46
Technical Help / Re: CTB LOCKER
« on: Monday 15 December 14 14:30 GMT (UK) »
hey, i have dealt with this one a few times and removed it successfully apart for one time which was the original crypto locker, the main question with this one is if it encrypted your hard drive, as if its not encrypted it can be removed easily.
the message always says it has encrypted your information but in most cases it hasn't it just uses ransomware to try and get money out of you.
if it has encrypted your hard drive i know there is a free tool to decrypt it now which wasn't available when it first came out. but i cant remember where about it is online will have a look later, and i don't think it was very user friendly from what i remember lol.
have you been able to log into the machine in safe mode?
its purely to see if the files are encrypted after u get past that blackmail screen.
it was mostly documents and photos it usually targets if it does.
if you can get access to safe mode or safe mode with internet access i could do remote access to check it for you, but i suggest not trying to remove the virus until you can confirm if the hard drive is encrypted as you need the private key & public key to decrypt it.
ps normally i would only offer remote assistance to customers as you do not know me but its really a choice of having it checked over free doing this or taking it to a shop, as if your drive is encrypted there is a good chance you will lose most of your info if removal is attempted but the good news is there usually bluffing ;p
spy hunter 4 will probably remove the virus but if your hard drive is encrypted u will lose access to everything but its a spyware removal program i have never used, better to use a free 30 day trial of http://www.surfright.nl/en/hitmanpro/ to remove it. but only attempt once you confirm its not encrypted.
https://www.decryptcryptolocker.com/
was the security firm offering decrypting keys for the virus, but check for encryption first hope it helps..
the message always says it has encrypted your information but in most cases it hasn't it just uses ransomware to try and get money out of you.
if it has encrypted your hard drive i know there is a free tool to decrypt it now which wasn't available when it first came out. but i cant remember where about it is online will have a look later, and i don't think it was very user friendly from what i remember lol.
have you been able to log into the machine in safe mode?
its purely to see if the files are encrypted after u get past that blackmail screen.
it was mostly documents and photos it usually targets if it does.
if you can get access to safe mode or safe mode with internet access i could do remote access to check it for you, but i suggest not trying to remove the virus until you can confirm if the hard drive is encrypted as you need the private key & public key to decrypt it.
ps normally i would only offer remote assistance to customers as you do not know me but its really a choice of having it checked over free doing this or taking it to a shop, as if your drive is encrypted there is a good chance you will lose most of your info if removal is attempted but the good news is there usually bluffing ;p
spy hunter 4 will probably remove the virus but if your hard drive is encrypted u will lose access to everything but its a spyware removal program i have never used, better to use a free 30 day trial of http://www.surfright.nl/en/hitmanpro/ to remove it. but only attempt once you confirm its not encrypted.
https://www.decryptcryptolocker.com/
was the security firm offering decrypting keys for the virus, but check for encryption first hope it helps..