Crypto Locker: A New Kind of Virus

Crypto Locker is a new breed of computer virus. It infects your computer when you open an infected email attachment or you visit an infected web site. Once installed, Crypto Locker immediately goes to work encrypting your data so that you cannot open any file unless you comply with it's demands.

How Crypto Locker Works

There is nothing new about the way this virus gets on your computer. What makes Crypto Locker different is that once it infects your computer, it uses a unique security key to encrypt all of your documents.

This means that all your pictures, documents, spread sheets and many other files appear to be corrupted. Crypto Locker then displays a message on the screen giving you some number of hours in which to pay them $100 to $300, depending on the version you are infected with, to unencrypt your files. If you do not pay them before the timer runs out, the unique security key will be deleted and your files will forever be encrypted and of no use to you.

Cleaning the Crypto Locker virus off of your computer is no more of a task than cleaning others like the FBI or ICE viruses. Removing Crypto Locker is the easy part. If you remove it, your files are still encrypted and unreadable.

Crypto Locker Recovery

With a Recent Backup:

  • Restore your files to an uninfected computer and verify that they are not encrypted
  • Have a professional - not your nephew or the computer guy at work - clean the virus thoroughly
  • You can skip the cleaning and just reformat the hard drive and reinstall Windows, but this will require installing and configuring all your programs as if you had a new computer.
  • Restore your files from backup.

Without a Backup:

  • Pay the ransom, but use a prepaid credit card to do so. This is a gamble, but may be your easiest choice. Many people have reported that this unencrypted their files. Many reported that it did not.
  • Clean the virus, but as noted above, get a pro to do this.
  • If paying the ransom did not get your files back, contact Preactive IT Solutions. We may be able to recover some or all of them from Volume Shadow copies on your computer.

Preventing Crypto Locker

There are several things you can do to prevent losing your files to Crypto Locker:

  • Run a good Anti Virus software. Not Norton, AVG, McAfee, etc. Either Kaspersky or Trend Micro Titanium. These two are currently tied for number one.
  • Configure DNS service on your router from
  • Do not use an administrator account on your computer to do email and web surfing. Setup a limited user to work in.

Protecting Your Files

If the publishers of the Crypto Locker virus make a lot of money with it you can be sure that others will follow suit with similar malicious software. THE ONLY WAY to be sure your data is safe is to be sure you are running a complete, regular backup of your computer system. You should use a backup software that backs up multiple versions of files as they change so you can go back a few weeks if you need to.

If you need help with viruses or setting up backups, give Preactive IT Solutions a call at (281) 494-0894.