Tag Archive

Tag Archives for " 01detectencrypt "

Remove Trojan.Cryptolocker.F

Seeing the following messages on the screen indicates that Trojan.Cryptolocker.F is present on the computer:

YOUR SYSTEM IS HACKED
All your files was encrypted with CryptoLocker!
This means that without a decryption key the recovery of your files is not possible.
If your files have a value to you and you are willing to pay me for the decryption key please contact me…”

Trojan.Cryptolocker.F

Trojan.Ramvicrype

What are the Symptoms of Trojan.Ramvicrype Infection?

Vicrypt error! Please Restart Windows
viCrypt: A problem occured, Please Restart Windows

vicrypt-error

It will modify Windows Registry and add the following entries:

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run\”Optim1″ = “regdtopt.exe”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run\”Optim2″ = “%UserProfile%\My Documents\regdtopt.exe”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run\”Optim3″ = “%UserAppData%\Identities\regdtopt.exe”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run\”Optim4″ = “%UserProfile%\Desktop\regdtopt.exe”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run\”Optim[NUMBER]” = “[FOLDER CONTAINING INFECTED FILES]\regdtopt.exe”

The threat will drop the following malicious files:

  • %UserProfile%\My Documents\regdtopt.exe
  • %UserAppData%\Identities\regdtopt.exe
  • %UserProfile%\Desktop\regdtopt.exe