URGENT VIRUS WARNING: CryptoLocker ransomware

Surely Microsoft could do far more to prevent this.
Antivirus, patch after patch, user account control, ... have all but failed.
 
One of the best ways to avoid this crap is to:
1. Not click on attachments, use print preview instead.
2. Make regular backups onto an external medium
 
Got this fun thing today, one laptop.

And one encrypted network folder.

Got backups. Luser didn't have any backups. Sorry to hear that.

I'm still miffed at the luser seeing the CryptoLocker screen, but connecting said laptop nevertheless... :mad:
 
Zertop said:
Has anyone checked the %temp% folder as soon as they get the notice?
Click to expand...
Do tell us why.

edit : found lots and lots of *.tmp files.

As I cannot get cryptoblocker to uninstall from this laptop, I'll install Windows clean on another HDD, move the current cryptolocked HDD to an USB enclosure, and take a shufty at the tmp files.

Maybe there is a chance for other users if what I think is correct...
 
Last edited:
Pay the ransom if you need the files. As far as I know, cryptolocker did the encryption and implementation right so is not reversible without the key stored on their server.
 
Koosi said:
One of the best ways to avoid this crap is to:
1. Not click on attachments, use print preview instead.
2. Make regular backups onto an external medium
Click to expand...

Point 1 is invalid as that has been proven to be vulnerable to attack even we opening files through web access to your emails.

Point 2 is really really important for all data that you consider valuable. If you don't have 2 copies of valuable data and you lose it I feel no pity.
 
Theres a fake microsoft security essentials virus going around as well. It just appears as a new tab (not a pop-up) each time you visit a site. I learnt the hard way and got infected sometime back. I was on the mail and guardian web site, getting my daily intake of current affairs when the tab unexpectedly appeared. If you touch any controls or buttons on the window, YOU WILL GET INFECTED!!! Rather disconnect from the internet and close all instances of Internet Explorer through task manager. Also run up a scan with NOD32 online scanner. No matter which button you click on, it will still return a value, so remember to close it through task manager. It's the first time i've seen scareware of this calibre
 
Anybody heard of the Locky Decrypter virus as one of my colleagues at work opened one of these attachments and has locked all the files on the pc as well as the mapped network drive to our database was hit. So i kinda need some help with this does anybody know what to do to get rid of this F#@^king Virus been at it for days. I have tried Numerous things Please HELP! i can upload Attachment. this is the ransom that came with it.

All of your files are encrypted with RSA-2048 and AES-128 ciphers.
More information about the RSA and AES can be found here:
http://en.wikipedia.org/wiki/RSA_(cryptosystem)
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

Decrypting of your files is only possible with the private key and decrypt program, which is on our secret server.
To receive your private key follow one of the links:
1. http://6dtxgqam4crv6rr6.tor2web.org/43E80C7E9908D1B6
2. http://6dtxgqam4crv6rr6.onion.to/43E80C7E9908D1B6
3. http://6dtxgqam4crv6rr6.onion.cab/43E80C7E9908D1B6
4. http://6dtxgqam4crv6rr6.onion.link/43E80C7E9908D1B6

If all of this addresses are not available, follow these steps:
1. Download and install Tor Browser: https://www.torproject.org/download/download-easy.html
2. After a successful installation, run the browser and wait for initialization.
3. Type in the address bar: 6dtxgqam4crv6rr6.onion/43E80C7E9908D1B6
4. Follow the instructions on the site.

!!! Your personal identification ID: 43E80C7E9908D1B6 !!!
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X