Bitdefender Anti-Ransomware and registry

[cd1123]

I found an entry in registry called Locky. Could it be Bitdefender that installed it?
(HKCUSoftware\Locky). I have no problem with Ransom-mails.

 

[Saga Lout]

No - it probably came from a link in an e-mail and it brings with it the ability to encrypt all your files and make them impossible to read. They claim that half a Bitcoin (about £150 GBP) will get you a release key but that rarely comes good even when folks have paid the Russian blackmailers. If you didn't click the link or, better still, you didn't open the page that automatically downloads, you may be safe but you need professional help on this one.

Go to http/www.bleepingcomputer.com and put Locky into their search box for more information. There's a grumopy old Englishman with the unlikely name of Saga Lout being a little unkind to some posters in there. Anyone offering you a fix has to be viewed with suspicion.

 

[cd1123]

The entry is blank. If I remove it it's back after a restart. Coldn't it be Bitdefender who puts it there for safety reasons?

 

[Saga Lout]

Could it have come from a fake download of BitDefender. I've never been a fan myself but I know a lot of folks swear by it.

A quick Googling (which I should have done before putting up my first post) shows me that they developed a tool to prevent Locky taking hold.

The problem with that is that the extotionists will ship their filthy wares into peoples' systems under the cloak of a trustworthy name.

 

[cd1123]

I uninstalled Birdefender Anti-Ransomware and deleted Locky from the register. Restarted and it was gone. Then I istalled it and there it was again.

 

[Saga Lout]

It sounds like it's valid because Locky is Ransomware so if you're comfortable with BitDefender, take advantage of it. That said, I would suggest keeping your eyes peeled for the threat in case it's a Beta product.