Cryptolocker

[spazzz]

I just came across this little gem today.
Turns out my daughter said she had a problem with her computer and asked if I had heard of cryptolocker.

I thought it was the FBI warning /give us $300 to unlock your computer,virus. This one is FAR worse.
It's been 'out' since September and still no solution. These ratbastards 2048bit encrypt your files..pics,movies,documents.....everything, unless you pay-up a certain$$ for the key. That means you can't see or use chit.
You can get rid of the program easy enough but you can't get your stuff to be usable.
Talk about a hard drive eater, this is the worst one to date.

My solution will be to reinstall windows for my daughter.

Best to read up a little on this virus so you can take some precautionary measures.

Cryptoprevent by fooli*hit.com is highly recommened by most geek sites.
http://www.fooli****.com/vb6-projects/cryptoprevent/
I just installed it.
It's free, so why not.
For $20 you get life time automatic updates..............but who needs that. Just check once in awhile.

Another is rollback rx but I refuse to pay $79.

[Russosaur]

I never understand how you actually aquire that virus or whatever it is. Iv been tinkering with computer basiclly my whole life, never had a virus. I heard even if you pay whatever they want they don't actually give your stuff back.

Sent from my HTC Thunderbolt using Tapatalk

[spazzz]

My daughters machine sent me a strange e-mail last week, one of those all contacts type e-mails.
I didn't open it of course and told her she had some funk on her machine.
She must have opened an email out of curiosity.

If you read about it you'll see how some people might fall prey. Businesses with e-mails about invoices, bank statements or payroll might look legit to some employees.
People expecting packages and getting a ups or fedex delivery problem email would probably open it.
This one actually gives you a key if you pay on time before the program times out.
A lot of people actually pay the price and get there files back. It started at $100, then $300 and on my daughters machine it was $400.

I don't know if she lost anything. I didn't re-install windows since it is an old Thinkpad running XP.
I wanted to mess around with it so I tried in safe mode but the cryptolocker still popped up.
So I tried system restore and it let me. This virus doesn't disable your machine because it wants you to pay the ransom.
It just smashes all of your files with the encryption they use. In turn they are hoping it is worth the ransom, to get the decryption key and your files back.

After system restore( I picked Jan.13 to be safe) I ran MBAM, Sophos anti-virus toolkit and roguekiller.
A lot of garbage on all runs. My daughter listens but doesn't follow thru with pops advice sometimes.

Now I don't have a clue what she had on it before or what worked or didn't work.
I checked some movie files and music. Some files had contents that worked and others were empty.????
There was a lot of pictures that were viewable.


So ya know, I don't know. I won't be surprised if it resurfaces because there is still traces left.
It's all part of the experiment.

[Exile]

Email attachments, fake AV software, drive by downloads on websites, complete negligence of updates, etc etc for sources of viruses. Email attachments and drive-bys are prolly the biggest culprits.
Anyways sorry to hear you got cryptolocker. Its a genius but ruthless virus. Has caught a lot of attention in IT world. Whats funny is, the $300 key has been reported to actually work and be legit. Otherwise the drive is a lost cause and has to be wiped. As long as you formatted the drive completely and reinstalled Windows, it won't come back on its own.