OphionLocker, a brand new file-encrypting malware
According to the victims’ sayings, there is a new file-encrypting malware relying on ECC (elliptic curve cryptography) attacking their computers recently. It is named OphionLocker that has been found to depend on elliptic curve cryptography (ECC) to encrypt the data on the affected computer.
OphionLocker is a new brand of crypto-malware has been discovered in the wild these days. It has attacked many users from USA, Canada, or Australia or any part of the world. It has relationship with a ransowmare virus like CryptoLocke or CryptoWall, so your files stored on your system will be encrypted. This malware seems to have encrypted your files with Elliptical Curve Cryptography. And your files like photos, videos, document , etc. will be encrypted.
OphionLocker lacks distinguishing features; more sophisticated malware types are already available on underground markets. If you go to the ransomware site, it will prompt you to enter your hardware id. Once entered it will display the amount of ransom you are required to pay and provide a bitcoin (it often demandeds ransom amounts to 1 Bitcoin or $ 358) address that you should send the payment to. OphionLocker will then contact the malware's TOR site and check if this particular hardware ID has been encrypted already. You can see the locked page from this mamlware.
The locked page from OphionLocker
“Your important files you have on this computer have been encrypted : photos, videos, document , etc.
In order to recover these files you have to go to : smu743glzfrxsqcl.tor2web.org/ and buy the key to decrypt all your files.
From now on you have 72 hours to pay or the key will be permanently deleted from our server and you won't EVER get your files back. Please go to : smu743glzfrxsqcl.tor2web.org/ to see the procedure.
You can find this text on your desktop and document folders”
If your computer files have been encrypted by OphionLocker ransomware, please don’t send your money to the malware's TOR site which is created to make money, and you have to remove OphionLocker crypto-malware which has distributed through an exploit kit in drive-by downloads. Follow the removal tips below.
STEP ONE: Restart your PC and then enter in safe mode with networking.
Windows 8:
1. Select Settings on the charm bar and then Power options. Press and hold Shift key on the keyboard and click Restart.
2. Click Troubleshoot on the displaying Choose an option menu and then Advanced option to proceed.
3. Choose Windows Startup Settings next and press Restart. After that, the computer will reboot and show nine start-up settings, click F5 to enter.
Windows 7/Vista/XP:
1. Restart the computer. Before Windows Welcome interface appears, please tap F8key constantly until Windows Advanced Options Menu displays.
2. On the black screen of Windows Advanced Options Menu, use the arrow key to move down and choose Safe Mode with Networking option by highlighting it. Then hit Enter on the Keyboard.
STEP TWO: Show hidden files.
1. Close all programs so that you are at your desktop.
2. Click on the Start button. This is the small round button with the Windows flag in the lower left corner.
3. Click on the Control Panel menu option.
4. When the control panel opens click on the Appearance and Personalization link.
5. Under the Folder Options category, click on Show Hidden Files or Folders.
6. Under the Hidden files and folders section select the radio button labeled Show hidden files, folders, or drives.
7. Remove the checkmark from the checkbox labeled Hide extensions for known file types.
8. Remove the checkmark from the checkbox labeled Hide protected operating system files (Recommended).
9. Press the Apply button and then the OK button.
STEP THREE: Go to Control Panel and delete Rango Win 8 Antispyware 2014 from Add & Remove program
For XP:
1. Click on the Start button. This is the small round button with the Windows flag in the lower left corner.
2. Click on the Control Panel menu option.
3. Click on Program
4. Click Add & Remove Program
5. Find the removal list and select Remove
6. Press the Apply button and then the OK button.
STEP FOUR: Run a computer scan with SpyHunter to remove OphionLocker all related malicious files and registry.
A: Download SpyHunter official version by clicking this link.
B: Install SpyHunter step by step by following directions:
1) Double click the installer file and start to execute the installation.
2) When the windows asks you a license agreement, please give your permission.
3) Please click Finish to complete the process.
4) Once SpyHunter installed, please load it and do a full scan by clicking Scan now or Malware scan.
5) Remove all malicious items.
STEP FIVE: Reboot your PC back to regular mode to check.
STEP SIV: Using RegCure Pro to Check Your PC Again to Ensure The Removal Processes
1.Click here to download RegCure Pro
- There are two selection for you, you can click Save or Run to install the application. (If you choose to save the application, we recommend that you save it to your desktop and initiate the free scan using the desktop icon.
- The pop-up window will need you to give permission for the Setup Wizard
- Continue following the Setup Wizard to complete the RegCure Pro installation process.Clicking the "Next" button to complete the process.
- Scan your PC now.
- Click Fix All button to delete all detected issues and fix PC with RegCure Pro.
Best Notification:
If your computer has been discovered OphionLocker malware which relies on elliptic curve cryptography (ECC) to encrypt the data on the affected computer. You have to remove this ransomware virus with famous and effective removal tool to get rid of OphionLocker from your computer
No comments:
Post a Comment