Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


Sign in to follow this  
bookie32

cryptolocker virus

Recommended Posts

Hi guys I have a customer that has just had his computer infected with the cryptolocker virus...

 

Has anyone here any experience of this crap and how to decrypt files on an infected computer...

 

I have removed the virus but then again it leaves a ton of crap in its wake so it doesn't need to be still active...;)

 

I have tried recovering the files and most just can't be recovered despite what others have written...

 

My customer is considering paying the ransom...but I still don't think that will help him...

 

What is the matter with these clowns creating such crap!!

 

Before long the Internet as we know it will be a thing of the past...and all because there are those that think it is fun to destroy everything for others...

 

bookie32

 

Share this post


Link to post
Share on other sites

It depends on the exact version of the malware, some older version can be unencrypted a few more modern variants can also be "worked around", for many versions there is no known solution AFAIK. 

 

For the record - however - there must be a number of concurring events (often but not always including a not secured setup, the lack of a working antivirus, and a PEBCAK) to actually be infected, it is not "the end of the internet" in itself.

 

jaclaz

Share this post


Link to post
Share on other sites

Hi jaclaz!

Its a bummer for the customer...don't think he is the most careful person...when it comes to clicking here and there....;)

 

bookie32

Share this post


Link to post
Share on other sites

Find around whether this particular ransomware is using an encryption method that can be decrypted (older Cryptolocker/CTBLocer ciphers had been cracked by the IS specialists AFAIR). If it can't then find out whether paying ransom will really let you decrypt the files - some are so crappy that paying ransom helps you nothing.

 

Depending whether the conditions above are fulfilled, three different ways of behaviour can be applied:

- Decrypting the files using the tools available in the internet;

- Paying the ransom and decrypting the files;

- Crying of lost content.

 

AFAIR Cryptolocker is one of "smarter" ransomwares and its never versions uses strong cipher with no workaround.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×