Phil
asked on
cryptolocker
my clients computers have been infected with cryptolocker. I'm trying to assist them. Any suggestions for removal?
Thanks!
Thanks!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
My client has evidently been able to remove the virus but files on their shared network drives are still encrypted. They have run malwarebytes and combofix, but not superantispyware. They are going to try it now. They are going to copy one of the infected files from a network drive to a disconnected workstation, run the scans and hope it works.
Thanks again!
Thanks again!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
They are working with their IT firm to do a restore. Evidently, though, their IT firm is having difficulties and not returning calls. They received a message on their workstation telling them to pay a certain fee by the end of this week. If they pay the fee, a key to fix their files will be sent to them, otherwise the encryption is permanent. This is unbelievable!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I will call this morning to find out the randsom amount and more details on how was received.
ASKER
I called my client and they informed me that they did not actually receive a ransom amount. They also mentioned that they had two active viruses. The first virus made it appear that all files were undetectable on the hard drives. They fixed that virus and then the cryptolocker established itself. They don't know if the two viruses are connected.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Excellent responses, thank you so much!
A real preventative solution is posted here:
http://www.experts-exchang e.com/Secu rity/Vulne rabilities /Q_2823364 8.html#a39 474622
http://www.experts-exchang
ASKER
Thanks!