Windows XP How to get rid cryptolockers?

Mohammad Rahmati · Aug 14, 2014

I have a very important relation about cryptolockers!
It's About uninstalling cryptolockers
Open your task manager, enter the process tab and terminate the crypto's tree.
Open the Run menu and go to the msconfig program.
Enter the services tab and disable the crypto.
Enter the Startup tab and disable the crypto unit.
Enter the Document and settings folder located in your windows drive.
Crypto folder in the folder all users to find and remove it with all its system files.
That was so simple.
ha ha ha ha
they will not destroy us!!

Mike · Aug 18, 2014

If you're talking about BitLocker, I guess so.

Trouble · Aug 18, 2014

http://blog.fox-it.com/2014/08/06/cryptolocker-ransomware-intelligence-report/

They are providing a free service for unlocking the ransomware. The link is in that article.
It has been around for a while and was a very devastating piece of malicious code.

Trouble · Nov 1, 2014

New.... as in brand new, Ransomware in the wild.

CryptoWall 2.0
It kicks CryptoLocker’s @$$.

Makes encrypted copies of all your files and deletes the originals. Then erases all shadow copies so previous versions will not work and then apparently deletes restore points.
It also infects mapped network drives as well as other shares and even you dropbox storage if you have it mapped.

So basically, if you don’t have backups, you’re properly screwed.

Infection Vectors
Since we detected the first CryptoWall 2.0 variant with our WildFire engine on September 29, we’ve seen over 85,000 separate attacks attempting to deliver the malware. The majority of these have come through e-mails with executable attachments, sometimes contained in .zip files. Most of the e-mail attacks used fake invoice, fax and voicemail themes with attachments named like the following:

Complaint_IRS-Id-12839182.scr

fax00415741732781728.scr

VOICE387-778-3454.zip

CH_Import_Information.exe

In the last week we’ve seen the attack vectors evolve to contain exploit kits as well. On October 19, the Kafeine posted a blog discussing the inclusion of CVE-2014-0556 in the Nuclear Pack exploit kit, which was installing CryptoWall 2.0.

Yesterday we picked up an e-mail campaign pretending to be a fax report that carried a .zip attachment with a PDF inside. The PDF exploits CVE-2013-2729 to download a binary which also installed CryptoWall 2.0.

SOURCE: Link Removed
AND
http://www.bleepingcomputer.com/virus-removal/cryptowall-ransomware-information

Trouble · Mar 10, 2015

And it seems that they've stepped up their game yet again with CryptoWall 3.0
Link Removed

Backup your files folks, image your systems and keep those on an external drive that is only connected to your system when performing the backups.

Windows XP How to get rid cryptolockers?

Mohammad Rahmati

New Member

Mike

Windows Forum Admin

Trouble

Noob Whisperer

Trouble

Noob Whisperer

Trouble

Noob Whisperer