

Cryptolocker and shadow copies?

I'm wondering if anyone can explain intelligibly? It is known that shadow copies do not copy all information, but only the changed blocks of data. This means that when infected with a cryptolocker, it may turn out that some files cannot be obtained from shadow copies, because part of the file will be encrypted. Explain please?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
L
ldv, 2015-04-13
@ck80

blog.macrium.com/2012/11/backup-internals-what-is-...
The changed blocks of the file are copied to the shadow storage. If the entire file is encrypted, then all blocks of the file will be in storage. If only part of the file is encrypted (modified), then the original blocks will be stored in the vault, i.e. you can easily restore the original appearance of the file.

Report
V
Vladimir Martyanov, 2015-04-13
@vilgeforce

Shadow copies are disabled and destroyed in a couple of lines of code. Draw your own conclusions.

Report
A
Alexander, 2015-04-13
@ck80

Yes, I am aware that some ransomware can overwrite shadow copies. But still I wanted to understand how it works.

Similar questions
F
fascicule2021-12-27 13:05:33
How to recognize a malicious scr file? 0Reply
D
Dmitry2016-06-03 09:30:30
What program to track through what the script entered the site? 1Reply
M
mihter2020-09-14 22:20:03
Unwanted google ads appear on wordpress site. How to get rid? 1Reply
D
Denis Bukreev2016-06-09 17:57:24
Infecting a poppy with a virus is nonsense. What to do? 2Reply
V
Vimake2014-08-18 22:06:20
What is the training literature on working with directx in c#? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question