| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 143754 | 2017-04-02 05:09:00 | Ransomware questions | Tony (4941) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1433666 | 2017-04-02 23:16:00 | The chances of decrypting any of the newer ransomware attacks is zero. Long gone are the days when you could download the encryption key. Things have moved on , the hackers have learnt are are well past that now. There is ZERO chance of someone just being able to magically fix this for you, unless it was one of the very early types of ransomware (thats unlikely) If the data is that important, pay the ransom & hope you get the unlock key .(I wouldnt) |
1101 (13337) | ||
| 1433667 | 2017-04-02 23:24:00 | Get one of the bootable AV ISO's from Kaspersky, or AVG. It may do something | Speedy Gonzales (78) | ||
| 1433668 | 2017-04-03 01:53:00 | If the data is that important, pay the ransom & hope you get the unlock key .(I wouldnt)Well I wouldn't either, but I have good backups. This man apparently has nothing so stands to lose a whole bunch of important/sentimental stuff. I guess it is going to come down to whether he thinks it is worth paying $1000 to get it all back. |
Tony (4941) | ||
| 1433669 | 2017-04-03 03:01:00 | Well I wouldn't either, but I have good backups. This man apparently has nothing so stands to lose a whole bunch of important/sentimental stuff. I guess it is going to come down to whether he thinks it is worth paying $1000 to get it all back. ..and dealing with hackers/crims , who wont be accepting a cheque :) possibly have to pay in bitcoins , or some ru payment method. Cant imagine they will take CC , as thats too easy to get reversed Sometimes the longer you wait, the more the price goes up. Wait too long & could even be too late , if the crim goes into hiding, gets caught/shut down or moves onto new scams . Also , allways the chance that trying to clean up(AV program) could remove the means the hacker uses to decrypt ? |
1101 (13337) | ||
| 1433670 | 2017-04-03 03:12:00 | ..and dealing with hackers/crims , who wont be accepting a cheque :) possibly have to pay in bitcoins , or some ru payment method. Cant imagine they will take CC , as thats too easy to get reversed Sometimes the longer you wait, the more the price goes up. Wait too long & could even be too late , if the crim goes into hiding, gets caught/shut down or moves onto new scams . Also , always the chance that trying to clean up(AV program) could remove the means the hacker uses to decrypt ?Bitcoin is what they want, and apparently they supply detailed instructions on how to do it - clearly they recognise the importance of making it easy to do business with them. :annoyed: I've also been concerned about there being a time limit on how long he can put it off before the whole disk just gets trashed, but unfortunately I'm two degrees removed from it all and can only offer advice from the sidelines. |
Tony (4941) | ||
| 1433671 | 2017-04-03 03:14:00 | Did you try what I posted?? | Speedy Gonzales (78) | ||
| 1433672 | 2017-04-03 03:29:00 | Did you try what I posted??I haven't tried anything. As I've said I'm not directly involved (and am also nowhere near the victim) and can only pass the advice here onto my friend. I have no knowledge of what exactly the form of the threat is. I have only been told it is "ransomware". I've sent her a link to the thread and told her to keep checking back. | Tony (4941) | ||
| 1433673 | 2017-04-03 04:51:00 | I haven't tried anything. As I've said I'm not directly involved (and am also nowhere near the victim) and can only pass the advice here onto my friend. I have no knowledge of what exactly the form of the threat is. I have only been told it is "ransomware". I've sent her a link to the thread and told her to keep checking back. The best advice for now is turn off the PC & leave it turned off. Make a plan of attack, decide what they are going to do , dont keep using the PC . If they have used CC online or online banking since infection , contact the bank . Consider resetting any online passwords (just in case) If they have dropbox, then they have some options. more info here www.bleepingcomputer.com www.bleepingcomputer.com |
1101 (13337) | ||
| 1433674 | 2017-04-03 07:19:00 | I've just spoken to my friend and it sounds like there is some good news. Our victim has found someone in Morrinsville to tackle the problem and at the time of writing a bunch of files have been recovered and it looks likely that most if not all of them will be recovered. I've asked her to find out what the "brand" of ransomware is and whether it all gets sucessfully resolved. |
Tony (4941) | ||
| 1433675 | 2017-04-03 08:30:00 | Used to live not far from there going towards Te Aroha a few yrs ago now | Speedy Gonzales (78) | ||
| 1 2 3 4 5 6 7 | |||||