Originally Posted by tmc8295
No it was definitely the crypto locker. I'm the senior technician at a big local store and there was an outbreak of them coming in when crypto first emerged, computer and many things locked out, including many files. But running a virus removal through a PE environment and then rebooting into safe mode and running virus scans through two other programs as well. Afterwards everything was working, there some corrupted files but nothing near worrying about in comparison to the ransom money
Sent from my SCH-I605 using Computer Forums mobile app
If you had locked files and then those steps you mention made things came back, then I can categorically assure you that it wasn't the variant of cryptolocker being discussed here that encrypted them. None of the samples I've seen in the past 6 months have exhibited this behaviour.
You could have had a cryptolocker infection, but the machine must not have been connected to the internet when when it got installed (hence never performed the encryption) as the decryption key is never
on your computer so any AV would not be able to do anything about it. Cryptolocker achieves this by using asymmetric cryptography rather than more traditional full-disk encryption tools which use symmetric ciphers such as AES.