Jump to content

Crypt0locker variant not found by any scanner software

Recommended Posts

My mum got some variant on Crypt0locker on her laptop and I've been trying to remove it but for some reasons none of the anti-malware software I try to run can find it. I tried Malwarebytes,Roguekiller, BitDefender and some others but my scans always come up clean.

The software says that it is Crypt0locker but it doesn't behave exactly like it, it adds random file extensions to encrypted files (file.docx.ycedaq and file.jpeg.osucaf for example), it starts a program pretending to be windows explorer that immediately restarts if you X out of it but won't restart if you end its task (the program is just a page with a demand to visit a .onion site and pay bitcoins), after a restart it changed her desktop background to the same demand.


She got it through an e-mail that claimed to be a bill for some service, she downloaded an attached word document that executed the malware (why does windows even allow this?)



I am sorry If I am coming accross a bit noobish but I haven't used windows in a while.

Link to post
Share on other sites

Once a Ransomware is done encrypted the files on a system, it deletes itself. Hence why no products will detect anything. Some of them (like TrendMicro) will flag the ransom notes even though they are harmless.

For support regarding Crypt0L0cker, yes, please follow the thread on BleepingComputer :) 

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.