I got CryptLocker.. again today. The only thing I download was a .PDF from a trusted drum site and a couple hours later I got the dreadful meassage.
(Also the first time I got this I was also on a large commercial real estate website and clicked on a PDF flyer and got it -- How do they sneak these things in on these sites???)
Working through the resoultion process I removed all the Crytpo shortcuts I could find and I got ShadowExplorer to restore some of the files but not all of them (oddly enough neither the ShadowExplorer or Malwarebytes .exe/programs were active on the computer from the first time through this process and I know I didn't remove them. Wonder if Crypto bounced them???).
I tried to use the utility that was linked from the main "Crypt" help article on this malware and through a Yahoo search that landed in this forum.
I D/L'ed and ran the utility but didn't seem to have any luck cracking the encrypted files. Is the " decrypt_mblblock.exe " still a valid utility tool, or have the bad guys worked around this?
Also I thought there was a laundry list of items to check in the Registry in the CryptLocker article but I can't seem to locate it to make sure that nasty malware isn't buried deep and just waiting to be resurrected?
Edited by Chris Cosgrove, 11 July 2015 - 05:48 PM.
Moved from Vista to General Security