bookie32 Posted March 5, 2016 Share Posted March 5, 2016 Hi guys I have a customer that has just had his computer infected with the cryptolocker virus... Has anyone here any experience of this crap and how to decrypt files on an infected computer... I have removed the virus but then again it leaves a ton of crap in its wake so it doesn't need to be still active... I have tried recovering the files and most just can't be recovered despite what others have written... My customer is considering paying the ransom...but I still don't think that will help him... What is the matter with these clowns creating such crap!! Before long the Internet as we know it will be a thing of the past...and all because there are those that think it is fun to destroy everything for others... bookie32 Link to comment Share on other sites More sharing options...
jaclaz Posted March 5, 2016 Share Posted March 5, 2016 It depends on the exact version of the malware, some older version can be unencrypted a few more modern variants can also be "worked around", for many versions there is no known solution AFAIK. For the record - however - there must be a number of concurring events (often but not always including a not secured setup, the lack of a working antivirus, and a PEBCAK) to actually be infected, it is not "the end of the internet" in itself. jaclaz Link to comment Share on other sites More sharing options...
bookie32 Posted March 5, 2016 Author Share Posted March 5, 2016 Hi jaclaz!Its a bummer for the customer...don't think he is the most careful person...when it comes to clicking here and there.... bookie32 Link to comment Share on other sites More sharing options...
Mcinwwl Posted March 6, 2016 Share Posted March 6, 2016 Find around whether this particular ransomware is using an encryption method that can be decrypted (older Cryptolocker/CTBLocer ciphers had been cracked by the IS specialists AFAIR). If it can't then find out whether paying ransom will really let you decrypt the files - some are so crappy that paying ransom helps you nothing. Depending whether the conditions above are fulfilled, three different ways of behaviour can be applied:- Decrypting the files using the tools available in the internet;- Paying the ransom and decrypting the files;- Crying of lost content. AFAIR Cryptolocker is one of "smarter" ransomwares and its never versions uses strong cipher with no workaround. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now