Thanks Britec! I was nearly convinced into downloading a fake Java which is truly a virus,but I remembered one of your videos,and exited out of the browser page
Hey Brian, thanks for spreading awareness on this nasty ransomware. My office computer were ALL infected with this, luckily my IT guy made daily backups. If we didn't have something I restore to, it would have costed us thousands. I'm really glad you're making this virus known, wouldn't want anyone to have to go through what we did :) good video!
I don't think there is a way to stop it once on the system, the reason the program did not show in video is because it only shows its self once encryption is complete, so it will be encrypting data behind the scenes, you probably wont even know its doing it until its to late.
Keep an eye out as now there is a new variant called Cryptolocker 3.0 that no one has decryption for yet. And the old Cryptolocker site that was in collaboration with the AV companies has stopped their decryption service. Which is stupid as the AV companies should be continuing the service themselves.
Thank you again, Brian. You are such a blessing to me. I'm actually starting to understand this stuff! :) But please tell me...can I safely install CryptoPrevent while still running McAfee antivurus security? Or will they conflict? Please forgive me if this is a stupid question....
Hi thank you very much for the very well presented video, very reassuring even though i have not been "had" by one of these its good to know with a calm methodical approach, right tools these nasty so and so's can be dealt with . Funny at times your accent reminded me of Holly off Red Dwarf. Take it easy.
Thank you for another great tutorial. Huge fan of your work. There is one thing I'd like to ask. What should I do if the given time expired and my antivirus deleted the CryptoLocker ? Are my files gone forever ? Will I still be able to recover my files, perhaps using the same method mentioned in your tutorial ? Thanks in advance and keep up the good work.
okay, i'm scared now. the only re-assurance i have aside from protection on computer is that I have two computers, so if something like this ever happened i could watch your 'thanks so much for it' tutorial and take care of the problem. You sir are a really good person, sharing your knowledge with (and i speak only for myself) the technically challenged. Thanks again!
Alyssa the better way to know it will not happen it happen to me i downloaded AVAST November 2013 i had it ever since they will protect your computer on all levels i am secure with AVAST then any other protection make sure you download the free edition
Kevin's suggestion to use Avast is great. Avast is a very powerful antivirus, even in the free version. Avast and AVG are the top-of-the-line free AV programs out there. If your PC is mid- or low-end, you could also get Spybot Search & Destroy to protect against spyware (which can gather sensitive data), and download Malwarebytes Anti-Malware as well as their Anti-Exploit program. That's decent protection to start, but if your PC is fast enough, I also use Microsoft's EMET, IOBit's Malware Fighter and also their Advanced SystemCare. Using all of those that I listed, together with Chrome as my primary browser -- with Avast's protection extension as well as AdBlocker -- I haven't been successfully infected by anything other than a few minor PUPs that probably weren't even suspicious. There's no way to be completely invulnerable, but if you take the necessary precautions, you can protect your PC from most anything. :)
jacobjedi2 AVAST did not detect or prevent Cryptowall on my friend's computer. Spybot search and destroy said it found "some" malware, but wanted me to pay before they said what they were and eliminated them
Avast unfortunately isn't powerful enough to pick up everything, but that's because it's antivirus, not antivirus and antimalware. As for S&D, yeah, their paywalls are getting old but it's nice to have a bit of spyware protection. Have you tried Malwarebytes? It has been known to really kill ransomware and other forms of malware; it's just insane. Also, for proactive protection against ransomware and other appdata-based malware, what Brian mentioned in this video (CryptoPrevent) works really, really well. Use that in combination with Malwarebytes Anti-Exploit, Avast, and S&D, and unless you let the malware in, you probably aren't going to get infected.
I've had cryptolocker few times when I've ran scan with malwarebytes on safe mode, and always was able to remove it successfully. It has never popped up window or started to encrypt my data tho, maybe cause I've always ran some strong security suite like Kaspersky.
This comment is a bit late lol, but yes Kaspersky is an extremely powerful anti-virus software, but they also have a separate team that specialises in ransomware decryption services, which are included in the subcription
Great video. Very informative. One Question though if you don't mind, You mention Shadowexplorer, CAN YOU NOT USE WINDOWS RESTORE INSTEAD? Just wondering. Ty
There is no decryption method known as yet, so using the methods I mentioned in video are the only chance you have or take your chance paying for decryption of your files, which I would not recommend you do.
This is why I never map network shares, especially with the automatically reconnect option. I would connect the the shares as needed. Yes, it's annoying having to do the authentication every time, but it's worth the effort. I store all of my important data on my NAS. With malware like CrypotoLocker running wild out there, everyone who has important data should store this data on a NAS. As always, backup, backup, backup.
Hi Brian! Really appreciate all your videos and the work you do to help techs like me. I have two questions: 1) Where do you get all your cool wallpapers? 2) Do you have, or are you planning any help on dealing with the latest version of Crypto type ransomware: CryptoWall 2.0? I have encountered this new variant on client PCs 3 times in the last month. It appears that this new version behaves differently than the original version. Again, thanks for all you do!
I expect i may get some systems like this now, thanks for the tutorial mate :-), allways handy to know whats happened. Ive downloaded it, ill tell my frends to run the program straight away to add the policys. My head was a bit fuzzy last night so i didnt understand it, but today and many cups of tea and i can see the light lol. Please ask your frend if its possible to protect other directorys + whitelist files, im looking to the future changes i can see hackers making to the exe location.
Good Video, but I can see why people still 'PAY' in order to have their files DE-crypted once infected. Without a 'current' backup, thousands of files will become infected in short order and that is HUGE for people who have a lot of Data or at least very OLD data (Photos of Kids, Grand-Kids, Vacations, memorable moments, etc...).. Haven't even touched on the 'Corporate' side of things where people have potentially 10's of thousands of dollars worth of DATA. I suppose it's easy to say 'Never pay them', but my guess is that MANY will continue to do so when 'Sentimental' and/or 'Valuable' data is involved.
IMPORTANT INFO, Britec please put this in the description or something Afaik, previous versions / File history IS NOT ENABLED BY DEFAULT. It also does not appear in the properties for Windows 8/8.1, but it does exist. In windows 8 it's called File History. To enable and configure it go to Control Panel > System and Security > File History, or paste this into the explorer address bar: Control Panel\System and Security\File History
If you have paid for it go to your bank, explain what happened and process a chargeback. Once enough people get their money back, the crims will bugger off.
Thanks so much this video helped a lot and I got rid of it and it says you need to recover your files in a couple of days but when I got rid of the virus I still have my files and didn't have to recover them
Oh i wasnt slating your software nick, its more likely to be my windows acting silly. I did a quick fix and just replaced the registry from a backup. It was the settings for adjusting the system restore on every drive, the box for disable was also greyed out and beside it something like restricted by Group policy in brackets. As i love pain, and copying files ill have another go and see if it goes silly again ha ha :-))
Supposedly, on Aug 6th, some security research partnership got their hands on all of CryptoLocker's keys so you can recover your files easier. I saw that on another video about this ransomware. I still would say that using CryptoPrevent is a good idea, though, to protect against other forms of ransomware and malware.
Great video thanks man. But yoa know what's funny... If this happened to my computer I would laugh my ass off cuz I have everything backed up on external drives using a special system so even if I backup the virus I can still get my stuff back. Also there really ain't nothing important on my computer.
Thank you so so so so much for giving us the link to Cryptoprevent, and teaching us how to remove it should we get it! You rock. Liking, subbing.
I would just format my hard drive completely instead of using the tools. I feel safer doing a secure format anyways
Thanks Britec!
I was nearly convinced into downloading a fake Java which is truly a virus,but I remembered one of your videos,and exited out of the browser page
Hey Brian, thanks for spreading awareness on this nasty ransomware. My office computer were ALL infected with this, luckily my IT guy made daily backups. If we didn't have something I restore to, it would have costed us thousands. I'm really glad you're making this virus known, wouldn't want anyone to have to go through what we did :) good video!
The scary part is that they are allowing payment in 2 bitcoins. Which, at this current rate, is around 800 U.S. (dollars)
Make that over $14,000 fucking dollars in 2020 money.
@@MichaelOKeefe2009 What about 2021
Nice work man.you solve every question i had on that ransomware.keep the good wok up mate
Man, you really went through this step by step so I could follow and use the information to get rid of this virus, thank you.
Thanks Brian, one of the most useful and informative videos out there! Love the new intro too
Thanks Brian! Thorough, to the point and easy to understand as usual. Keep up the good work!
Nice video by Britec09 on how to deal with CryptoLocker.
***** Thanks Graham
Cheers Keegan, glad you liked the video and intro.
Thank you! Much appreciate the trouble you've taken to describe a step by step approach.
You have done a wonderful thing here. Hope I don't ever need to use it, but a nice comfort level thanks to you.
Thank you for this vid Brian. I used it to remove this ransomware on my friends computer.
A very clean and understandable video Brian. Thanks for the hard work you put into it.
Norton has already been rated as the # 1 Anti-virus program worldwide 🙂
Yeah I a doing OK, hope everything is OK your end, hope to catch up soon.
great video as always Brian keep up the good work
Thanks, I'm saving this to a playlist in case I ever get hit with this nasty piece of ransomware.
Well the golden rule of computing is backup, backup, backup so your right in what your doing.
Outstanding job Brian.
Thanks a bunch, its very nice of you to take time to help others, much appreciated
Great video and great guide Brian.
Hope you are doing okay mate.
I don't think there is a way to stop it once on the system, the reason the program did not show in video is because it only shows its self once encryption is complete, so it will be encrypting data behind the scenes, you probably wont even know its doing it until its to late.
Your contribution to gain computer knowledge to me is unforgettable. Thanks britec.
Thanks Sir Kevin.
Great Vid Bri, Thanks For sharing.
Cheers Fred.
Thanks Darren.
Very old vid but it helped me out heaps with a friends PC..TY BRI as always.
Cheers mate, wanted to cover removal, recover data and protection.
Tip: Set your system time back a lot, you'll get more time!
thank you Bri another great and very helpful upload
Keep an eye out as now there is a new variant called Cryptolocker 3.0 that no one has decryption for yet. And the old Cryptolocker site that was in collaboration with the AV companies has stopped their decryption service. Which is stupid as the AV companies should be continuing the service themselves.
Cheers John, it seems these malware makers are making some nasty shit now days.
Thanks, I was supposed to make it a couple of weeks ago, but had a computer crash on my system to deal with. But its done now.
Thank you again, Brian. You are such a blessing to me. I'm actually starting to understand this stuff! :)
But please tell me...can I safely install CryptoPrevent while still running McAfee antivurus security? Or will they conflict?
Please forgive me if this is a stupid question....
Great video, Brian
Your welcome Nick.
Keep up the great work! Now I feel more comfortable understanding how this Ransomeware implements itself.
Great video, can't beat a bit of verbal instruction.
Very thorough Brian nice video
Hi thank you very much for the very well presented video, very reassuring even though i have not been "had" by one of these its good to know with a calm methodical approach, right tools these nasty so and so's can be dealt with . Funny at times your accent reminded me of Holly off Red Dwarf. Take it easy.
Thanks, glad you liked it.
Cheers David
Thanks Chris.
Thank you for another great tutorial. Huge fan of your work. There is one thing I'd like to ask. What should I do if the given time expired and my antivirus deleted the CryptoLocker ? Are my files gone forever ? Will I still be able to recover my files, perhaps using the same method mentioned in your tutorial ? Thanks in advance and keep up the good work.
Excellent tutorial as always.Thank you brian.
Outstanding software & great demonstration Brian. Many thanks indeed. DAve :)
okay, i'm scared now. the only re-assurance i have aside from protection on computer is that I have two computers, so if something like this ever happened i could watch your 'thanks so much for it' tutorial and take care of the problem. You sir are a really good person, sharing your knowledge with (and i speak only for myself) the technically challenged. Thanks again!
Alyssa the better way to know it will not happen it happen to me i downloaded AVAST November 2013 i had it ever since they will protect your computer on all levels i am secure with AVAST then any other protection make sure you download the free edition
Kevin's suggestion to use Avast is great. Avast is a very powerful antivirus, even in the free version. Avast and AVG are the top-of-the-line free AV programs out there. If your PC is mid- or low-end, you could also get Spybot Search & Destroy to protect against spyware (which can gather sensitive data), and download Malwarebytes Anti-Malware as well as their Anti-Exploit program. That's decent protection to start, but if your PC is fast enough, I also use Microsoft's EMET, IOBit's Malware Fighter and also their Advanced SystemCare. Using all of those that I listed, together with Chrome as my primary browser -- with Avast's protection extension as well as AdBlocker -- I haven't been successfully infected by anything other than a few minor PUPs that probably weren't even suspicious.
There's no way to be completely invulnerable, but if you take the necessary precautions, you can protect your PC from most anything. :)
jacobjedi2 AVAST did not detect or prevent Cryptowall on my friend's computer. Spybot search and destroy said it found "some" malware, but wanted me to pay before they said what they were and eliminated them
Avast unfortunately isn't powerful enough to pick up everything, but that's because it's antivirus, not antivirus and antimalware. As for S&D, yeah, their paywalls are getting old but it's nice to have a bit of spyware protection. Have you tried Malwarebytes? It has been known to really kill ransomware and other forms of malware; it's just insane. Also, for proactive protection against ransomware and other appdata-based malware, what Brian mentioned in this video (CryptoPrevent) works really, really well. Use that in combination with Malwarebytes Anti-Exploit, Avast, and S&D, and unless you let the malware in, you probably aren't going to get infected.
jacobjedi2 and Spybot is the only one you can use in Safe Mode
I've had cryptolocker few times when I've ran scan with malwarebytes on safe mode, and always was able to remove it successfully. It has never popped up window or started to encrypt my data tho, maybe cause I've always ran some strong security suite like Kaspersky.
This comment is a bit late lol, but yes Kaspersky is an extremely powerful anti-virus software, but they also have a separate team that specialises in ransomware decryption services, which are included in the subcription
@@scottballantine7234 lol "A bit late" man try about 7 years later. LMAO
Your welcome Riley
Simple to use and well written - What programming language did you use ?
Thank you so much you really saved my ass right here!
Great video. Very informative. One Question though if you don't mind, You mention Shadowexplorer, CAN YOU NOT USE WINDOWS RESTORE INSTEAD? Just wondering. Ty
Almost at 40k subs keep it up
Cheers Bill
There is no decryption method known as yet, so using the methods I mentioned in video are the only chance you have or take your chance paying for decryption of your files, which I would not recommend you do.
Thanks. Had to remove this the other day. Worked perfectly!
Very true. But my customers don't like Linux like us tech's do. :)
Jeremy Lane forgot to switch accounts :)
Your welcome Donnie.
Thank you very much. Very down to earth, very informative. well done !
This is why I never map network shares, especially with the automatically reconnect option. I would connect the the shares as needed. Yes, it's annoying having to do the authentication every time, but it's worth the effort. I store all of my important data on my NAS. With malware like CrypotoLocker running wild out there, everyone who has important data should store this data on a NAS.
As always, backup, backup, backup.
Thank you Brian for making another awesome removal video . Keep up the good work.
Hi Brian! Really appreciate all your videos and the work you do to help techs like me. I have two questions: 1) Where do you get all your cool wallpapers? 2) Do you have, or are you planning any help on dealing with the latest version of Crypto type ransomware: CryptoWall 2.0? I have encountered this new variant on client PCs 3 times in the last month. It appears that this new version behaves differently than the original version.
Again, thanks for all you do!
Cheers dude.
This was extremely thorough. Thanks!
I expect i may get some systems like this now, thanks for the tutorial mate :-), allways handy to know whats happened.
Ive downloaded it, ill tell my frends to run the program straight away to add the policys.
My head was a bit fuzzy last night so i didnt understand it, but today and many cups of tea and i can see the light lol.
Please ask your frend if its possible to protect other directorys + whitelist files, im looking to the future changes i can see hackers making to the exe location.
Thanks Zeeshan
That is insane!.
Thanks for the tips and advises..
can you please make a video on what programs are best for your computer health? i think that would be a great thing for people to know
Yeah backing up to a Nas drive is the way to go no days.
10x 4 the tutorial Brian. Great one.
There is no known why of decryption of data as of yet.
Your welcome Daz
Good Video, but I can see why people still 'PAY' in order to have their files DE-crypted once infected. Without a 'current' backup, thousands of files will become infected in short order and that is HUGE for people who have a lot of Data or at least very OLD data (Photos of Kids, Grand-Kids, Vacations, memorable moments, etc...).. Haven't even touched on the 'Corporate' side of things where people have potentially 10's of thousands of dollars worth of DATA. I suppose it's easy to say 'Never pay them', but my guess is that MANY will continue to do so when 'Sentimental' and/or 'Valuable' data is involved.
Thanks Miguel
CryptoPrevent should not conflict with any AV, if it does then let Nick Shaw know and he will look into the conflict for you.
Yeah its shorter as well.
IMPORTANT INFO, Britec please put this in the description or something
Afaik, previous versions / File history IS NOT ENABLED BY DEFAULT. It also does not appear in the properties for Windows 8/8.1, but it does exist. In windows 8 it's called File History. To enable and configure it go to Control Panel > System and Security > File History, or paste this into the explorer address bar: Control Panel\System and Security\File History
Cheers.
If you have paid for it go to your bank, explain what happened and process a chargeback. Once enough people get their money back, the crims will bugger off.
Thanks so much this video helped a lot and I got rid of it and it says you need to recover your files in a couple of days but when I got rid of the virus I still have my files and didn't have to recover them
great video!~! It actually helped, what about if I try malwarebytes first?
Thanks for the info .... but don't bother with system restore it's useless against C-locker as it leaves personal files "as is" (in my experience)
Thanks.
Great job Britec, but wouldn't it be possible to find the cryptolocker's encryption key anywhere? It has to save it somewhere...
Thank you very much!!
It really helped me
Excellent great work thank you for the video.
Thanks
Oh i wasnt slating your software nick, its more likely to be my windows acting silly.
I did a quick fix and just replaced the registry from a backup.
It was the settings for adjusting the system restore on every drive, the box for disable was also greyed out and beside it something like restricted by Group policy in brackets.
As i love pain, and copying files ill have another go and see if it goes silly again ha ha :-))
cheers.
Yeah always best to backup off the machine your using.
remember the days, when the only ransomware you had to deal with was the a GameOver ZeuS botnet?
CryptoPrevent will block other malware that likes to run from the blocked folders.
Supposedly, on Aug 6th, some security research partnership got their hands on all of CryptoLocker's keys so you can recover your files easier. I saw that on another video about this ransomware. I still would say that using CryptoPrevent is a good idea, though, to protect against other forms of ransomware and malware.
Your welcome.
Yeah McAfee and Norton have lost the plot.
Great video thanks man. But yoa know what's funny... If this happened to my computer I would laugh my ass off cuz I have everything backed up on external drives using a special system so even if I backup the virus I can still get my stuff back. Also there really ain't nothing important on my computer.
More videos coming.
another great video, very professional
thx
This was uploaded 1 day before my birthday!
+U Mad Bro? U mad bro?
Clorox Bleach can I drink you
Clorox Bleach when was clorox bleach mario