Possible Cryptolocker?

**Ferrit** · June 10th, 2014, 11:29 PM

Please view this file and tell me if you have seen it.
I cleaned this windows 7 computer today with malwarebytes (122 items) yet
it was still terribly boggy. I then cleaned using Combofix and this is what it deleted.
Anyone seen this or know if it is possibly Cryptolocker?
http://1drv.ms/1qqMpxF

**Zonie** · June 11th, 2014, 07:18 AM

Hi Ferrit. It looks like a good possibility as on the first line the NDde.dll file was also removed, which depending on what version this was, had a security hole issue for possible hack & or virus.

**Ferrit** · June 11th, 2014, 08:55 AM

Yes and I am wondering if because they took down those servers just recently thats why it didnt activate>
If so wow that was a close one.

**Zonie** · June 12th, 2014, 07:20 AM

I hear you. Unfortunately I wasn't that lucky about a month ago with one of my clients. They got hit with it and I had to wipe out their system and start over. Good thing they listened to me and had a backup.

**Kodiak** · June 16th, 2014, 04:49 PM

Is malewarebytes and combofix effective against cryptolocker? I had not even seen it until a week ago. All I have read about it was not much of anything was effective.

**Ferrit** · June 16th, 2014, 05:02 PM

Nothing is effective against cryptolocker except a full clean backup or to pay them to get the data back.

***SpywareDr*** · June 17th, 2014, 09:50 AM

BleepingComputer.com > How to prevent your computer from becoming infected by CryptoLocker

**Kodiak** · June 17th, 2014, 12:29 PM

Originally Posted by Ferrit

Nothing is effective against cryptolocker except a full clean backup or to pay them to get the data back.

I didn't think so and once the data is encrypted there screwed. If the data is recovered before are you ok or is the data infected?

***SpywareDr*** · June 17th, 2014, 01:25 PM

It's just encrypted.

**Zonie** · June 18th, 2014, 08:16 AM

Originally Posted by Kodiak

I didn't think so and once the data is encrypted there screwed. If the data is recovered before are you ok or is the data infected?

If you are talking like a backup, the data should be fine. If you are talking about trying to recover after the cryptolocker has been installed, there will be no recovery.

***SpywareDr*** · June 18th, 2014, 09:17 AM

Correct. Cryptolocker can be removed but, the files that it had encrypted then cannot be unencrypted. The only way to do that is to pay the $300 in order to get the unencryption code.

Solution: How to prevent your computer from becoming infected by CryptoLocker

Thread: Possible Cryptolocker?

Thread Tools

Display

Possible Cryptolocker?

Bookmarks

Bookmarks

Posting Permissions