Hey you,

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:

Remove Ransomware Called Cryptographic Locker

Name Cryptographic Locker
Type Ransomware
Short Description Encrypts important files and gives decryption keys upon paying ransom which is usually financial compensation.
Symptoms Appearing of different objects in various user folders or the Desktop.
Distribution Method Spam mails. MiTM attacks, malicious redirects.
Detection tool Download SpyHunter, to See If Your System Has Been Affected By Cryptographic Locker

ransomwareA very vile ransomware virus that has similarities to the most widely distributed CryptoWall threat has appeared on the IT security radar. The threat is known to encrypt user files, dropping a message with instructions on how to pay a ransom for their safe return. Security experts advise users not to comply with the ransom demands since this is no guarantee that the unlock decrypting key cyber criminals may provide in exchange for the payment will decrypt the files. Experts also advise on its removal from the user system, using a powerful anti-malware software.

What is Cryptographic Locker?

BartBlaze, the malware researcher who discovered the threat, reports that Cryptographic Locker may initially scan your system for files then based on it, encrypt them with an unfamiliar extension. After that, the attackers may attach a note, demanding 100$(or 2 bit coins.) in return for the ransom payment. The threat is also reported to use the AES encryption algorithm.

The infection is reported in security forums to affect mainly the current file formats:

→odt, ods, odp, odm, odc, odb, doc, docx, docm, wps, xls, xlsx, xlsm, xlsb, xlk, ppt, pptx, pptm, mdb, accdb, pst, dwg, dxf, dxg, wpd, rtf, wb2, mdf, dbf, psd, pdd, pdf, eps, ai, indd, cdr, dng, 3fr, arw, srf, sr2, mp3, bay, crw, cr2, dcr, kdc, erf, mef, mrw, nef, nrw, orf, raf, raw, rwl, rw2, r3d, ptx, pef, srw, x3f, lnk, der, cer, crt, pem, pfx,p12, p7b, p7c, jpg, png, jfif, jpeg, gif, bmp, exif, txt

After this program encrypts user files in the background, it is said to change user wallpaper to ‘All your files have been encrypted by CryptoLocker’ and it is unclear why it does that. More so, unlike other data encrypting programs, Cryptographic locker includes the ‘convenience’ to enable users to conduct a payment via an integrated application. It also may provide them with the decryption keys in return.

Security engineers provide more information as to what files this threat most likely situates on the affected PC:

Path to Dropper\random.exe
Registry Objects:
HKCU\Control Panel\Desktop\Wallpaper “C:\Users\User\AppData\Local\Temp\wallpaper.jpg” (old value=””)
HKCU\Control Panel\Desktop\WallpaperStyle “1” (old value=”10″)

How To Remove Cryptographic Locker Safely?

It is a tricky procedure, since the top security engineers, who discovered CryptoGraphic Locker also report that it may stop all of the anti-malware applications running. This is why the best way to remove Cryptographic Locker is first to download an advanced anti malware removal program and to scan and remove it from your PC in safe mode. To do this properly, please follow the step-by-step manual below.

Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

1. Start Your PC in Safe Mode to Remove Cryptographic Locker
2. Remove Cryptographic Locker automatically with Spy Hunter Malware - Removal Tool.

Cryptographic Locker – How To Protect Your Files?

In case you have seen ransomware attacks, you might want to back up your data. To perform this action, you should guide yourself by the after mentioned manual.

Security engineers recommend that you back up your files immediately, preferably on an external memory carrier in order to be able to restore them. In order to protect yourself from Cryptographic Locker (For Windows Users) please follow these simple instructions:
For Windows 7 and earlier:
1-Click on Windows Start Menu
2-Type Backup And Restore
3-Open it and click on Set Up Backup
4-A window will appear asking you where to set up backup. You should have a flash drive or an external hard drive. Mark it by clicking on it with your mouse then click on Next.
5-On the next window, the system will ask you what do you want to backup. Choose the ‘Let Me Choose’ option and then click on Next.
6-Click on ‘Save settings and run backup’ on the next window in order to protect your files from possible attacks by Cryptographic Locker.
For Windows 8, 8.1 and 10:
1-Press Windows button + R
2-In the window type ‘filehistory’ and press Enter
3-A File History window will appear. Click on ‘Configure file history settings’
4-The configuration menu for File History will appear. Click on ‘Turn On’. After its on, click on Select Drive in order to select the backup drive. It is recommended to choose an external HDD, SSD or a USB stick whose memory capacity is corresponding to the size of the files you want to backup.
5-Select the drive then click on ‘Ok’ in order to set up file backup and protect yourself from Cryptographic Locker.
Enabling Windows Defense Feature:
1- Press Windows button + R keys.
2- A run windows should appear. In it type ‘sysdm.cpl’ and then click on Run.
3- A System Properties windows should appear. In it choose System Protection.
5- Click on Turn on system protection and select the size on the hard disk you want to utilize for system protection.
6- Click on Ok and you should see an indication in Protection settings that the protection from Cryptographic Locker is on.
Restoring a file via Windows Defense feature:
1-Right-click on the encrypted file, then choose Properties.
2-Click on the Previous Versions tab and then mark the last version of the file.
3-Click on Apply and Ok and the file encrypted by Cryptographic Locker should be restored.

Berta Bilbao

Berta is the Editor-in-Chief of SensorsTechForum. She is a dedicated malware researcher, dreaming for a more secure cyber space.

More Posts - Website

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.