Quantcast

Maximum PC

It is currently Sun Sep 21, 2014 7:36 pm

All times are UTC - 8 hours




Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: Cryptolocker virus help :-/
PostPosted: Mon Oct 07, 2013 10:26 pm 
Klamath
Klamath

Joined: Sun Aug 13, 2006 7:07 pm
Posts: 281
My Intel t420s work laptop was got a bug!

Cryptolocker is the name. Not screwing with the machine until I here from the guru's here.
Don't want to screw anything up.

Nod32 antivirus is on the machine, but unable to update.
SuperantiSpyware is on, but not seeing anything on the scan.
Windows defender sees nothing

Any advise on how to move forward would be great!
Thank you!


Top
  Profile  
 
 Post subject: Re: Cryptolocker virus help :-/
PostPosted: Tue Oct 08, 2013 7:17 am 
Million Club - 5 Plus
Million Club - 5 Plus
User avatar

Joined: Sat Jul 08, 2006 6:23 am
Posts: 2629
Location: Folding as BlackSun59
The first thing I'd try is Malwarebytes. If that doesn't work, then your best bet would be to use your backup files.
Paying the "ransom" may not work as the server has been supposedly offline since mid-September.
http://mw-computers.com/wp-content/uplo ... -Alert.pdf
http://community.spiceworks.com/topic/3 ... nds-beware


Top
  Profile  
 
 Post subject: Re: Cryptolocker virus help :-/
PostPosted: Tue Oct 08, 2013 12:36 pm 
Thunderbird
Thunderbird
User avatar

Joined: Sun Dec 30, 2007 6:17 pm
Posts: 852
Location: Phoenix, AZ
It is easy to remove the ransomware, but your files are lost. As was mentioned, even if you go to Walmart and buy a GreenDot card and pay the ransom the server is shut down by the FBI so will no longer work. Since it uses RSA (and NSA backdoored AES) encryption with public keys not even the NSA can decrypt your files.

One hope is using ShadowExplorer (if you don't backup) to see if any shadow copies are present to recover your files or at least an older version of them.

Man, you sure aren't alone. Bleeping Computer has a complaint/report thread that is only 3 weeks old and is 37 pages as I type this. Wilder Security is accumulating an equally impressive complaint thread. I feel badly for all who have had their files encrypted with no recourse. This is really the first I have seen of a truly destructive piece of malware in years.


Top
  Profile  
 
 Post subject: Re: Cryptolocker virus help :-/
PostPosted: Thu Oct 10, 2013 6:57 am 
Million Club - 5 Plus
Million Club - 5 Plus
User avatar

Joined: Sat Jul 08, 2006 6:23 am
Posts: 2629
Location: Folding as BlackSun59
FascistNation wrote:
It is easy to remove the ransomware, but your files are lost. As was mentioned, even if you go to Walmart and buy a GreenDot card and pay the ransom the server is shut down by the FBI so will no longer work. Since it uses RSA (and NSA backdoored AES) encryption with public keys not even the NSA can decrypt your files.

One hope is using ShadowExplorer (if you don't backup) to see if any shadow copies are present to recover your files or at least an older version of them.

Whoops. FN is quite right. If you remove the ransomware, you also remove one of the crypto keys, and that means your data is permanently lost.


Top
  Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 8 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group