Posted on 10/26/2013 1:29:26 PM PDT by NoLibZone
Heads up and Prevention of New New Virus sweeping the Interwebs: CryptoLocker
http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information
PROBLEM:
CryptoLocker is a ransomware program that was released around the beginning of September 2013. This ransomware will encrypt certain files using a mixture of RSA & AES encryption. When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransom of either $100 or $300 in order to decrypt the files. This screen will also display a timer stating that you have 96 hours, or 4 days, to pay the ransom or it will delete your encryption key and you will not have any way to decrypt your files. This ransom must be paid using MoneyPak vouchers or Bitcoins. Once you send the payment and it is verified, the program will decrypt the files that it encrypted.
One Easy Solution:
The easy to use free tool to change group polices to block your Hard Drive from unauthorized encryption: http://www.foolishit.com/vb6-projects/cryptoprevent/
First I scanned the CryptoPrevent using VirusTotal.com to make certain its clean. It is.
Then I used MalwareBytes to make sure I an clean.
Then I ran a new restore point.
Then I ran the one click CryptoPrevent and tested. It worked.
Image of the little app dialogue:
http://imgur.com/5M9bDyU">
(Excerpt) Read more at bleepingcomputer.com ...
I'd really like to see some verification from trusted Freepers before I go and install this thing on all my family's computers.
Thanks.
Who ya gonna call? Obamabusters!
BFL, gonna come back to this if anyone confirms the tool is clean.
There was another ransomware “FBI virus” which held computers hostage claiming child porn, and unlocking it for money, too:
Here (among many places) are instructions: http://www.trishtech.com/2011/05/disable-file-encryption-in-windows-7-using-group-policy/
It's straightforward, and if you don't use encryption it should be set this way, anyway.
This is a case where I would be perfectly fine with the government hunting the scum behind this scam down and exterminating them. Painfully. They are pure scum.
McAfee Internet Security gives a warning about going to the website www.foolishit.com
“www.foolishit.com
Surely you jest.”
Ding, Ding, Ding! We have a winner!
http://www.snopes.com/computer/virus/cryptolocker.asp
Thanks, Fred. Much appreciated. I'll check it out.
I just fixed my lady friend’s laptop from this crypto virus-malwarebytes-trojan (whatever). The virus doesn’t disable Windows restore to earlier date, so I simply shutdown the computer (Ctrl+Alt+Del), pressed power-button at least 10 seconds because it Windows hanged, then boot to Safe Mode, restored Windows to earlier date, and DONE! I had to download her Malwarebytes Pro and did full scan.
Done and done! Thanks, FS. The simplest solution is often the best solution.
Bookmarking.
Does it only go after Windows 7?
Bfl
This person needs be caught and summarily executed. In a public and painful manner. Preferably burned alive at the stake on the Washington Mall, with major live network feeds to the whole world.
Bump....
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.