August 18, 2014 No Comments-
For those of you who missed our previous articles about Cryptolocker, it’s a nasty virus that can permanently prevent you from accessing your files – unless you paid the criminal’s behind the malware a huge ransom.
Since then – when we explained it was impossible to get your files back without paying the ransom – there have been two hugely positive updates to the Cryptolocker story:
1. The criminals behind the infection have been caught and on trial for their crimes against computer users
2. Their computers were accessed and a method for accessing files locked by Cryptolocker has been created.
Victory good guys!
How to decrypt your Cryptolocker files
It’s great news that people can access their locked files without paying Cryptolocker’s ransom, but it’s still a tricky procedure. We’ll talk you through it below.
Start the process by uploading one of your encrypted files to a website: https://www.decryptcryptolocker.com/. Make sure you upload an encrypted file that doesn’t contain any sensitive or personally identifiable information!
Once you’ve uploaded the file, the decryption service will email you an unlocking key that can be used to give you access to your files, along with a piece of decryption software to do the actual unlocking. Think of the whole process as a bit like if you were giving a tissue sample to a doctor, who returns a medicine and a way of administering it.
You then have to open the Command Prompt (click the “Start” icon, then choose “Run”, type in “CMD” and press the “Enter” key). This brings up a black window that can be used to enter instructions directly into programmes.
At this point, you need to use the Command Prompt to browse to the location of the Decryption software that you downloaded, and enter the following information:
Decryptolocker.exe –key “<key>” <Lockedfile.doc>
(replace <key> with the key sent to your email address, and <Lockedfile.doc> with the name of the file)
If you don’t know how to browse to the location of the Decryption software using the Command Prompt, try looking for a tutorial online. It can be quite daunting (and you can do damage to your computer), so if you’re unsure, try to find someone who could help you.
Prevention: always better than cure
It’s great that users can now restore their Cryptolocker files, but the best solution to malware threats is not to wait for a cure, but to prevent infections before they happen.
If you’re running an up-to-date anti-virus tool like Norman’s Internet Security Suite, Cryptolocker would have been stopped before it did any damage to your files. Norman – and other anti-virus software – detect and prevent malware from running, stopping the malicious software before it has a chance to do any damage.
And even if you have been infected by Cryptolocker, using the “cure” doesn’t solve your problem, as you’ll need anti-virus protection to stop Cryptolocker from simply re-encrypting all of your files again.
Norman Safeground Blogs Archive