Alert: Ransomware are on the loose. Know what precautions you should take to prevent data loss

  • 10
    Shares

A few weeks back we had informed our readers about CryptoLocker – a new type of a ransomware that has been let loose on the Internet. This post discusses some more important facts about this malware, and steps you must take to prevent it from affecting your computer.

What is a Ransomware?
A ransomware is a malicious program that freezes or locks up the victim’s computer, and makes it nonfunctional. The malware demands the victim to pay up a certain sum of money (ransom) to unlock the compromised machine. Because of this nature of demanding money and releasing the hijacked computer, this program is known as ransomware. Some ransomware also work by encrypting all your documents and data files and ask for ransom to decrypt the same.

What is CryptoLocker?
CryptoLocker is a type of ransomware that is actively spreading on Internet. After it invades the targeted machine, it starts encrypting all kinds of files on the machine such as images, videos, documents, presentations and spreadsheets. Once it has encrypted the files, it reveals itself in the form of a pay page. The page informs the user that the files on their computer have been encrypted. To recover the files, the user must purchase a private key. The typical ransom demanded by the CryptoLocker is $300. Also, the user has a limited time period to pay up the ransom, after which the private key will be destroyed and the hijacked files will be lost forever.

Cryptolocker_2

Unfortunately, once CryptoLocker has encrypted your files, there is no way to recover them until you have the private key. So, should you pay the ransom? We would like to go with a resounding and bold NO.

You are dealing with outright criminals here, who are extorting money from you. And there is no saying if they will hand over your files even after you have made the payment. Of course, the data that you have lost may be crucial. But, you can lose you data in several other ways.

There is one good news though. The files that are encrypted by CryptoLocker, are not accessed by the hackers. The files remain where they are – on your system, but in an encrypted form.

How Can you Prevent a CryptoLokcer Catastrophe?
Nothing would fit the scenario of CryptoLocker than the saying, “Prevention is better than cure”. That’s right! The only way you can recover from a CryptoLocker attack is to take the right precautions way before time. For your easy reference, we have outlined them for you:

• Backup is important, but with nefarious malware like CryptoLocker around, it can be lifesaver. The malware directly goes for your personal and important files. So, the loss of such files can only be managed with regular backups. Take backups of every file that is important to you and take the backup offline.

• Ensure that your computer is running an antivirus software that gives multilayered protection, and is always up to date. Understand the fact that, if your computer is already infected with a backdoor [a means of access to a computer program that bypasses security mechanisms], then it can be used by hackers to install CrytoLocker. So, using a reliable antivirus significantly reduces the risks of a CryptoLocker attack and that of other malware also.

• Same goes for your computer’s operating system, software, and browsers. Keep them patched and updated. This is another layer of precaution that you must take. Malware can gain entry into your computer via compromised websites, security holes in Internet browsers, and malicious software. And as mentioned, CryptoLocker only needs an existing malware in your system to make its entry.

• We strongly recommend you to avoid using administrator accounts for your daily work. A malware that attacks a high-privileged account can do irreparable damage. It is like somebody shooting you with your own gun that is fully loaded. Therefore, prefer using a typical user account (your gun that is empty or not fully loaded). For instructions on how to set up a new account with standard or low privileges, please follow these links, depending on the OS you are running: Windows 7, Windows Vista, Windows XP. [source: https://www.it.cornell.edu/]

• Because infected or compromised Web sites can also let CryptoLocker into your machine, it is a good idea to have the Sandbox protection feature. It is an advanced security feature formulated for safe browsing. Once the feature is activated, it takes your Internet browser into a virtual environment. While you browse inside the Sandbox, your PC’s operating system, memory locations, files, and other vital areas are screened away from the browser. So, even if any infection does take place, it will remain confined inside the virtual environment without affecting the real PC.

• CryptoLocker may also attack you in the form of email attachments. A simple way to avoid this risk, is to trash unsolicited and unwanted emails. Be particularly careful against unexpected emails that talk about lottery, unsent courier and those from banks and financial institutions.

Note: Recently we came across a new ransomware that goes by the name Anti-Child Porn Spam Protection. It states that the target’s computer is spamming links of child pornography Web sites. And it claims that it has encrypted the computer’s data, in order to protect the user, and others from such spams. This message is followed by their demand for a certain sum of money to get a password for recovering the data. Even in such cases, please do not pay any kind of money.

Given the increasing cases of ransomware and its variants, we urge our readers to strongly consider taking the precautionary measures listed in this post.

Rajiv Singha

Rajiv Singha


118 Comments

Your email address will not be published.

CAPTCHA Image

  1. Avatar Hrushi SonarOctober 23, 2013 at 9:18 AM

    Tank you Rajib sir for this new Ransomware info.

    Regards,
    Hrushi.

    Reply
  2. Becuse vires is also software we have to face such problem

    Reply
  3. Awesome information for ransomware

    Reply
  4. Hi Rajib,

    Nice post and precautionary methods.

    Could you please let me know whether quickheal will be above to prevent from this Ransomware? and If quickheal installed in my machine will I need to worry about this issue or need to take any precautionary method?

    Regards,
    Bala

    Reply
    • Rajiv Singha Rajiv SinghaOctober 24, 2013 at 4:23 PM

      Hi Bala,

      Yes, Quick Heal does help prevent CryptoLocker from attacking your computer. Although it cannot recover the encrypted files, it can detect and remove the malware from your system. However, there is no harm in taking precautions. It only increases the security of your data. So, we would recommend you to keep your Quick Heal updated, and consider taking the precautionary measures listed in this post.

      Regards,

      Reply
  5. Thanks for informing. It is really serious threat to the users of internet & we need to protect ourselves from such criminals.

    Reply
  6. Avatar Revant MahajanOctober 23, 2013 at 5:37 PM

    thanks man for the info

    Reply
  7. Avatar BalachandranOctober 23, 2013 at 5:38 PM

    Thanks Rajib. I am sure this will reduce huge embarrassment and increase productive hours.

    Reply
  8. Thanks
    How do I get the sandbox facility ?
    Does backup always have to be external ?
    best wishes

    Reply
    • Rajiv Singha Rajiv SinghaOctober 24, 2013 at 4:21 PM

      Hi Keron,

      Quick Heal Antivirus Pro, Internet Security, and Total Security offer Browser Sandbox protection.

      Local backup on your computer does not help, because CryptoLocker can go for these backups as well. Therefore, external backups are a better option.

      Regards,

      Reply
  9. thank u very much for such useful info.

    Reply
  10. Avatar Dr.R.BalasubramaniyanOctober 23, 2013 at 6:19 PM

    Thanks for the timely alert and excellent information on certain Ransom-ware and Cryptol-okcer. You have really cautioned us on such internet theft of data. Thank you.

    Reply
  11. Well done Rajib Singha! Your sincere efforts are appreciable. All the best.

    Reply
  12. 15days back i face the same problem ( child pron spam )my computer was totally locked . I need to format the laptop but i am using authentic anti-virus Quick-Heal software , i still do not understand how can it attack my pc even i am using this software and daily updated. is there any other option to eliminate format when such things occur? i shall be thankful if antivirus software and help us in this case without formatting c drive or pc.

    thanks for the information

    Reply
  13. Very useful information, thanks for this..

    May you tell me what is Sandbox ? Is it available on Quick Heal Total Security 2013 ? If yes, then how to enable this ?

    Reply
    • Rajiv Singha Rajiv SinghaOctober 24, 2013 at 9:27 AM

      Hi Prasant,

      Browser Sandbox protection is a special protection for your PC from malicious websites. This feature creates a virtual environment and executes your Internet browser within this environment inside your PC. When you are surfing the Internet through the browser that is executed in the virtual environment, it protects your real PC from any infection that your PC may catch from an infected or malicious website. You can read this post for more details on the Browser Sandbox feature.

      Yes, Quick Heal Total Security 2013 does provide the Browser Sandbox protection. To activate the feature, follow these steps:

      Open Quick Heal
      Click Internet & Network
      Find the Browser Sandbox option
      Turn it ON

      Regards,

      Reply
      • Avatar Kainaaz Writer BokdawallaOctober 25, 2013 at 7:43 PM

        Hi Rajib,

        Im using the original QH anti-virus but it’s the 2012 version, valid till 2015. When i clicked on Internet n Network n went on to the next click all i cud find was the ‘browsing protection’ option which was already on.. There is nothing listed there as ‘Browser Sandbox’ option. What do i have to do to get the Sandbox option?? Help!! Please..

        Regards,
        Kainaaz

        Reply
        • Rajiv Singha Rajiv SinghaOctober 28, 2013 at 3:25 PM

          Hi Kainaaz,

          Please follow this link – https://www.quickheal.co.in/quick-heal-product-installer.

          Provide the license key, and follow the instructions. Your Quick Heal product will be updated, and your computer will receive the Browser Sandbox protection.

          For any assistance, please contact our support team at 0-927-22-33-000. They will help you resolve the issue you are facing.

          Regards,

          Reply
      • I’m using Quick Heal Total Security 2013. But there is no option like “Browser Stand-box” in Internet and Network. All the options available in Internet and Network are:
        1. Firewall Protection
        1. Browsing Protection
        1. Malware Protection
        1. Phishing Protection
        1. News Alert
        And all of the above options are already turned on!

        Please tell me how to enable “Browser Standbox” now?

        Reply
        • Rajiv Singha Rajiv SinghaOctober 31, 2013 at 9:16 AM

          Hello Remo,

          On the Quick Heal dashboard, you will find the Internet & Network section.
          Click this section, and in the page that comes up, the second last option would be Browser Sandbox. You can then turn it ON if it is OFF.

          For any assistance with this, kindly contact our support team at 0-927-22-33-000.

          You can also raise a query at https://www.quickheal.com/submitticket.asp. Our support team will get back to you to resolve the issue you are facing.

          Regards,

          Reply
          • Avatar Remo FaisalNovember 3, 2013 at 9:24 AM

            No no.. There is no option like browser sandbox in my Total security 2013. All that options that are available I told u..

            Why my version don’t support Browser Sandbox????

            The current version of Total security 2013 that I’m having is: 14.00 (7.0.0.3)

  14. Avatar Sagnik biswasOctober 23, 2013 at 9:34 PM

    is it affecting windows 8? and quickheal total security is able to manage this problem?

    Reply
    • Rajiv Singha Rajiv SinghaOctober 24, 2013 at 3:56 PM

      Hi Sagnik biswas,

      Yes, Windoews 8 is also vulnerable to CryptoLocker. Quick Heal detects this family of ransomware as Trojan.Crilock.A. Although it cannot recover any files encrypted by CryptoLocker, it can remove it from the infected machine. Keeping your Quick Heal updated, and taking preventive measure reduce the risk of this malware significantly.

      Regards,

      Reply
  15. Avatar Sananda BanikOctober 23, 2013 at 10:16 PM

    Can encryption of our drives prevent this Cryptolocker??Should we encrypt our files before such ransomware do???Is it possible fr such malware to re-encrypt our drives once we have totaly encrypted our drives f pc??

    Reply
    • Rajiv Singha Rajiv SinghaOctober 24, 2013 at 4:27 PM

      Hi Sananda,

      It is a safe practice to encrypt all important files in your computer. However, it cannot be said for certain that doing so may prevent CryptoLocker from re-encrypting the files. For the time being, the best method is to take regular backups, and follow the precautionary measures such as the ones mentioned in this post.

      Regards,

      Reply
  16. What if my PC or Android gets infected by CryptoLocker…?
    What should i do.. ???
    Does the present Quick Heal antivirus I am can help me to prevent the CryptoLocker….???

    Reply
    • Rajiv Singha Rajiv SinghaOctober 24, 2013 at 3:54 PM

      Hi Gemar,

      At present, CryptoLocker only affects Windows PC. As mentioned in the post, CryptoLocker uses existing malware in targeted PCs. Keeping your Quick Heal updated will prevent all types of malware infection. And this reduces the risk of CryptoLocker attacking your PC. You can further reduce the risk, by following the precautionary measures we have listed down in the blog post. Also, Quick Heal detects this family of ransomware as Trojan.Crilock.A. Although it cannot recover any files encrypted by CryptoLocker, it can remove it from the infected machine.

      Regards,

      Reply
  17. Avatar D. SuriyamoorthyOctober 24, 2013 at 6:59 AM

    (1) You are exhorting us not to pay any money (ransom). Good, but even if we want, most Indians would not be able pay in dollars/euros/pounds because of remittance/currency restrictions. Payment by Indian Rupee cards are not accepted by American/European Banks. Payment from Indian Rupee Bank Accounts to foreign Banks dealing in dollars/euros/pounds are also not permitted.(2)Since the Robbers are getting the money through Bank accounts, are the Police of the related country/ies not able to catch them?–just a doubt!

    Reply
    • Rajiv Singha Rajiv SinghaOctober 24, 2013 at 3:53 PM

      Hi D. Suriyamoorthy,

      We have strongly recommended our readers not to pay any kind of money. So, the question of being able to pay in local or foreign currency should not arise in the first place. Cyber security officials are doing their job to nab the criminals. What we can do is follow the right preventive measures and stay alert.

      Regards,

      Reply
  18. Avatar Hitender kumar chandelOctober 24, 2013 at 8:18 AM

    thanks sir for this guidiance to me.

    Reply
  19. Thanks for your alert. But what QuickHeal is doing to protect our faith on quickHeal.

    Reply
    • Rajiv Singha Rajiv SinghaOctober 24, 2013 at 4:29 PM

      Hello Ajeet,

      Thank you for your support. Quick Heal releases regular updates to detect new malware threats. It detects this family of ransomware as Trojan.Crilock.A, and can remove it from the infected system. Unfortunately, there is no way to recover the encrypted files without the private key.

      Regards,

      Reply
  20. Avatar Sydney WellerOctober 24, 2013 at 10:42 AM

    Thank you Sir,
    for your valuable advice, I shall be more careful and try to backup my data so that I do not have to face the Ransomware situation. But I am very thankful to the Quick heal team for having given us the right protection against any internet bases abuse.
    Thanks alot &keep up the good work,
    Sydney Weller

    Reply
  21. Hai,

    Two days in a row i found
    Trojan agent.WD.cw6
    File c:windowssystem32driversatapi.sys
    And my system recovered from it by system restore process.
    I want to know , why it was caused and how to prevent it.
    Thank you for your information reg browser sandbox.

    Reply
  22. Avatar Vijay SharmaOctober 24, 2013 at 12:25 PM

    We are having a Quick Heal Anti Virus for Windows server but there is no for Browser Sandbox option. Then how to set it.

    Thanks

    Regards
    Vijay Sharma

    Reply
    • Rajiv Singha Rajiv SinghaOctober 24, 2013 at 4:53 PM

      Hi Vijay,

      Quick Heal Anti Virus for Windows server offers browser protection and firewall protection. Browser protection filters HTTP traffic coming from Web sites on the Internet. Firewall protection blocks malware from reaching the system. So, these two features when combined by the preventive measures mentioned in the post, should significantly reduce the threat of CryptoLocker.

      Regards,

      Reply
  23. Avatar RAVI HARESHBHAI MAHETAOctober 24, 2013 at 12:35 PM

    Quick heal is a really very good service

    Reply
  24. Avatar chander saddiOctober 24, 2013 at 1:10 PM

    Dear Sir,

    When i open the quick it is not open and gives a message of default brower
    Chander

    Reply
  25. Avatar Manoj PatilOctober 24, 2013 at 1:37 PM

    Dear Sir,
    I m using Quick Heal Total Security 2012
    I m following Ur given path as:
    “Open Quick Heal
    Click Internet & Network
    Find the Browser Sandbox option
    Turn it ON”
    And I m unable to find d option of “Browser Sandbox”

    Kindly guide Me…

    Reply
  26. Avatar manas pandaOctober 24, 2013 at 1:41 PM

    Dear rajib ji

    plz cler me how we protect to my laptop from this virous.
    i have already installed guardian version(licences).

    Reply
    • Rajiv Singha Rajiv SinghaOctober 24, 2013 at 4:42 PM

      Hi Manas,

      We recommend you to do the following:
      1. Keep your antivirus up-to-date
      2. Avoid clicking links from unknown sources
      3. Avoid opening email attachments from unknown sources
      4. Keep your Internet browsers, operating system, and all software updated

      Regards,

      Reply
  27. Avatar Ansumay DattaOctober 24, 2013 at 2:01 PM

    Very useful information.

    Reply
  28. hey rajib. thanks for your alert. I am using quick heal total security but can you tell me what is parental control,

    Reply
    • Rajiv Singha Rajiv SinghaOctober 25, 2013 at 10:08 AM

      Hi Afgzal,

      Parental Control is one of the important features of Quick Heal Total Security. It has been developed keeping in mind the Internet safety of kids and other users in general. With the help of this feature, you can decide when and how much Internet is used by your children and other members in the house. Also, Parental Control helps in blocking Web sites that can be inappropriate for your children or are infected with malware. You can visit our Parental Control microsite to know more on how to use this feature. You can also visit our blog post to know the important benefits of using Parental Control.

      Regards,

      Reply
  29. Good In for mati on about cryptolo cke r.

    Any one say when QuickHea. 2014 is out now ?…..

    Reply
  30. Avatar Nilesh GudadheOctober 24, 2013 at 11:37 PM

    DOES SAND BOX AFFECTS SPEED OF BROWSING ?
    AND THANK U FOR THE INFO

    Reply
    • Rajiv Singha Rajiv SinghaOctober 25, 2013 at 11:40 AM

      Hi Nilesh,

      No, Browser Sandbox does not affect the speed of Internet browsing. Nevertheless, if your browser is slow, then kindly contact our support team at 0-927-22-33-000.

      You can also raise a query at https://www.quickheal.com/submitticket.asp. Our support team will get back to you to resolve the issue you are facing.

      Regards,

      Reply
  31. Hi rajiv,

    Thanks for sharing very useful information with us but hackers can also see
    your post our comments then they can do something new so please provide a safe link or website which will away from these types of haackers.

    Thanks and regards-

    Reply
  32. Thanks For Providing Information

    Reply
  33. Avatar Keyur ZanzmeraOctober 25, 2013 at 4:43 PM

    Hello,
    I have done a problem of no Updating from 2nd August
    And I can not Detect the threats..
    Give me the best solution.
    Please Help me someone

    Reply
  34. Avatar Prafull MahajanOctober 25, 2013 at 7:54 PM

    Thanks Rajib. I am using Quick Heal Total Security 2013 but i didn’t got the Browser Sandbox option in it. Please guide.

    Reply
    • Rajiv Singha Rajiv SinghaOctober 28, 2013 at 3:22 PM

      Hi Prafull Mahajan,

      Go to your Quick Heal Total Security dashboard.
      Click Internet and Network.
      There you will find the ‘Browser Sandbox‘ option.

      If you still face any problem, then kindly contact our support team at 0-927-22-33-000.
      You can also raise a query at https://www.quickheal.com/submitticket.asp. Our support team will get back to you to resolve the issue you are facing.

      Regards,

      Regards,

      Reply
  35. pls give me detailed information about ransomware

    Reply
  36. Rajiv, I am really not concerned about such virus attack Please let me help to do the stepwise instructions to protect my computer.waiting for help

    Reply
  37. Avatar Nyima TsherinOctober 26, 2013 at 6:15 AM

    …thank you for your interesting, valuable and precautionary suggestion about Ransomware.

    Reply
  38. Avatar santanu duttOctober 26, 2013 at 8:39 AM

    This is as nice guidance to me , so i shall be aware of that also thank you as before doing /opening the suspected files you are alerting me. So QUICK HEAL is helping me daily .Thank you a lot.

    Reply
  39. Avatar santanu duttOctober 26, 2013 at 9:04 AM

    nice guidance to me. thank you.

    Reply
  40. Avatar Vilas BordeOctober 26, 2013 at 9:54 AM

    Thanks for alerting me. I am using QH antivirus. But I will take care. Once again thanks.

    Reply
  41. Avatar Shivanshu MinzOctober 26, 2013 at 12:10 PM

    Thank You for this news. Can you suggest me some ways to protect my pc from ransomware. Please.

    Reply
    • Rajiv Singha Rajiv SinghaOctober 28, 2013 at 2:32 PM

      Hi Shivanshu,

      In this post, we have outlined some important precautionary measures to help you protect your PC from this malware.

      Regards,

      Reply
  42. Avatar Salil KulkarniOctober 26, 2013 at 6:43 PM

    Thanks for the update. This is completely new word for me “Ransomware”
    Thanks for the security tips too.

    Reply
  43. Avatar Udai Pal SinghOctober 26, 2013 at 10:39 PM

    Thanks a lot!

    Reply
  44. Got something very crucial and new thing to learn.. It will prove to be very in important for me as well as for my fellow-being.. Thankyou

    Reply
  45. Sir,

    My Quick heal antivirus is not taking update manually or automatic.It gives a message of error in space of disk. So please help me to resolve this problem.

    Reply
  46. hello Rajib sir, my quick heal internet security is saying-“Ransomware is on the loose.”Please tell me what does it mean and how to prevent it.

    Reply
    • Rajiv Singha Rajiv SinghaOctober 28, 2013 at 10:18 AM

      Hi Kaushal,

      What you are seeing is a notification of a report on a Ransomware called CryptoLocker. We have prepared this report to alert our readers about this malware, and how they can prevent its attack. We would recommend you to read the post, and take the precautionary measures we have listed in it.

      Regards,

      Reply
  47. thank you,respected sir for your ransomware info

    Reply
  48. Avatar Amitabha KarOctober 27, 2013 at 11:19 PM

    Hi Rajib,
    Many many thanks for your voluntary effort to alert us. I have a Quick Heal Antivirus Pro installed in my PC. Do u think it’s sufficient? Please revert.

    Reply
    • Rajiv Singha Rajiv SinghaOctober 28, 2013 at 10:15 AM

      Hi Amitabha,

      Thank you for your support. Your PC is protected by Quick Heal AntiVirus Pro. However, we would recommend you to take the precautionary measures mentioned in this post. This would significantly reduce the risk of CryptoLocker.

      Regards,

      Reply
  49. Avatar mahadev lokeOctober 28, 2013 at 12:46 AM

    One of my client PC is infected with CryptoLocker even Quick Heal Antivirus 2013 is installed on his system. It should have prevented from infection but it didn’t happened.

    Reply
  50. hello 3 days before my system has been hacked by ransomware. even I have quick heal antisoftware and windows 7 original. however we formatted system and unable to recover datas. tdy again one of my another system has been hacked. plz let me know the remedy for this.

    Reply
    • Rajiv Singha Rajiv SinghaOctober 28, 2013 at 10:08 AM

      Hello Bhaskar,

      We are sorry to learn about this incident. We would request you to contact our support team at 0-927-22-33-000.
      They will help you resolve the issue you are facing.

      Regards,

      Reply
  51. Avatar Chetan JoshiOctober 28, 2013 at 2:55 PM

    Sir i have administration account and i don’t want to create another user then i have any other option from preventing the cryptoloker???

    Reply
    • Rajiv Singha Rajiv SinghaOctober 28, 2013 at 3:37 PM

      Hi Chetan,

      Doing your daily tasks like Internet browsing, watching videos, etc., with a standard user account greatly reduces the damage that a malware attack can cause to your PC. However, if you still do not wish to create another user account, then follow the other preventive steps we have outlined in this post.

      Regards,

      Reply
  52. Thank you Rajib sir.

    Reply
  53. Hello Rajib ,
    im a firefox user , and few months months ago while surfing the net, a green outline formed outside the border of my firefox browser. What could it be ?

    I went through a post by another user few weeks ago , and he experienced the same thing . And one of the quickheal guys replied to him, that its because the sandbox feature was turned on.

    So my question to you is , if its because of the sandbox feature that the green line is appearing around the browser, then why can’t i see any green line around my browser right now ??
    I mean , i just opened my quick heal and turned on the sandbox feature, yet i don’t see any green line around my browser . Please help me on this issue.

    Also i would like to know one thing , and that is , why quickheal is not providing any anti-rootkit feature for 64-bit systems ??
    I mean back in 2009 there was anti-rootkit in quickheal internet security, so why not Now for 64-bit systems?? Thanks.

    Reply
    • Rajiv Singha Rajiv SinghaOctober 29, 2013 at 11:53 AM

      Hi RedMonster,

      When Browse Sandbox is enabled, you must see a green border around the Internet browser. Browser Sandbox supports Internet Explorer, Mozilla Firefox, and Google Chrome.

      If your Browser Sandbox is ‘ON’ but the green border does not appear, then we advise you to contact our Technical Support Center at 0-927-22-33-000.
      You can also raise a query at https://www.quickheal.com/submitticket.asp. Our support team will get back to you to resolve the issue you are facing.

      In response to your second query, due to some technical limitations, Anti-Rootkit is not currently supported by 64-bit operating systems. We may release it in future.

      Regards,

      Reply
  54. Thank you, very much for giving significant news about ransom and hijacker. this is very important with valuable news that Quick Heal share with gives us this valuable information.

    Reply
  55. Avatar Abhisek BhattacharjeeOctober 28, 2013 at 7:16 PM

    Thanks for sharing this important news. I have quick heal antivirus pro 14.00 2013.My question is this quick heal version can prevent my pc from those viruses, if not then what precaution i can take to save my pc? Is it required to update my quick heal antivirus regularly to prevent it from damage? Please give me a perfect suggestion. I am waiting for your answer sir.

    Reply
    • Rajiv Singha Rajiv SinghaOctober 29, 2013 at 10:13 AM

      Hi Abhisek,

      As you are using Quick Heal Antivirus Pro, your system is already protected from all kinds of malware threat. But, if you also take the precautionary measures outlined in this post, it will only enhance the security of your PC and its important data.

      Regards,

      Reply
  56. Avatar Rajesh Kumar AgarwalOctober 28, 2013 at 10:13 PM

    thanks Rajib ji for the information about the malvare. can you suggest on how to take backup & encrypt in the form of small size files. and how to restore them.

    Reply
    • Rajiv Singha Rajiv SinghaNovember 7, 2013 at 11:44 AM

      Hi Rajesh,

      We request you to contact your computer’s admin or seek a computer engineer’s help for the information on backup and encryption.

      Regards,

      Reply
  57. Hello again Rajib , thanks for replying to my previous post.
    I would like to know , how the encrypted files will actually look like once they are infected or encrypted by the virus?
    Will the names of my files be changed in the form of codes/symbols, once they are encrypted by the virus?

    And may i know, that from which websites these ransomwares are coming mostly , so that i would avoid visiting such sites.
    Are they torrent sites like piratebay or could they be porn sites?
    … Is it safe to browse porn tube sites for online video watching , coz i heard in a news post that leading porn tube sites have struck a deal with malware companies & they are installing malwares into our systems once we watch their videos . Don’t know how legit is that news post.

    Thanks . Waiting for your helpful replies

    Reply
  58. Avatar Nishant SainiOctober 29, 2013 at 6:33 PM

    Guardian Anti-Virus is very Successful Software.
    I think all the Pepole Like This Guardian Anti-Virus.
    I Like it.

    Reply
  59. Avatar Shivam GuptaOctober 29, 2013 at 11:11 PM

    Thanks for such dangerous alert….
    How can we enable Sandbox feature in Quick heal. I have Quick Heal Internet Security 2012 Premium 3 years package and I am not finding any options like sandbox so please help me to get it.
    Thanks and regards
    Shivam

    Reply
    • Rajiv Singha Rajiv SinghaOctober 30, 2013 at 10:15 AM

      Hi Shivam,

      Please follow this link – https://www.quickheal.co.in/quick-heal-product-installer.

      Provide the license key of your Quick Heal Internet Security, and follow the instructions. Your Quick Heal license will be updated, and your computer will receive the Browser Sandbox protection.

      For any assistance, please contact our support team at 0-927-22-33-000. They will help you resolve the issue you are facing.

      Regards,

      Reply
  60. hi,

    i alredy face this problem,and lost all files,i still have those effected files can u pls help me how to open it, most of them are excel,and pdf files

    Reply
    • Rajiv Singha Rajiv SinghaOctober 30, 2013 at 10:19 AM

      Hi Bhasker,

      We are sorry to learn about this incident. Unfortunately, files that get encrypted by CryptoLocker cannot be recovered without the private key. However, Quick Heal can remove the malware from your system. Kindly contact our support team at 0-927-22-33-000 for any assistance.

      Regards,

      Reply
  61. Yeah everything looks fine.
    you said it encrypts the file and ask for money and you say not to give them the money.
    Then how can someone get back the files.
    Tell me any way to handle such issue after it has occurred.

    Reply
    • Rajiv Singha Rajiv SinghaOctober 31, 2013 at 9:11 AM

      Hi Kamlesh,

      Any file, once encrypted by CryptoLocker cannot be recovered, unless the private key is obtained. And we have recommended our readers not to pay any kind of money demanded by the malware, because it is not certain that the malware author would oblige and hand over the private key. As mentioned in the post, the best way to deal with a CryptoLocker is to prevent it from attacking your system. And we have discussed in this post how you can do so.

      Regards,

      Reply
  62. THANK U. I HAVE STARTED TO FEEL THAT I HAVE INSTALLED AN OUTSTANDING ANTIVIRUS SOFTWARE. AFTER SEARCHING ALL AROUND THE WORLD I FOUND IT IN MY MOTHERLAND. THANK U FOR ALL ALERTS THAT YOU ARE GIVING.

    Reply
  63. Avatar Nelson Orero BwoengaNovember 1, 2013 at 3:20 PM

    I am writting from kenya.Why is it that updating quickheal from here is very slow and damn expensive?. Must it require so many hours to download updates?

    Reply
  64. Recently when I started my PC for first time in morning.; it went(directly) to native (boot) scan WITHOUT me having chosen that option…during that scan it detected Trojan WD.cw6 and deleted it !!!
    Is QH so sophisticated that when it detects PC not starting correctly it goes on Auto Boot scan ?? !!!
    Remarkable product and Desi too !!!

    Reply
  65. hello..

    we are useing quickheal antivirus.but i faced this problem,and lost all files,i still have those effected files can you please hepl me how to open it, most of them are word, excel,jpeg, and pdf files

    Reply
    • Rajiv Singha Rajiv SinghaFebruary 4, 2014 at 10:21 AM

      Hi Mahendra,

      Unfortunately, files that are encrypted by CryptoLocker cannot be recovered without the private key, as mentioned in the post. If you have a backup of all these files, then you can recover them from the same. We would like to inform you that the Quick Heal 2014 series can detect and remove 90% of CryptoLocker samples. If you wish to receive a free upgrade, then please follow this link – https://www.quickheal.com/upgrade/

      Regards,

      Reply
  66. Thank God. Salute for U Mr.Rajib Singha

    Reply
  67. Avatar CommenterApril 5, 2014 at 5:12 AM

    Recommending a bold NO is dumb. If a business has its operational database and quickbooks files locked, you suggest just letting it go?

    While I agree backing up is the best method, but it doesn’t help when your backup is also locked.

    Maybe try a post that actually helps..

    Reply
    • Rajiv Singha Rajiv SinghaApril 5, 2014 at 5:29 PM

      Hi Commenter,

      As we have mentioned, there are several other ways any organization can lose its data. It is true that letting go of the data encrypted by the CryptoLocker can be detrimental. But the bigger question is, “Can we trust criminals?” There is no silver bullet for ransomware. The best we can do is taking regular backups offline and storing them away in a safe place, and follow basic preventive measures such as the ones described in the post.

      Regards,

      Reply
  68. if i format my windows will it lost my antivirus

    Reply
    • Rahul Thadani Rahul ThadaniOctober 14, 2014 at 10:09 AM

      Hi Satish,

      If you format your machine, all the programs on it will get uninstalled. So you will need to install your antivirus software again.

      Regards.

      Reply
  69. Avatar Narendra Kumar baghOctober 27, 2016 at 10:24 AM

    Dear sir Quick Heal software to backup how to data decrypt please share

    Reply