Ramsomware - CryptoLocker, Cryptowall, TorrentLocker, Petya, CBT-Locker

Posted 4/25/2016 6:07 AM
#124383
User avatar

Advanced member

Hello,

If you are reading this it's likely you got the infection.

How did you get infected? Unfortunately, you opened the infection yourself, through an infected word document attached to an e-mail message, by downloading "torrents" from malicious links, by clicking on advertisements while browsing unsecured, by installing "fake" programs that promise to wrap your computer in gold. These things are designed to trick you.

Before anything else:

1. Take the computer out of your local network! If you have to get support online, then take all other devices off the network before you contact support. Some of these infections spread in the network.
2. If you did not run a full scan yet, with your security program, do it as soon as possible and better yet, scan in Safe Mode.
This guide shows how to access Safe Mode : https://www.computerhope.com/issues/chsafe.htm
3. Get support as soon as possible. Don't let time pass before you seek help. The more you wait the higher the probability nothing can be done.
BullGuard provides 24/7 support for our users, included with their subscription.

If you are looking to beat the infection yourself, let me start by saying that the infection itself is not very hard to remove. Most full scans get rid of the infection. The problem these ransomware infections pose is that, once they do somehow get to run on your computer and encrypt files, the files are lost. There is no getting them back by decrypting them. It's hard, if not impossible to decrypt the files, even with the right tools and skills.

What CAN you do about the files that are encrypted?

One is to be responsible and keep a backup (or two) of your important files. Nowadays, external hard drives and cloud backup solutions are cheap and easy to use. Note that you need only consider backing up personal data, like work documents, pictures, movies, e-mails and anything else you can't replace/recover. You can recover Windows with the disk and you can reinstall programs from their developers so you should not worry about those.

If you don't have a backup of your files, you can try to get the files back (at least a part of them if not all):

1. By either accessing the Shadow Volume Copies (a good method is to use Shadow Explorer https://www.shadowexplorer.com/downloads.html for this), if you had System Restore working on your computer properly and regularly, before the infection reached your computer.
2. Or you can try using R-Studio Data Recovery Software https://www.r-studio.com/ to recover the data.

If you are interested to know more about these infections there are a lot of very well written articles, so I will not repeat them. You can start from here https://en.wikipedia.org/wiki/Ransomware
Andreea-Luciana Ostache
Support Team Leader
[url]support@bullguard.com[/url]
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security 16

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
Posted 8/25/2016 12:35 PM
#124412
User avatar

NorthPole Advanced member

Date Joined Nov 2016
Total Posts: 176
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Monday, September 21, 2020, 3:34 PM (GMT +2)
There are a total of 61,828 posts in 13,648 threads.
In the last 3 days there were 1 new threads and 1 reply posts.

Who's online

This forum has 38,580 registered members. Please welcome our newest member, CJT1963.
There are currently no users on-line.
×

Just a minute

Privacy has never been so important.

Nearly 50% of online users are now using a VPN to protect their privacy.

Find out why

…and if it grabs you bag yourself a VPN bargain.

We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.