| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 138707 | 2015-01-10 08:59:00 | New Ransomware | blanco (11336) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1391833 | 2015-01-13 03:08:00 | Did you try the fix wainui suggested,Fox-IT and FireEye ,looks like the only one Story here www.bbc.com looks like you are the only one here to be hit with this and it would be interesting on how you deal with it,helps us all Yes I tried that site. I sent them a simple excel spreadsheet and they said it was not a recognised file. So I do not think they would be able to decrypt most of my other files. After reading lots of articles about Crpytolocker and its 1024 bit encryption I think I would need to take my pc to the FBI or CIA to get them unencrypted. I also tried that Shadow Explorer which some people have reported good luck with. But in my case it did not find any folders after waiting a while. (It did find the folders on my C drive). Removing Crpytolocker seems relatively easy. Getting your files back seems impossible. (without paying the ransom, which I refuse to do. And there is even talk that they are missing out on money as they require payment in Bitcoins, which most people are not familiar with or able to set up in time to get the key before it expires!!! So you/we/I/they must do regular external backups. Which luckily I have, but they are a few weeks old. I love to know how I got it...... |
Digby (677) | ||
| 1391834 | 2015-01-13 04:41:00 | Looks scary,prevention is the best defence through Hitman Pro Alert or Cryptoprevent also Malwarebytes Pro Does this look familiar malwaretips.com |
Lawrence (2987) | ||
| 1391835 | 2015-01-13 05:17:00 | Been trying to find this post all day which I saw the other day www.bleepingcomputer.com ,My bet is on this |
Lawrence (2987) | ||
| 1391836 | 2015-01-13 05:55:00 | Been trying to find this post all day which I saw the other day www.bleepingcomputer.com ,My bet is on this With 26 pages of posts on that forum it looks like many people have been hit with this malware. (most of them seem fairly computer literate) But the whole scene is too complicated and changing on a daily basis fro me to attempt it. Eg some on that forum believe that the creators of the malware are reading the forum and updating their software to combat any fixes! Why doesn't the Russian government track the guy down and run an exe on him? |
Digby (677) | ||
| 1391837 | 2015-01-13 06:33:00 | Seems like are variants written daily,seems like trying to remove it by other means compromises the outcome with Emsisoft Decryptor If you have file back up or a image of your system better to use it See you added a post to the forum,I would use Hitman Pro,Kaspersky Rescue Disk 10,adwcleaner or RKill 2.7.0.0 These worked for the earlier Ransomware virus,try anyone but the first 2 are proven |
Lawrence (2987) | ||
| 1391838 | 2015-01-14 17:33:00 | I have restored from my backups. But they are 2 week old. It will teach me for not doing them more often. But when you have so much data backup up gets a bit tedious. I will have a full review of my backup procedures. |
Digby (677) | ||
| 1391839 | 2015-01-14 21:54:00 | Good to know that you have solved the problems and note what you say regarding backup frequency. You may be hit again by ransomeware, so search for, download and install a recommended anti-encryption program. |
blanco (11336) | ||
| 1391840 | 2015-01-15 05:51:00 | Is data on a separate partition to the O/S but on the same HDD encrypted as well? Anyone know? |
zqwerty (97) | ||
| 1391841 | 2015-01-15 06:21:00 | Is data on a separate partition to the O/S but on the same HDD encrypted as well? Anyone know? Take it as yes it can, would take a few seconds longer. The infection is capable of spreading over a LAN and encrypting other computers, servers etc, so a drive on the same PC wouldn't be a problem. |
wainuitech (129) | ||
| 1391842 | 2015-01-16 03:56:00 | My set up was/is three physical hard drives C D and E. C has Windows and Programs D has data E has a copy of the data. The log Cryptolocker created said that it had encrypted all of my data files on C D and E. But that is not true as I disconnected my E drive before it could get to it. (I have a lot of files on D and E) (It did not get all of the file son D drive either) |
Digby (677) | ||
| 1 2 3 4 | |||||