Jump to content


Photo

Cryptolocker

ransomware cryptolocker

  • Please log in to reply
5 replies to this topic

#1 psommer

psommer

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 16 October 2013 - 11:52 PM

I am a victim of the ransomware Cryptolocker. After I pay the criminals $300 to get my encrypted files back, will Immunet 3.0 remove the malware from my computer?

*sigh*
  • Tibag5bl, lcdkwehscj and Teedditly like this

#2 ritchie58

ritchie58

    Staff Member

  • Moderators
  • 1,846 posts
  • LocationOil City, Pa. U.S.A.

Posted 17 October 2013 - 09:28 AM

Do not pay the ransom. It will be money lost because most times the malware will still be present even after payment. You provided little information other than the infection name. Did you have Immunet installed on your system before you encountered the infection? What is your Operating System? This is important as to how we proceed with riding your system of this malware.
  • Zurchiboy likes this

* Immunet Global Forum Moderator *


#3 Pedersen

Pedersen

    Administrator

  • Administrators
  • 250 posts

Posted 17 October 2013 - 09:34 AM

Hello psommer. Try to use Hitman Pro kickstarter to get rid of that infection. Immunet is mostly build to prevent such infections to happen so I recommend you to use it always.

Best regards
Pedersen
Pedersen. Sourcefire Administrator.

#4 AUDIdynamite

AUDIdynamite

    Newbie

  • Members
  • Pip
  • 2 posts

Posted 28 October 2013 - 11:50 AM

Hitman proved to be good.Bleeping computer also advise on using malwarebytes. My brother removed it with mlawarebytes. Here is an instruction: http://privacy-pc.co...cker-virus.html

#5 builder

builder

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 13 December 2013 - 01:18 AM

I just got this today. Don't know how....Immunet was installed and running. I'm running Windows 7 Home Premium SP1.

I picked up lappy after not using for several hours and 2 of the 72 hours had already elpased....

#6 ritchie58

ritchie58

    Staff Member

  • Moderators
  • 1,846 posts
  • LocationOil City, Pa. U.S.A.

Posted 13 December 2013 - 10:53 PM

Sorry to hear you got infected with this screenlocker while Immunet was installed. Something I find a little odd. I would venture to guess you were a victim of a drive-by download by a malicious web site or link. I also bet that this variant is using a valid digital signature. That's why Immunet's heuristic engines didn't detect it.

Anyway, Immunet can be run in Safe Mode (keep pressing F8 while booting up). Choose Safe Mode "with" Networking, update Immunet manually to make sure you got the newest signature definations for ClamAV or the TETRA module (depending if you're a Plus or Free user, use TETRA & disable ClamAV if you're a Plus user). Turn on "Scan Archive Files" and "Scan Packed Files" by clicking on the Scan Settings tab in Settings. This will increase the scan time but you'll get a much deeper scan this way. Then run a full scan of all your drives. If that's unsucessful and since you have access to another computer you could download Emsisoft's Emergency Kit 4.0.0.17 and unpack the contents to a flash drive. Then plug the flash drive into your infected PC and use the tools to clean your machine. Emsisoft's Emergency Kit is great at cleaning an already infected machine where internet access (even in Safe Mode) is denied by the malware. Here is a link for more info on how to use and download the tools. http://www.emsisoft....n/software/eek/ It is recommended that you also use these tools in Safe Mode.

Let us know how it goes.
Regards, Ritchie...

* Immunet Global Forum Moderator *






Also tagged with one or more of these keywords: ransomware, cryptolocker

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users