Desperate help needed from PC experts

GingerBeerMan · Apr 22, 2015

Sorry for double post, I've been doing some Googling. This is a well known problem and there was actually no cure. It's called Cryptolocker (http://en.wikipedia.org/wiki/CryptoLocker) and has affected lots of people. Luckily now there is a site you can unlock for free. It's worth a try, upload one of your locked documents to this site and they should send you a link with the serial to unlock your documents:
https://www.decryptcryptolocker.com/

This might not work, but it's worth a shot. The company who made the website are very reputable so nothing to lose.

Edit: Or it may be a copycat, in which case the above won't work.

Stumpy Tim · Apr 22, 2015

I work in this space, and it is Crypto locker. Very common and your AV really should have picked up on it.

Creaky · Apr 22, 2015

Found this on a tech forum - sounds like you may be lucky

All 500,000 victims of Cryptolocker can now recover files encrypted by the malware without paying a ransom.

The malicious program encrypted files on Windows computers and demanded a substantial fee before handing over the key to the scrambled files.

Thanks to security experts, an online portal has been created where victims can get the key for free.

The portal was created after security researchers grabbed a copy of Cryptolocker's database of victims.

"This time we basically got lucky," said Michael Sandee, principal analyst at Fox-IT - one of the security firms which helped tackle the cyber-crime group behind Cryptolocker.

Now, security firms Fox-IT and FireEye - which aided the effort to shut down the Gameover Zeus group - have created a portal, called Decrypt Cryptolocker, via which any of the 500,000 victims can find out the key to unlock their files.

"All they have to do is submit a file that's been encrypted from that we can figure out which encryption key was used," said Greg Day, chief technology officer at FireEye.

Mr Day said people wishing to use the portal - http://www.decryptcryptolocker.com/ - should submit a file that did not contain sensitive information to help it verify which key they needed.

http://www.bbc.com/news/technology-28661463

Creaky · Apr 22, 2015

Link to forum thread - http://mybroadband.co.za/vb/showthr...-CryptoLocker-ransomware-virus-on-my-computer

Tony Meolas Loan Spell · Apr 22, 2015

Wilko said:
I am getting really desperate as this is all my work.

TBH in all the years I have known you I dont think you have ever "worked" :thumbsup:

Wilko · Apr 22, 2015

Creaky said:
Found this on a tech forum - sounds like you may be lucky

Tried this but if I test a file on it, it says that that it is not encrypted.

Thank you for your help on this though, it is appreciated.

Cian · Apr 22, 2015

Dick Head said:
If you can get hold of and boot into a Linux live CD (I would recommend Puppy Linux) you should be able to save all your files to a flash drive/external drive.

Won't do anything, they've been encrypted.

Ditto System Restore - it doesn't restore files, just application and system data.

Assuming no backups, realistically your options are
1: Pay up
2: Wait for a security firm to figure out their encryption system, as has happened for some of the older scams
3: Lose the data

Wilko · Apr 22, 2015

Cian said:
Won't do anything, they've been encrypted.

Ditto System Restore - it doesn't restore files, just application and system data.

Assuming no backups, realistically your options are
1: Pay up
2: Wait for a security firm to figure out their encryption system, as has happened for some of the older scams
3: Lose the data

How do you know that if you pay up that they really will sort the problem??

Tom Hark Preston Park · Apr 22, 2015

Wilko said:
How do you know that if you pay up that they really will sort the problem??

General consensus from NSC EXPERTS seems to be that your problem has been identified as Cryptolocker. As such, as has been suggested above, there may well be solutions readily available on tinternet. At least give that option a spin on a sample file. Do NOT be daft and pay these people. How do you know they won't come back for 'seconds'?

If all else fails, try turning it off and on again.

Wilko · Apr 22, 2015

Tom Hark said:
General consensus from NSC EXPERTS seems to be that your problem has been identified as Cryptolocker. As such, as has been suggested above, there may well be solutions readily available on tinternet. At least give that option a spin on a sample file. Do NOT be daft and pay these people. How do you know they won't come back for 'seconds'?

If all else fails, try turning it off and on again.

No way do I want to part with my hard earned for these corrupt bast**rds. Did a test on the sample file and that does not work anyway!!

TomandJerry · Apr 22, 2015

Wilko said:
No way do I want to part with my hard earned for these corrupt bast**rds. Did a test on the sample file and that does not work anyway!!

Take legal action, or maybe threaten them with it

Cian · Apr 22, 2015

Wilko said:
How do you know that if you pay up that they really will sort the problem??

They actually generally do, or else word would get out that its not worth paying and the income would dry up.

TomandJerry said:
Take legal action, or maybe threaten them with it

Russian criminals are going to be really scared with a threat of civil action in the UK...

TomandJerry · Apr 22, 2015

Cian said:
They actually generally do, or else word would get out that its not worth paying and the income would dry up.

Russian criminals are going to be really scared with a threat of civil action in the UK...

I thought they would be American since they are asking for usd?

Cian · Apr 22, 2015

TomandJerry said:
I thought they would be American since they are asking for usd?

Why would a Russian ask a foreigner to give them collapsing in value local currency?

They're Russian, not American. There is nothing legal threats will do and nothing local law enforcement can do either.

Stumpy Tim · Apr 22, 2015

TomandJerry said:
I thought they would be American since they are asking for usd?

These things tend to be Russian

Wilko · Apr 22, 2015

Tom Hark said:
General consensus from NSC EXPERTS seems to be that your problem has been identified as Cryptolocker. As such, as has been suggested above, there may well be solutions readily available on tinternet. At least give that option a spin on a sample file. Do NOT be daft and pay these people. How do you know they won't come back for 'seconds'?

If all else fails, try turning it off and on again.

No way do I want to part with my hard earned for these corrupt bast**rds. Did a test on the sample file and that does not work anyway!!

Tom Hark Preston Park · Apr 22, 2015

Wilko said:
No way do I want to part with my hard earned for these corrupt bast**rds. Did a test on the sample file and that does not work anyway!!

Sounds like you're going through the correct process. Though would strongly recommend you do NOT pay them a penny ever. Apart from anything else, if they're smart enough to encrypt your files and try to charge you for un-encrypting them, then they're almost certainly smart enough to capture your bank details if you're daft enough to pay them off. Losing the files would appear to be the far lesser of two evils no?

ThePompousPaladin · Apr 22, 2015

Triggaaar said:
Do you have a backup of these documents? You should, and if you haven't, try and learn from this and make sure you get one from now on (you need a backup for when your hard drive fails, not just for viruses). That doesn't mean you can't fix the problem though.

Just to add to this, the hard disk is a machine and *will* fail at some point, also there is the consideration of fire and theft. It's good practice to have a backup onsite and offsite.
Easiest is a portable hard drive at home (relatively cheap), you can get some software to do this automatically for you and also some cloud storage (again free or cheap).

Best of luck to the OP, i think a solution to this will be found.

If the OP is still struggling i have a contact with licenses to a forensic software package - encase. Used by the police etc...
https://www.guidancesoftware.com/

He *might* be able to retrieve some of your files or parts of from the 'free space' on your disk. It will be time consuming and he will charge though, message me if you need this service.

Westdene Seagull · Apr 22, 2015

TomandJerry said:
I thought they would be American since they are asking for usd?

And you don't think Russian mobsters would want USD ? This encryption scam has been around in various guises for a while. I'd be interested where you suggest [MENTION=1022]Wilko[/MENTION] sends the court papers ?

happypig · Apr 22, 2015

[MENTION=1022]Wilko[/MENTION], If you want to send me a corrupted file, I'll have a look at it and see what's in it etc (no charge). PM me if you want me to help.

Got something to say or just want fewer pesky ads? Join us... 😊

Desperate help needed from PC experts

3-0

Well-known member

Well-known member

Well-known member

Slut Faced Whores

LUZZING chairs about

Well-known member

LUZZING chairs about

Will Post For Cash

LUZZING chairs about

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

LUZZING chairs about

Will Post For Cash

New member

aka Cap'n Carl Firecrotch

Staring at the rude boys

Share this page