Skip to main content




Variations of two common malware are claiming WVU victims. Both will encrypt user data on local hard drives, network drives and shared resources. There is no way to unencrypt the data. If you don't have it backed up, it is lost.

The first example below is Crypto Locker. This Trojan is found inside a ZIP file attachment delivered by email. ZIP files are responsible for 90 percent of all malware attacks. Do NOT open ZIP files unless you can verify with the sender that it is legitimate and virus-free. When in doubt, forward the file to for evaluation.

The second example is similar but is most often delivered from a malicious website. These sites most commonly contain streaming videos, movies, TV shows, etc., and tell the user in a pop-up window to update Adobe Flash Player or install a “missing video codec.” The pop-up may look authentic.  Any website that tells you to update your Flash player or requires you to download and install a video codec is trying to install malware. 

If you are a victim of either attack, turn off your PC immediately and contact your local IT support or the IT Service Desk at x3-4444. If necessary, pull the power plug out of the back of the PC to shut it down.

There are hundreds of different scams of this nature. Here are a few examples:

Example of Crypto Locker 

Example of a fake FBI message 

fake adobe update example 1
fake adobe update example 2