Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Crypto Locker ransomware


13 Sep 2013   #1

64-bit Windows 8.1 Pro
 
 
Crypto Locker ransomware

I heard reports of a new piece of malware that is going around. This one is particularly nasty, It Encrypts all of the data on your drive and mapped network drives with a RSA 256 bit AES key. Once encrypted there is no way to decrypted. The only way to get the files back is from an off site backup (because if the backup drive is local it also gets encrypted) or to actually pay them the money in which they apparently decrypt your data.

Crypto Locker ransomware-crilock.png

Source... Crypto Locker - Virus, Trojan, Spyware, and Malware Removal Logs

Play it smart ... make regular backups of your system!!!



My System SpecsSystem Spec
.

13 Sep 2013   #2

Win7 Ultimate X64
 
 

WOW just read up on this and its a nasty piece of kit, just unplugged my raid NAS before leaving the office for the weekend
My System SpecsSystem Spec
13 Sep 2013   #3

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1 Pro
 
 

Quote   Quote: Originally Posted by Tews View Post
Play it smart ... make regular backups of your system!!!
Exactly!

Backup Complete Computer - Create an Image Backup
My System SpecsSystem Spec
.


23 Oct 2013   #4

Windows 7 Ultimate
 
 

My brother got this horrible virus at work and not only he but also a few other guys, it seems it was a targeted attack or smth. Really scary stuff. For those who have the same problem, I recommend using Shadow Explorer.

ShadowExplorer - Recover Lost Files and Folders

Remove CryptoLocker virus and restore encrypted files

By the way, they were using fully updated antivirus software that didn't help. So, you may also want to use this tool:

CryptoPrevent | Computer Technician - PC Repair Software |Foolish IT LLC

Cheers!
My System SpecsSystem Spec
26 Oct 2013   #5

Win 7 x64
 
 

I created a video describing some possible steps you can take to help prevent getting the CryptoLocker virus. It seems like most people infected get it through an email attachment which looks like a pdf. You can also mitigate the harm it does by having a good backup not connected to your PC as described in the previous posts in this thread. I got the info from the bleepingcomputer website's writeup on this virus.

Link to website: CryptoLocker Ransomware Information Guide and FAQ

My System SpecsSystem Spec
12 Nov 2013   #6

Windows 7 Pro x64 SP1
 
 

As has been said so many times. BACKUP BACKUP BACKUP.

You can never have enough backups. Image backups are really important in cases like this.

Rich
My System SpecsSystem Spec
14 Nov 2013   #7

Windows 7 Home Premium x64
 
 

And how much you want to bet that the people who do pay don't get their files unlocked?
My System SpecsSystem Spec
14 Nov 2013   #8
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

You may be interested in what (Grinler) Lawrence Abrams has to say .....

Soaring Bitcoin prices hurt the wallets of users paying CryptoLocker ransoms - News
And this http://krebsonsecurity.com/2013/11/c...up-the-ransom/

Quote:
the crooks behind this scam began easing their own rules a bit to accommodate victims who were apparently willing to pay up but simply couldn’t jump through all the hoops necessary in the time allotted.
“They realized they’ve been leaving money on the table,” Abrams said. “They decided there’s little sense in not accepting the ransom money a week later if the victim is still willing to pay to get their files back.”
My System SpecsSystem Spec
16 Nov 2013   #9

Windows 7 Ultimate Retail Box (64-bit installed) + Service Pack 1
 
 

What are the known spread methods for getting this virus in the first place?

Example:
Running a big executable that does all the dirty work that was disguised or part of something else a user wanted?
My System SpecsSystem Spec
16 Nov 2013   #10
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Quote:
How do you become infected with CryptoLocker
This infection is typically spread through emails sent to company email addresses that pretend to be customer support related issues from Fedex, UPS, DHS, etc. These emails would contain a zip attachment that when opened would infect the computer. These zip files contain executables that are disguised as PDF files as they have a PDF icon and are typically named something like FORM_101513.exe or FORM_101513.pdf.exe. Since Microsoft does not show extensions by default, they look like normal PDF files and people open them.
source: CryptoLocker Ransomware Information Guide and FAQ
My System SpecsSystem Spec
Reply

 Crypto Locker ransomware




Thread Tools



Similar help and support threads for2: Crypto Locker ransomware
Thread Forum
Bit Locker With TPM System Security
Google flips default switch for always-on Gmail crypto. Security News
RSA crypto defiled again, with factoring of 768-bit key Security News
Crypto Services and Data Security in Windows Azure. Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 06:53 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33