How to (hopefully) cure Cryptolocker

Cryptolocker is probably one of the major flavors of ransomware out there. You may notice it if at least one of the below is true:

  • Any file [i.e. more than one and different types] you open says it may be corrupt.
  • Anywhere there is an encrypted file, one or more notices are in the same folder where the file is.
  • Your web browser(s) default to where the web site to pay the “fee”.
  • You get a notice like below.

ransom1

Ransomware is where a computer you unintentionally click on an application you downloaded or a link and the software loads some malware onto your computer. Unlike the typical malware, ransomware will encrypt most of the typical data files [any documents that are associated generally with Microsoft Office, Outlook .PST files, PDFs, etc.]. It will then notified you that it did so and force you to pay a fee [usually $200 or more, most of the time using Bitcoins]. You generally have a time limit such as 3 or 4 days. After that your data is “history”.

There are a number of ways to combat ransomware but they depend on the type of ransomware.

If you have nothing “special” on the computer, the least amount of headaches would be to reformat and install Windows. You would probably end up doing this anyway.

You can pay the fee but it doesn’t mean they won’t come back.

You can try one of many tools at your disposal. Those tools include [and will work in various degrees of success]:

There is also the DecrypCryptoLocker which will allow you to upload a file [take something non-sensitive] and the site will send you a decryption key and an application to run to unlock your computer.

Even after you clean your computer of any malware, you are better off backing up your data, wipe the hard disk and re-install Windows. The ransomware may have still made your computer vulnerable to future attacks.

Early versions of ransomware actually left behind where you could find the decryption key. Newer versions have since fixed that. As well, sometimes the application that triggers the encryption may only begin after hours. So you may not see the issue until the following day [or after a weekend] and by that time, you lost hours if you decide to pay or not.

In December 2013 , Dell SecureWorks estimated that CryptoLocker has managed to infect 250,000 victims.

 

Advertisements

About ebraiter
computer guy

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: