File: laughatyou.png (347 KB, 705x500) Image search: [Google]

347 KB, 705x500

>>51643257

>>51643257
keep hard drive unplugged and wait for someone to find a vulnerability in the encryption

btw, you are dumb as fuck to have XP, get a good antivirus next time

Huh? Why don't you just wipe it and restore your most recent offline backup?

>>51643257
Pay the ransom dumbass.
There is no way to get it back.

>>51643257
that's inconvenient. Well, I guess you'll have to wipe your drive, reinstall, and restore your data from your backups.

You actually need to pay the ransom here if you want the files back.

I've read about shit ransomware that does it wrong and you never get the files back, too.

Wait, what am I saying?

You DID make backups of your important data, right OP?

>>51643286
this...
I've taken some of that shit off with malwarebytes (externally with drive plugged into another machine)
devolopers of this virus may have realized this vulnerability by now however...
perhaps loading a restore point from XP install media??

>>51643257
Supposedly, from what I have read in posts from other people who have been victims of this, the amount required to get the decryption key is typically $500; and if you don't reply within like 5 or 7 days, the hackers raise the amount to $1,000. And, possibly, if you don't reply within a week (or some similar amount of time), you may completely lose the opportunity to even possibly pay for the decryption key, as they claim that it will be destroyed, if you don't pay the ransom within a week or so.

I have been reading about this ransomware for several hours a day over the past few days and it seems like this is no joke and that there is literally no known way to decrypt the encryption that these hackers use to encrypt your photos/files and make them inaccessible to you. Apparently, the FBI knows about this type of ransomware hacking/virus and they are currently literally unable to decrypt/break the encryption that these hackers use. And the hackers ask you to contact them through the tor-browser, which is apparently close to untraceable, so they are pretty much unable to be found and the hackers can actually communicate with you about this openly without having to worry about being traced. One person who was hacked even mentioned that he contacted some sort of support chat/help for the hackers through tor-browser and was able to negotiate the price back down to $500, after waiting too long and the decryption key ransom went up to $1,000.

According to the message that is visible on my computer's desktop background right now as I'm typing this, the encryption that is used by these hackers is RSA-2048 and they even include a link to the Wikipedia page for this type of encryption in the information. So, it seems as though this hacking and encryption is state of the art and, at this time, has no known way of being decrypted/broken without having the decryption key that is created by the hackers

Continued....

lmao, that's what you get for using xp

>>51643257
All your files are gone .You should have kept backups . There is no excuse .

File: YZ8xlel.png (430 KB, 610x520) Image search: [Google]

430 KB, 610x520

>>51643337

rekt

Most likely fucked. Back things up next time to an external source and get off Windows XP! I heard stories of people receiving their key after paying the ransom, but you never know. In most cases, its easiest to wipe the drive and restore a backup. A backup which you don't have... Sorry to see this happen! Best of luck.

Get off fucking Windows XP. Seriously. Install some lightweight Linux distro if your hardware is ancient. Just get off XP.

File: 4Dia.png (76 KB, 1152x648) Image search: [Google]

76 KB, 1152x648

>>51643257
>>not backing up
>>you kekerfuck
>>Literally 1 copy paste would have saved you.
>>^ happens with xp
>>^ happens with windows
>>^ happens when not backing up
just leave /g/ and go buy a mac.

How do people even get this? I know an apparently really smart guy who works in an OS research lab who got this. You'd think people like that would be smart enough to avoid getting viruses.

>>51643408
>go buy a mac
They are getting hit by this now as well.
There was even a linux based one that targeted servers that had some outdated web server software.

>>51643257

Can you at least tell us how you fucked up?

Like how did you even get it in the first place? What were you doing, downloading, running, websites etc?

>>51643415
they don't run ad blockers. then they click on ads.
I was astonished anyone falls for it, too

>>51643257
Pay up, no other way.

>>51643257
>Using Tor
>Using dinosaur operating systems
>edgy trendy deep WEB

All I have to say is wow

Nevermind that you didn't have backups before. You're saying you didn't back up after that initial virus scare? Come on OP.

>>51643257
>>51643351
After reading lots of posts about this on various sites, some people have posted about paying the ransom (typically, the $500) and getting the decryption key and then being able to view/access their files again; but someone else pointed out that these posts could have been made by the hackers; and, to my knowledge, no one has actually credibly confirmed that paying the hackers the ransom will guarantee that you will get the decryption key or regain you access to your files. And some people have mentioned that they did actually pay the ransom, but did not get the key/did not actually regain access to their files. Not that I have $500 to pay the ransom right now; but I would like to know what the reality of the situation is and also inform myself about this as much as possible.

For the time being, I am in the process of moving the files from my computer's 1TB hard drive (over 900GB in total) over to an external HD, with the intention of reformatting my hard drive and at least being able to use my computer again. And as someone mentioned in some post on some forum that I read through, the hope is that a decryption key/method will eventually be discovered and that the people who have been victims of this ransomware will then be able to decrypt the encryption and have access to their files again, since they will have saved the encrypted files on an external hard drive (which is what I'm in the process if doing) and be able to access them later.

Also, I recall reading somewhere that, apparently, a server (or something like that) that was used by some "ransomware" hackers had been seized by the government and that a bunch of decryption keys were discovered, so I have been planning on submitting one of my encrypted files to that site to check the decryption keys that were seized and seeing if they might have one that will decrypt my files. However, I've been focused on moving the 900GB of files off of my PC's hard drive for the past few days.

>>51643502
>And as someone mentioned in some post on some forum that I read through, the hope is that a decryption key/method will eventually be discovered and that the people who have been victims of this ransomware will then be able to decrypt the encryption and have access to their files again, since they will have saved the encrypted files on an external hard drive (which is what I'm in the process if doing) and be able to access them later.

This is never happening.

>>51643502
At this point, you may want to consider getting help from a friend with a spare powerful computer to start your decryption.

If you're lucky as fuck, call the NSA, they'd gladly do it for free.

>>51643257
you can try this but no guarantee itll work (program is toward the middle of the page)

http://blogs.cisco.com/security/talos/teslacrypt

>>51643522
Yeah call the mormons, they'll help.

>>51643257
>>51643351
>>51643502
And in case anyone is curious, this is what the message being displayed on my desktop is right now:

"What happened to your files ?
All of your files were protected by a strong encryption with RSA-2048.
More information about the encryption keys using RSA-2048 can be found here: http://en.wikipedia.org/wiki/RSA_(cryptosystem)


What does this mean ?
This means that the structure and data within your files have been irrevocably changed, you will not be able to work with them, read them or see them,
it is the same thing as losing them forever, but with our help, you can restore them.


How did this happen ?
Especially for you, on our server was generated the secret key pair RSA-2048 - public and private.
All your files were encrypted with the public key, which has been transferred to your computer via the Internet.
Decrypting of your files is only possible with the help of the private key and decrypt program, which is on our secret server.


What do I do ?
Alas, if you do not take the necessary measures for the specified time then the conditions for obtaining the private key will be changed.
If you really value your data, then we suggest you do not waste valuable time searching for other solutions because they do not exist.


For more specific instructions, please visit your personal home page, there are a few different addresses pointing to your page below:"


> OK, OP here again:

And after that, there are some specific personalized links that I am supposed to go to, to be able to communicate with the hackers about the ransom that needs to be paid to be able to obtain the decryption key. As I mentioned, I do not have $500 to even be able to consider paying the ransom, even if I wanted to, so I have not even tried accessing any of these links.

DBAN your hard drive and start over

How do you stop stuff like this from encrypting your files?

>>51643257
>>51643351
>>51643502
>>51643550
And before coming in here to post this, I actually noticed a thread on another site where I also posted about this issue, that appears to be about what I believe is this exact ransomware hacking issue, so I'm going to also go post in that thread and see if I might be able to learn more about this and, hopefully, find out if there is a way to regain access to my files without having to risk paying the hackers the ransom they are asking for.

If someone has any ideas, suggestions or advice about this issue, or might be able to help me (and the many other victims of this awful hacking problem), please do help!!

And if you want to read up on this ransomware hacking stuff, just go to Google and search for "All of your files were protected by a strong encryption with RSA-2048" or even just "RSA-2048 encyption" and you will find several results with hundreds of posts by people who have dealt/are dealing with this extremely aggravating issue.

So how did you get this thing?
Why are you still using XP?

>>51643550
Here are your options
1) Restore from back up
2) Pay the ransom
3) Reformat, start from scratch and mark this down as a time you were an idiot for a. Not backing up and b. Using an old vulnerable operating system.

You aren't getting your files back for free.

>>51643463
TOR was put there by the hackers to contact them with

>>51643508
It's not impossible. If I remember right one flavor of ransomware did it's key setup badly and was therefore crackable once some security company discovered this.

you're correct that OP, already having demonstrated himself a fool by not having backups, would be an even bigger fool to count on getting bailed out by such a development.

Stop with the tldr shit and just tell us how you got it. And don't pretend like you don't know.

>>51643647
Furry porn downloads on XP. You do the math.

You can't save your files without paying up.

Restore the files from backup and then format.

You did back up, right? You know, your most important files.

>>51643257
>>51643351
>>51643502
>>51643550
>>51643575
Over the past few days, I have been moving files from my computer's hard drive and I have moved about 600GB so far.

Honestly, my main concern is/has been trying to save and decrypt the files on my hard drive that were encrypted, so that is what I've been trying to learn about and find out if doing is realistically possible at this time. And I most definitely do intend on removing the malware/ransomeware, and/or reformatting my hard drive, after I have moved all of my pictures and files over to my external hard drive; but I am currently focusing on trying to save and/or decrypt the pictures and files that were encrypted.

On that note, I am curious about a few things.

1.) As someone alluded to somewhere, am I possibly/likely going to complicate (or, maybe, prevent from actually being possible) the process of decrypting the files by moving them to anther hard drive? Or, if/when I get a decryption key, will I just need to run whatever decryption program that is/becomes available and use the appropriate decryption key on the hard drive with the encrypted files and then let it go through the decryption process on whatever hard drive the encrypted files are stored on at the time? Or, will the files possibly need to be in the exact same location on the hard drive that they were in when they were originally encrypted?

2.) Will doing a clean install of Windows and reformatting the hard drive assuredly get rid of any and all malware/ransomware/spyware/viruses on it?

3.) Is the hard drive the only thing that can get infected by this stuff? Or does it possibly also infect/get installed on the RAM or any other part of the internals of a computer? Basically, if I either reformat my hard drive or get a new/different hard drive, will that make sure that I am able to again use my computer safely/without any problems from the stuff that is currently on it from the ransomware/virus?

>>51643665
Just use DBAN you nigger

>>51643665
yeah faggot stop pussyfooting around the question, how did you get it?

Nice VM, OP

i wish you the best of luck, OP.

>>51643689
>>51643689

This, we're waiting OP

Faggot ass bitch you aint even real

>>51643257
> 2048 bit rsa

I'm sorry m8, but there's no way you're decrypting that without the key if it was done right.

As some others have mentioned, it's possible these are stupid hackers with bad software and it might be possible to work around, but don't hope for it.

If you can't pay the ransom and you don't have backups, then I'm sorry, you're never seeing those files again. Maybe in a couple decades when computing technology is way the hell more powerful you'll be able to get it cracked, but that will cost far more than $500.

At this point, your best hope is probably to just contact the hackers and try to negotiate the price to something you can afford. Maybe they'll be reasonable.

damn these people are legit

what the fuck did you do, op

you must've really pissed them off

>le windows xp is totally safe meme
top kek

>>51643665
You need the public key on the hard drive that the files are on. Not sure where to find it, I never use rsa on wangblows.

Step 1 : Download some encryption brute forcer thing
Step 2 : Let it run for like 30 years or some shit goddamn

>>51643823
he must have not upgraded to Common Sense 2016

I'm actually really curious, how did you get this?

And yeah, if it's actually 2048 bit rsa and you can't pay you're not getting those files back in this century.

I can't remember the specifics of it, but with rsa basically the computer takes 2 massive (in this case 2048-bit) prime numbers and multiplies them together to make a key, then something to do with (p-1)(q-1). It's been a while.

The point is, it's virtually impossible to brute-force the keypair or tear down the encryption without the private key.

>>51643257
>>51643351
>>51643502
>>51643550
>>51643575
>>51643665
OK, those 6 posts are posts that I had pre-written from the past few days, this is me currently writing. First off, yes, apparently, I'm a fucking moron for still using XP and for not using some sort of antivirus protection. I will admit that. However, I'd like to add that after reading comments from several people who were victims of this type of "ransomware" attack, it seems as though it can still realistically happen when using a new/more-secure OS and antivirus protection. One person commented that they had lost 3TB of files that were mostly photos of his young child, so this shit has happened to and fucked over lots of people; many whom were not nearly as foolish and irresponsible as myself.

With that stated, and me again admitting that I am a fucking idiot, does anyone have any potentially helpful information about how I might be able to decrypt/regain access to the files on my computer that were encrypted?

Btw, should I try to access those links included in the instructions that are shown on my desktop? Or could that possibly put me at risk for something else bad to happen to the machine that I am using to access the Internet and contact them on? And would it be safe to try to use the tor-browser to contact them?

Also, I am really fucking broke financially right now, with my cell phone getting shut off two days ago, because I have to worry about paying my rent, but I might have like $45 in a PayPal account that I could use, would it be worth it to try to contact the hackers though those links and see if they might be willing to give me the decryption key for $45?

>>51643843
> brute forcing rsa on a windows xp machine that probably is not very high-end

Try 30 millennia.

>actually getting ransomware one a home computer
This is what you get for not using Common Sense 2015 Edition.

>>51643889
>3TB of files that were mostly photos of his young child

what the fuck

>>51643925
Must have been a distributor.
>these all you kids sir?
>Yessir
>carry on
>heh heh stupid goy

File: are you sure what you're telling me is true.gif (1 MB, 245x164) Image search: [Google]

1 MB, 245x164

>Tl:dr: My computer has been hacked with "RANSOMWARE" and RSA-2048 Encryption and I am desperate for help finding a possible way to decrypt and save my files!!
>XP
>2015
I thought this only happened to Russians. Holy shit.

File: 1436410594196.png (134 KB, 791x795) Image search: [Google]

134 KB, 791x795

>3TB of files that were mostly photos of his young child

>>51643889
Have you looked into the Kaspersky Ransomware Decryptor

>>51643889
OK I'll keep this simple for you:

You can not and will not ever "crack" this encryption.

Do not give these cunts a single cent.

Wipe EVERYTHING and reinstall, use Linux if you're not married to windows, or at least use a supported version.

Learn from your mistake, use a cloud storage service or external drives to back up anything you consider important.

>>51643415

I used to wonder that, too. Then I was up at around 3am trying to hammer out a project (professional, not school). Something popped up and I clicked okay BAM infected with some shit.

I cleaned it off no problem, but Jesus fuck, that really opened my eyes. It wasn't anything like this ransomware, just normal trojan-ish >>DOWNLOAD<< button malware.

Anyway, I'm a bit more forgiving of others now.

BTW

>that time when you got the Anna Kournikova virus email
>it came from a coworker
>yeah, *that* guy

Dude was weird. He was in charge of receiving mail. I'd order stuff and have it sent to me at work. He'd always try to open it, claiming that he couldn't possibly know it wasn't work related. Except it didn't have the company's fucking name on it, just my name. Dude was a creep and everyone would race to catch him before he opened their mail. Also, he kept a photo of a pretty woman on his desk. I thought it was his daughter. Nope, turns out it's just a picture of a model he liked.

>>51643889
> talking them down from 500 to 45

If you're the goddamn king of negotiating maybe. I don't think these programs do the usual darknet market thing where you have to confirm that you received what you bought before it gives them the money.

That and you need to convert that 45 to bitcoins, so the number of the money you're offering will appear considerably less appealing.

I'm sorry, but if they did the encryption right than not even the nsa's computers can break it (I don't think.)

You'll have to look for vulnerabilities in the ransom ware program; it's possible there's a workaround, but this process sounds too simple to fuck up too badly.

>>51643889
cut your losses, you fucked up but you've learned a valuable lesson

I wouldn't bother trying to negotiate, someone has gone to the effort to completely fuck you over for money - I don't know why you think they would be nice and give you a discount, they will squeeze as much money from you as they can

>>51643502
>For the time being, I am in the process of moving the files from my computer's 1TB hard drive (over 900GB in total) over to an external HD

If you're doing this operation USING THE INFECTED COMPUTER then you're fucked. Any file writes are encrypted. You have to shut down the infected machine, attach the drive as a secondary drive on another machine, and try to copy the files off that way.

>>51643889
>does anyone have any potentially helpful information about how I might be able to decrypt/regain access to the files on my computer that were encrypted?
Unless you have friends in Area 51 or similar government blacksites with quantum computers, no, you will never break this encryption. It is not literally, but for all intents and purposes, impossible for you to do without a quantum computer.

Sorry.

>>51643984
this op
They're going to demand you pay up or else.
You better start sucking cocks to get that 500

>>51643953

This but minus the foolish Linux remark.

Uninstall flash entirely, disable scripts while browsing the internet casually through random websites. Don't download torrents or sketchy stuff.

File: Concetrationcamp+used+roll+picture+concetrationcamp+rolled+image+hey+thats+my+bike+_2266ba5d4d6647d354fced9b721712db.png (11 KB, 250x391) Image search: [Google]

11 KB, 250x391

>>51643889
>3TB of files that were mostly photos of his young child

Pretty sure they'd kek at your $45

Did you Google for ransomware decryption tools? There are a couple out there. Security researchers found flaws in many of the ransomware and released free tools.

>>51643257
>RSA2048
your crappy laptop would shit itself long before it managed to encrypt all your files with rsa.

>>51644088
this
They're bluffing OP.
Just click off the popup and go about your business.

File: download.png (35 KB, 600x600) Image search: [Google]

35 KB, 600x600

do it op

>>51643569
disable javascript

>>51643569

Disable Flash and Scripts.

>>51643257
>>51643351
>>51643502
>>51643550
>>51643575
>>51643665
OK, I have not thoroughly read any of the replies yet (just browsed in between my previous posts), but I am now going to read all of them. Hopefully, some of you are actually trying to be helpful and are not just talking shit and being insulting jackoffs.

Also, I did see a comment asking about how I got this on my computer and, from what I've read on other sites, it seems as though this type of ransomware/hack/virus/spyware/whatever-the-fuck-it's-called typically gets installed through a fake Java update request or when clicking on/opening a link in an e-mail. And I do recall seeing some sort of notice about Java having an available update recently, but I don't recall whether or not I actually clicked on it at all.

And, for the record, I recall reading somewhere that these hackers have been making around $36,000 per month from victims paying the ransom, so, this type of stuff is happening to lots of people, and not just to foolish fucking idiots like myself.

>>51643437
The ransomware out there that attacks macs, just puts a fake FBI pop on safari. It can be defeated by resetting safari, though force quit won't kill it apparently. While it is technically ransomware, it's nothing as bad as encrypting your whole HD.
As for Linux, from what I've read it's a flawed attack and there's free tools out there to fix it. Also, If you're running a web server and not keeping software updated you're an idiot.

https://noransom.kaspersky.com/

Dunno if this will help with your particular ransomware, OP, but this is pretty much the only thing I can think of.

>>51644161
>Hopefully, some of you are actually trying to be helpful and are not just talking shit and being insulting jackoffs.
Well, we certainly are talking shit and being insulting jackoffs, but the point remains the same. You weren't practicing good computer security. You apparently don't have backups - which would have bailed you out of this and made it merely an inconvenience. And, unless these particular malware authors implemented their crypto very, very badly (which is possible, but don't bet on it), then there is no way to get your files back without paying them for the key.

>And, for the record, I recall reading somewhere that these hackers have been making around $36,000 per month from victims paying the ransom, so, this type of stuff is happening to lots of people, and not just to foolish fucking idiots like myself.
you vastly underestimate the amount of foolish fucking idiots in the world.

>>51644161
what happens when you visit the pages listed?

Backup Lives Matter

>>51643630
He wouldn't have gotten a virus if he hadn't had Tor already, would he? :^)

does running your browser in a sandbox help prevent this?

i'm concerned about my parents rig but i don't know what all they need whitelisted so i can't do that easily

OP here, and since it was asked several times about how this may have happened to my computer, I will reiterate, from what I've read on other sites, it seems as though this type of ransomware/hack/virus/spyware/whatever-the-fuck-it's-called typically/often gets installed through a fake Java update request or when clicking on/opening a link in an e-mail. And while I don't recall clicking on anything even remotely suspicious in an e-mail lately, I do specifically recall seeing some sort of notice about Java having an available update recently, but I don't recall whether or not I actually clicked on it at all.

And I did download a few torrents over the past couple weeks (some movies; some seasons of TV shows; some music albums and songs; and, yes, some porn, but just some reasonable MILF stuff), but nothing sketchy/suspicious. However, I'm sure that could have caused/contributed to this happening.

As for the comments I read from guy with 3TB of photos of his kid, it was not phrased as though he was being secretive or doing some shady shit; it was more like, he had 3TB of photos of his 2 year-old son that he had taken for his family's memories over the first two years of his son's life. Basically, it was pretty fucked up that this guy and his family lost what were surely thousands of special photos of his son as a baby.

Also, I have been reading posts on bleepingcomputer . com and there seems to be some very knowledgeable people on there and lots of experiences and information about this ransomware stuff being shared, so it seems to be a valuable resource for potentially helpful information about my situation.

And, much thanks to those of you who posted links to sites with potentially-helpful information (assuming that they aren't going to infect my computer when I go there)! I have not checked them out yet, but I fully intend on doing so.

>>51644005
did it encrypt your other mapped drives and external hdd?

>>51644408
It should. Really the first thing you should do is give them an ad-blocker though. Remove flash if you can get away with that.

>>51643502
>After reading lots of posts about this on various sites, some people have posted about paying the ransom (typically, the $500) and getting the decryption key and then being able to view/access their files again; but someone else pointed out that these posts could have been made by the hackers; and, to my knowledge, no one has actually credibly confirmed that paying the hackers the ransom will guarantee that you will get the decryption key or regain you access to your files. And some people have mentioned that they did actually pay the ransom, but did not get the key/did not actually regain access to their files. Not that I have $500 to pay the ransom right now; but I would like to know what the reality of the situation is and also inform myself about this as much as possible.
99% of the time they will give you the key.

They lose money if they don't give you the key.

>gives key
>you tell other people that they will give key
>other people pay
>more money

>don't give key
>you tell other people they don't give key
>no one pays
>no money

It's not like they gain anything from not giving you the key.

>>51643522
>At this point, you may want to consider getting help from a friend with a spare powerful computer to start your decryption.
Yeah, since it'll take billions of years, better start as soon as possible, right?

>>51644015
>minus the foolish Linux remark.
Kill yourself

>>51643257
I'm going to reproduce that in GIMP and set it as my wallpaper.

>>51644482

yeah they've got an adblocker, flash and java is enabled though for the dumb shit they like to do

i'll see about sandboxing their browser and trying to create a whitelist with noscript, hopefully that will be enough

>>51644502
I heard quadrillions

File: 12316211_128995450799353_3704522157022376873_n.jpg (113 KB, 562x960) Image search: [Google]

113 KB, 562x960

>>51643257
>My computer has been hacked
no it has not been
you just hella dumb, nigga

>>51644245
I have not visited any of those pages yet. Too scared about what might happen to do so!

Also, this shit actually started over a week ago now, so, it may be too late to try to even contact them now. However, assuming that - as someone else mentioned - there is actually a customer service-type chat agent available to speak to through Tor (which I will have to try to download and figure out how to use), I could try to explain that I unplugged my computer from the Internet after it got the virus and was unable to access the Internet for a few days. It seems that these people do this professionally and want to make money, so it would seem to be reasonable and realistic that they might be willing to negotiate the price down lower, if an effort is made by a victim, as any amount of money is better than no money at all.

Also, I wanted to mention that not all of the files on my hard drive were encrypted. There are quite a few pictures (several thousand, actually) that were/are still viewable and accessible. Most of these pictures/files that were not encrypted seem to have been saved by being in a folder with a long name that was located inside another folder with a long name, which, seemingly, rendered the contents of the folder inaccessible because of there being too many characters.

And, I did unplug my computer from the Internet shortly after this happened, and have left it unplugged from the Internet while moving files from my computer's hard drover over to a 1TB external hard drive.

Also, this may seem to be stupid to ask, but I was curious if the folks in Anonymous might be willing to/already working on trying to help decrypt this ransomware stuff and help the victims of it?

The only thing that should be on your OS drive is the OS, hope you learn your lesson

>>51643257
You know what would've prevented this?
>installing gentoo


Gentoo: So Much More Than a Meme™

>>51644015
Yeah who needs privilege separation or modularity in there OS.

File: 1439437274152.jpg (174 KB, 750x1334) Image search: [Google]

174 KB, 750x1334

>>51643257
>I have literally over 500,000 photos on my 1TB hard drive (many of them, personal family photos taken myself)

You really had half a million personal photos?

You should have backed them up.
You know, hard drives fail more often than any other computer component? Even if you didn't get virused, that hard drive would have died eventually.

They must not have been that important to you if you didn't back them up.

You should just wipe the drive and reinstall your operating system.

>>51644531
I don't see why anyone should help you if you aren't willing to fork over financial rewards to deal with your specific situation that you bought upon yourself. Helping victims in general is one thing, but you in singular instance is a whole other thing.

>>51644531
If you can talk to them on TOR, tell them that your last backup was a month ago, and while you would like to have your files decrypted, it's not worth 500 to you, since you have a relatively recent backup. See if they will take a low offer.

There is no reason to use Windows XP. Linux doesn't cost any money and it is infinitely safer.

Also backups are not just a meme, you need them for everything you don't want to lose.

>>51644493
>99% of the time they will give you the key.
This is assuming that the people running the ransomware are still operating. They could have been busted, or nearly busted and had to abandon, or simply stopped and are living on a tropical beach.
If they were actually busted though chances are the police released the encryption codes.

File: chattysex.png (41 KB, 500x669) Image search: [Google]

41 KB, 500x669

>>51643257
This is why you always back up your data, op.

You had to learn the hard way.

Sorry.

In the future ALWAYS BACK UP YOUR DATA!

>>51644503

you ferst, goy

>>51644531
as for anonymous, you could try. Check anonops.com. If you're familiar with IRC that's your best bet. But there's gonna be a lot of script kiddos there too. Actually if you're familiar with IRC, try ##security on freenode.

>>51644493
It's a matter of getting more money or making a bit less, although I don't see why they need to drop their prices as it's the victim who's on the true losing end of things, and the hacker's investment is minuscule for holding those files ransom.

Hell, he can always sell the sensitive credit card and personal info for pennies per entry to gain additional revenue from all of this.

File: dog-riding-a-dolphin.jpg (185 KB, 690x388) Image search: [Google]

185 KB, 690x388

>>51644424
>and, yes, some porn

Dirty birdie

OK OP
What you can do is check whether or not the files are truly encrypted by opening them anyway and ignoring the .ccc extension
Else check anti crypto ware software
If all files Unplug that drive and wait for quantum decryptors in like 30 years or so God damn

op how old are you, like 60? try HitmanPro.Kickstart or something and not being a retard. what is the boot up process like? does it seem normal until you get to the desktop? does it appear normal then "flash" back to locked?

>>51644625
holy kek that filename

>>51644531
Journalist?

>>51644531
I don't know what the retards here have been feeding you, but you CAN NOT CRACK RSA. It's currently the most widespread, secure encryption scheme for a reason. I suggest you actually read the wikipedia article like the message suggests. It relies on the fact that there exists no efficient algorithm for factoring products of gigantic prime numbers. It would take ungodly amounts of time to try to find the private key. Cracking it will have to be the work of some genius mathematician, not a bunch of script kiddies at Anonymous or whatever desperate shit you're clinging to.

>>51644598
>sex with a robot

>>51643257
My Macbook Pro doesn't have this problem :^)

>have several thousand important photos and files on hard drive
>nah bro i dont need backups im good

There is only one person to blame for this.

>>51643257
This is why you're told to not use operating systems and internet-facing programs missing years of critical security patches
This is why you're told to make proper, sane backups

Only people who deserve it get hit with shit like this

>Storing important data on your PC

What the fuck are you doing?

>>51643257
Nuke from orbit, no part of that computer can ever be trusted ever again.

It's all gone. Let go.

>>51644680
I'm trying to reply to more posts and give info., but this old laptop I'm using keeps freezing up.

FYI, I have not had my desktop turned on in a couple days, but, it has actually turned on and worked properly since this shit started about a week ago. Originally, I just thought that some sort of spyware had been installed on my PC, as I first realized that something was wrong when trying to access my Wells Fargo checking account balance on their website and I was not able to log in like I normally would. Instead, a page showed up indicating that my "account is temporarily locked" and asked me for my SSN and e-mail address. So, I called Wells Fargo and they said that there was nothing indicating this on their end, so I assumed that it was spyware or some shit like that. Then a day or two later, I had the same issue with my eBay account, getting a message about my account being "temporarily locked" and the wording was exactly the same as it was on the Wells Fargo page, so that made me really worry.

Then (and I really don't recall exactly what it was that got my attention), I think I must have noticed that some of thumbnails for the files on my hard drive were not displaying properly and I noticed the .ccc had been added to the end of the filenames, and I also noticed some newly-created Notepad files on my C: Drive, and also in my 'My Documents' folder, that were named as some sort of "Recovery" file, and I began to worry some more.

Then, I tried to download and install Malwarebytes, but my computer would not actually 'Run' the program, and I worried some more.

Then, I think it was after restarting my computer a couple times, I noticed the HOWTO_RESTORE folders on my desktop and that my background image had actually changed, and I began to seriously stress and worry even more.

Then, I Googled "All of your files were protected by a strong encryption with RSA-2048" and I began to panic a little.

And, here I am now, asking an hoping for some sort of help.

>>51643294
>LOOK AT ME LOOK AT ME

Why don't you just upload your pics to Facebook like everyone else, senpai

>>51644907
just pay up and chalk it up to a life lesson.

>>51644907
I'd try to run these two programs, maybe the encryption is not properly implemented.

http://www.bitdefender.com/support/how-to-create-a-bitdefender-rescue-cd-627.html

http://www.sysresccd.org/Download

>>51644907
You're fucked dude.
You either pay or you never see the files again.

These are your options.

>>51644907
And subject yourself to a very public humiliation. I would think that you would have the common sense to limit your exposure after having set this plague upon yourself, OP.

As much as I would like to call you out for being a faggot, I will still reiterate that you really shouldn't even attempt to use that XP box. For that matter, you should consider all of your connected phones and other computers as suspect, if not your router. Malware is likely to spread on any device that's connected to your local network, and you should be prepared to assume the worst possible case and reformat everything on your network after salvaging whatever you can.

>>51643955
>he kept a photo of a pretty woman on his desk. I thought it was his daughter. Nope, turns out it's just a picture of a model he liked.
The hero we deserve.

>>51643985
wtf no, the file writes remain encrypted even then because he's copying files that are already themselves encrypted

File: FB-coldstorageservers.jpg (99 KB, 720x540) Image search: [Google]

99 KB, 720x540

>>51644938
>Why don't you just upload your pics to Facebook

It's actually the best backup you could possible have for pictures.

http://arstechnica.co.uk/information-technology/2015/11/to-go-green-facebook-puts-petabytes-of-cat-pics-on-ice-and-likes-windfarming/

>>51644015
>Don't download torrents
What. What does torrent protocol/file has to do with any of this?

>>51644531
Have you tried Winrar?????
i always use it when a file cant be open.

>2015
>Not keeping all your important/sentimental files on an external hard drive/thumb drive

Serves you right.

In any case OP, you're boned. Either you pony up the dosh and hope that it's not a scam (which it likely is, considering that there is absolutely no reason to give you anything once they have what they want), or bite the bullet and do a complete format.

>>51643257
format
reinstall
restore from backups
don't be a fucking retard this time
no backups? fork over your shekels and hope the ransomware authors play nice

>I backup my waifu pics
>I love my waifu more than OP loves his family

Every time someone mentions getting these, they never disclose how they got it. I can't recall the last time I ran into malware since my kid sister downloaded Limewire in 2000.

Radio lab did a podcast about this, some lady had the ransomeware virus and she gave in eventually.

[Radiolab] Darkode => http://feeds.wnyc.org/~r/radiolab/~5/5nZ_xvpQB2k/radiolab_podcast15darkode.mp3

You dumb fuck. They won't be oblidged to resore your files even if you pay up. Wipe your drive and install Win10. Let go of the past and your photos.

>>51645023
They do have a reason to decrypt your stuff once you pay, because if ransomware didn't give back your stuff after you pay, there would be no incentive for future victims to pay.

>>51644873
where the fuck else do you store data

>>51644937
shut up faggot

>>51645093
Somewhere it wont get locked up by shitty ransomware.

>>51645093
On magnetic tapes

>>51645076
What do they send future victims a list of past victims that did pay to show their word is good?

>>51645093
In the clouds dumdum. That way the worst thing that could happen is that everybody has your data rather than nobody.

>>51645069
>They won't be oblidged to resore your files even if you pay up.
Of course not. They're criminals.

That being said, they do release the private key when paid, assuming you do it correctly and their systems aren't down. It's all automated. It's how they make money, so why would they risk their business reputation over not releasing the private key for some random moron?

obviously the answer is to call the cops.
never negotiate with terrorists, /g/.

>>51645117
>What do they send future victims a list of past victims that did pay to show their word is good?
Nah it's all in the news. There was a police station compromised by CryptoWall a while back that paid up and obtained the encryption key.

>>51644570
>have a local backup and offsite backup
>still paranoid I'll lose it all.

>>51645014
This post is hilarious jim, do you mind if I save it?

>>51645057
>kid sister
Jesus, I havent heard someone say this since some show on cartoon network or something.

anyone know what character used to say this

>>51645126
>business reputation
You're right but it's terrible.

Business that relies solely on reputation and blackmail

>>51645117
that's worse for some people. might as well just back everything up to an hdd and keep it in a safe for a few years then replace, while doing periodic backups to keep it up to date

>>51645150
Somebody should release ransom ware out into the wild that looks legit but actually will never give back your data.

Thus ruining the rep of the ransomware criminals.

>>51643257
kek
you're never getting your shit back now
they probably have seen this thread

>>51645164
Most people are lazy and do not even remember what they upload to facebook.

>>51645057
Yeah, apparently, everyone, except for me, seeing as I specifically mentioned how I think I may have gotten it twice, here >>51644161 and here >>51644424

Also, to respond to the many comments about backups, for the record, I did have copies of many of my photos on various external hard drives, but I also had a folder on my computer that was specifically for pictures from my phones and digital cameras and it was collectively 200GB-300GB in size (with tens of thousands of pictures in it) by the time I thought about moving it over to an external HD, and I don't always have an external HD with that much space available on it. So, I would put off moving the pictures and then continue to take pictures with my phones and digital cameras, adding them to my photos folder and accumulating more photos.

Also, when you have a folder with dozens/hundreds of other folders in it, with thousands of photos in them, it's not always simple/convenient tom move all of them in one effort. The files names (in XP, anyway) will sometimes be too long for the OS to move and it will stop the process of moving the files. And, yes, this has happened to me many times; including while trying to move folders off of my hard drive this week after this problem occurred.

And, yes, I regret not moving all of my photos to an external HD and/or making copies of them. I don't need to hear these belittling comments from people who want to kick someone while they're down. I fucked up, I'm likely paying a high price for my mistake, and it seriously fucking sucks. Why the fuck do some of you want to go out of your way and take the time to post rude/smartass comments that are pointless and have already been mentioned multiple times? Why do that? Just to be a fucking piece of shit asshole? If so, fuck you. Please go be a fucking piece of shit in some other thread.

Seriously, why aren't there more people who are willing to try to help someone else, just for the sake of trying to help?

>pay the ransom
seriously?
why would they give you the key anyways no matter how much you paid?
What do you even have on that drive that is so important?

>>51645201
You use Windows fucking XP with NTFS as your extremely high value backup system. How do you not deserve to be kicked while you're down?

>The current year
>Saving photos digitally
>Not taking your photos using film and developing them in a dark room

>>51645201
What more are you expecting from this thread than kicking at this point?
It has been made clear 10 times over that you can't break the encryption.

You have 2 options:
You either pay these guys and hope to god that they actually deliver or you suck it up and dban the laptop.

Encryptions are called just that for a reason. No average joe should be able to break them.

Tl;dr you are a massive faggot

>>51645201
This isn't a tech support site, don't automatically expect that people will solve your problems which are not even legit hardware or software malfunctions but user's fault.

Everything here is anonymous but public, so others may see how terrible it is to fuck up everything due to ignorance and it might teach them a lesson without making them experience the same thing first. So it is helpful, but maybe not to you. You too should listen to that in the future, though.

>cheese pizza eating faggot blown the fuck out

Topkek, kill yourself OP.

>>51645235
It's like I'm really on /p/

>>51643257
My cousin had that thing and we were not able to recover the files. The funny thing is, that it wants you to go into the tor network and pay some money, but the problem is that the nodes are offline. So, you can't pay to recover the files and the files itself are completely destroyed this way. Some files should still work, like mp3 (but don't try to play them because you player is infected, but you can back them up and play them on another pc).

Sorry for you OP but everything else is gone for good. Next time you should not search for keygens or serials ;)

>>51645201
Being a piece of shit is a very effective learning aid. You're not getting further help because nobody here knows how to break ransomware.

Never save important things on your main computer, or if you do, backup backup backup. I'm very surprised a photographer who should know the importance of data backups got himself in this situation and you clearly state your own laziness is to blame.

My advice? Fuck it and move on. Lesson learned.

If the files are that important pay the ransom or go to the police. I doubt the police can do much though, this happens to entire companies and they still can't do shit about that.

>>51643351
Before I forget it, the virus is called cryptowall and SOME older versions of this beast can be decrypted. Search for cryptowall remover.

>>51645201
>Seriously, why aren't there more people who are willing to try to help someone else, just for the sake of trying to help?
This is 4chan. Also, you ignored all of the 'rules' for preserving your data. Take this as a lesson: If your data does not exist in at least two separate locations, it does not exist.

Also, as some other anons mentioned, your only choice is to format and move on. You may get lucky with one of the kaspersky tools / forums but at this point you should treat this as hardware failure and move on.

Introducing files from a known infected computer to your running backups is asking for more trouble.

>>51645201

>Seriously, why aren't there more people who are willing to try to help someone else, just for the sake of trying to help?

Because we're not your own personal tech support. Most people around here have very little sympathy for anyone that doesn't have the common sense to take basic precautions against simple shit. Take the experience as a life lesson and move on. Your files are fucked brah.

>>51645276
Note: Older versions can only get decrypted because the police actually raided a server containing decryption codes, and packaged them into a remover.

>>51645201
Look OP, there's no magic bullet for this kind of thing. I'll tell you what I'd do if I was in that situation though.

1) Clone the infected HDD onto another.
2) Visit their website and try to haggle with this >>51644585 strategy.
3) If it fails, do my best to raise the money required for saving the files and pay the ransom as soon as possible.
4) If all that fails, I can't raise the money or they didn't give the key, dban the original hdd and make sure any other devices connected at the time of infection are safe
5) Backup the cloned HDD to the cloud or magnetic tapes or enterprise grade disks to endure the long 10+ year wait until RSA-2048 gets cracked or if I'm lucky, the private keys are seized and released

And that's all you can do. Any other endeavors are completely useless to you. Don't waste any more time worrying over this or wondering what to do.

I should also mention I would only follow the above steps if the files are extremely important to you, otherwise, if you can somehow let go, that'd probably be best.

>>51643843
wait 20 years.
get quantum computer.
decrypt.

think of it as a time capsule op.

>>51645378
This desu, unplug the drive and put it in a time capsule until we have the tech to decrypt.

>>51645378
>>51645394
Sounds like a good idea in theory but it's hard to even plug in an old hard drive now since they keep changing the plugs. I wonder if there's even any replaceable wires in home computers 20 years from now.

>>51643257
>most of the files on my 1TB hard drive (particularly, photos) are now encrypted
Bullshit most of the time.

It takes a lot of time to encrypt so much data, really a whole fucking lot. Few ransomware actually encrypt shit, they at best encrypt mere bytes from the header, which for most filetypes, especially JPEG, can be restored. Some others keep encrypting more the longer you keep your computer running.

Best course of action is to turn your computer off right fucking now and backup your encrypted drive to save as much as you can, and check how much encrypted files are "encrypted". Except it's been a week.

If you really need those files, and they really are encrypted, you have little choice right now other than to pay, if only they DO decrypt your data. After all, they are asking a hostage to pay for his own ransom. Other solutions include finding the people that did this, or storming NSA headquarters.

Backup your data next time. Storage costs keep going down, compression has gone a long way and gets more efficient the bigger the amount of data, so you literally have no fucking excuse.
Don't keep that backup permanently plugged to your computer either.

Couldn't someone spam encryption requests and fill up their server disk with useless keys?

>>51645481
no because you have to pay for every request

>>51645376
This seems like reasonable advice. Thanks for taking the time to post something in an effort to actually offer something helpful. I really appreciate the gesture!

1.) I have been in the process of moving the files from my computer's hard drive to an external hard drive for the past several days; but it's taking like 20-30 times as long to move as it normally takes (due to the spyware/virus/shit that is currently affecting my computer, presumably). I think there's still about 300GB of files on my PC's 1TB hard drive right now. Also, as I've mentioned, some of the folders encounter problems moving properly, as the folder/file names become too long and will cause the process to stop working. However, I am planning on continuing to do this and moving pretty much everything on my PC's hard drive and then reformatting it with a newer version of Windows (apparently, my desktop is older/not very powerful by today's standards, so it was recommended that I try Windows 7 32-bit).

2.) I am tempted to try to contact them through Tor (or via the other links being shown on my desktop background right now) to try to see if they might be willing to negotiate the ransom price, but I am legitimately scared/worried about what they might be able to hack/access on my computer (and maybe get my IP and find out personal information), so I have not even tried it yet.

3.) Coming up with anything close to $500 right now would be extremely difficult. I just moved in to a new place less than a month ago and I still owe the landlord $350 of the $700 security deposit, because I did not have enough cash to cover it.

4.) What does dban the hard drive mean? Just to reformat it with a clean install of Windows? And how can I try to make sure that other devices are safe from the infection?

5.) I don't know much/anything about doing reliable backups, other than to move the files to an external hard drive (which, right now, is a Toshiba 1TB portable HD that I got for $30 last week).

>51643257 Pay the ransom, or, wait for someone to solve the Riemann Hypothesis... That is literally your only option. Sorry that this has happened to you mate, but RSA is unbreakable. Like, unless you have the key, it would take 4,294,967,296 x 1.5 million years for a desktop computer to crack it (https://www.digicert.com/TimeTravel/math.htm).

At least you will have learned something useful from this, back up, frequently and often, maybe even automate it to back up to the cloud or something, use a newer OS, if you don't like the new Windows, i'm sure there is a linux OS that looks and feels similar to XP, and for god sake get a better antivirus...

>>51645434
This seems like reasonable advice, also. Thanks for taking the time to post something in an effort to actually offer something helpful. I really appreciate the gesture!

With regards to this suggestion:

> It takes a lot of time to encrypt so much data, really a whole fucking lot. Few ransomware actually encrypt shit, they at best encrypt mere bytes from the header, which for most filetypes, especially JPEG, can be restored"

- I was wondering about this myself and hoping that, maybe, the files were not actually encrypted as thoroughly as they are suggested to have been encrypted. However, how would I actually begin to try to find this out? Is there a way for me to test out if just "mere bytes from the files headers" were encrypted? And if so, how??

In response to this:

> Some others keep encrypting more the longer you keep your computer running. Best course of action is to turn your computer off right fucking now and backup your encrypted drive to save as much as you can, and check how much encrypted files are "encrypted". Except it's been a week."

- My computer has been turned off for about the last 48 hours or so; but it was turned on and left on overnight (with the cat5 cable unplugged) for like 3-4 days while I was moving folders/files from the computer's hard drive to the external hard drive. However, I was worried/curious about additional files being encrypted/corrupted while the computer was on during the process of moving them, but I have checked files on the computer's hard drive and the external hard drive and no further encryption appears to have been taking place.

So, could you offer me any information, ideas/suggestions, or advice about what I might be able to do to try to find out of it is just the file headers that have been encrypted or if it is legitimately encrypted with RSA-2048?

And, would you feel safe enough to actually try to contact them through the Tor link that is included on my infected computer?

>>51645541
no? what the anon was saying is, reverse engineer the malware and pretend like computers are being infected many many times
it does not cost anything to be infected, right?

>>51645560
1) You need to make sure you copy absolutely everything if you're doing it manually then, because I don't know where they keep the public encryption key, and you'll need that. I'd be more comfortable downloading some cloning software and doing it that way.

2) When you get TOR, make sure you go to the options or settings and disable flash and java. Do that and youll be fine, just don't download anything, obviously, from their website. Just do it asap.

3) Well, borrow some, maybe get some sort of night time job at a fast food place. Whatever can do it. Or haggle for more time if the ransomware people don't negotiate down to less money.

4) Dban is a great method of destroying data and formatting. Scan any and all other devices that were connected with malwarebytes first, run Comodo firewall on paranoid mode on any of the devices for a while. If they're phones and that sort of thing I wouldn't worry about them, but consider backing up their important contents to the cloud. You can get a terabyte or so of cloud storage free for a year if you look around and take advantage of trials.>>51645560

5) Ideally you'd want to find some sort of copy software, I'm not sure what you'd use to be completely honest. Maybe someone here can suggest something. But you should be okay manually doing it if you're thorough. I just would hate to save all the encrypted files and not have the public encryption key for a hope of getting into them.

that ransonware makes a copy of the file before encryption.

what you should have done was shutdown your PC when you got the msg as the ransonware was probably still working with the files

boot into a linux distro

backup files

>>51645560
1. This is good, though don't kill yourself over this, as the chance of you ever being able to decrypt your shit without getting the private key from the hackers is basically non-existant

2.
>get my IP and find out personal information
dude if they wanted to have full control of your computer at this point, they would already have it
them finding out your IP address is trivial, as they could easily have the ransomwhere phone home
however, knowing your IP address really means fuck all unless they want to try and get themselves in deep, far more traceable shit, for no real benefit
all they want is easy, anonymous (bitcoin) money

3. Then either attempt to haggle with them if your shit's really really important, or simply let it go

4. dban = darik's boot and nuke; a drive-wiping utility that you can boot from a CD

5. go do some reading on backups; a simple one is just to have files on an external hdd that you only connect when it's doing said backup (which is important, as if it were connected during a ransomware scenario it'd get encrypted too)

This thread is hilarious

>>51645434
>It takes a lot of time to encrypt so much data, really a whole fucking lot.
Yeah because it runs in the background for like half an hour and then shows you that shit was done. Meanwhile these half an hour we were watching youtubevideos. KEK the moment my friend got infected. He was searching for some bullshit, then some yellow-ish website popped up and he closed it. after that some obnoxious process started in the taskbar and we couldn't close it. We blamed it on windows and started watching youtubevideos. like 30 minutes later shit happened and I giggled like a faggot

>>51645744
>half an hour
You don't encrypt 1TB in the background in half an hour. It takes way more than that.

>>51645127
>2016
>cops
What, and get shot or withheld illegally?

>>51645755
Yeah was way less than one terabyte by my friend. Sorry I am another anon.

>>51645182
I think that would do more harm than the current ransomware, though. Plus it wouldn't have much of an economic incentive.

>>51645203
Read the thread. Of course they give you the key, their business's success depends on it.

>>51645773
Then it's understandable.

Which is why you need to shutdown your computer asap when shit happens, because it really hasn't encrypted shit when it claims it did.

>>51645792
>their business's success depends on it
It's not really like consumers would complain or anything, nor even that it would affect them.

>>51645803
people pay the ransom to get their files back. a majority of people who are infected research at least a bit for help. if it is known that your getting the key doesn't get the files back, no one would bother paying anymore.

>>51645803
Nah if there were lots of people reporting that paying their ransom never gave keys, a lot of people that might otherwise have been tempted to pay simply won't pay, and vice versa

>>51645803
It damages the revenue stream for all those involve in the extortion to not deliver on their words. That goes for make good on their threats and make good on their promises to 'customers'.

They are not idiot that are trying to burn bridges and wreak havoc for the lulz. They are trying to profit as efficiently as possible.

>>51645673
>>51645723
OK, I actually put my infected 1TB hard drive back in the desktop that it was in when it got infected last week (the hard drive had just been sitting by itself for the past 2-3 days, as I was trying to find old hard drives to use to at least access the Internet with my desktop) and the computer turned on and started up normally. I did this, so that I could clearly read the actual the Tor address and http website links, as I'm thinking about trying to contact someone about possibly paying something for the decryption key (a reduced rate, obviously, as I am a poorfag).

My questions is this: Will it be safe to try to access these links (either the Tor address or the http sites) on the old laptop I'm using right now? Is there any sort of danger or potential problems that I need to worry about?

Also, should I first try the http://gfshhf links or the Tor address? Or does it likely not make a difference? And are there any precautions I should take before/when trying to go to these links/sites?

And if I do use Tor, I will be sure to try to figure out how to disable/Flash and Java.

Any advice before I actually try to contact them?

Also, how the fuck can you buy BitCoins?? Can you purchase them with a PayPal account? And is the conversion rate/purchase price even money?

As always, sincere thanks to those of you kind enough to be offering genuine help!

>>51645837
>Also, should I first try the http://gfshhf links or the Tor address? Or does it likely not make a difference? And are there any precautions I should take before/when trying to go to these links/sites?
Use a condom

>>51645837
I already told you that your own wifi network shouldn't be trusted as your router and everything connected to it may be infected as well. I would err on extreme caution and reset the router and connect to the internet from a fresh network if I were you.

>>51645821
>>51645823
>>51645828
There are several people doing this. Many don't fucking bother giving the key. There are many such stories, not to mention people ending paying way more than what is required.

The thing quickly turns into a scam of "waaah there are unexpected costs please pay more", also "I'm stuck at the airport and I need a visa to enter the territory so I can give you the key and the cost is $800".
Once you got someone taking the decision to pay, he's well set on the road to extortion and will continue paying no matter what. Sunk cost etc.

>>51643257
Try this:
https://noransom.kaspersky.com

It’s a ransomware decryptor by the Netherlands’ police, it may help you.

>>51645837
I'd worry about what that one anon said, that your files may not all be entirely encrypted, so leaving the hdd on may eventually result in their full encryption. But if you let it sit for a while you may very well not have to worry about any partial encryption.

Accessing the links should be safe, but I'd use TOR just to err on the side of caution.

Have a game plan before you talk to them, you need to know what youre negotiating and what you have to work with, and any strategies you want to use prior. You'll probably only have one shot at negotiating with them. Like I said, if you can't get the price reduced for sure, negotiate for more time to raise the money.

Bitcoins you just download a bitcoin wallet, with a password, not on that old PC. You'll have a wallet ID. So you just buy them through any trusted BTC vendor you can find online, PP to BTC. The conversation rate will cost you, so you won't get $45 in BTC but a bit less. You give them your wallet ID and they send the BTC to you, then presumably you would send the BTC to the wallet ID of the ransomware people.

>>51643257
>tldr
Go to fucking reddit you kekold fuck

>>51645886
> I would err on extreme caution and reset the router and connect to the internet from a fresh network if I were you.

How would I do that? Just by turning off the modem/router for a few minutes and then turning it back on?


Also, with regards to the files possibly just having the headers encrypted and not having been thoroughly encrypted (as implied by the hacking info. on my computer), is that likely, since there were so many pictures and files on my 1TB hard drive that appear to have been encrypted? If I had to make a legitimate estimation, I would say that realistically may have been over 1 million photos saved on my hard drive, along with hundreds of saved Notepad document files and hundreds of videos, most of which seem/look to have been encrypted (have the .ccc added to the end of the filename and are no longer viewable/accessible).

Also, after checking out some of the encrypted files that are still on my computer's infected hard drive, the files that have the .ccc added to the filename are also showing as being a "CCC File" by Windows in the folders under 'Type.' And it appears that most/possibly all of the files that were affected/corrupted/encrypted were .jpeg files and .avi files, as there are still lots GIF Image files, Bitmap Image files, and .webm files that are still viewable/accessible and, evidently, were not encrypted.

And, I just remembered that I'd wanted to mention this after just now looking at the hard drive in my PC. I have a folder on my hard drive that the files from my Screenshot program are saved in and every file in that folder was encrypted and changed to a CCC FIle, but I took some screenshots while in the process of moving some of the folders to the external hard drive the other day and those screenshots are currently still viewable/evidently were not encrypted. Does this mean anything potentially helpful?

>>51643257
People use Windows XP in 2015?

File: Cevizli-Kek.jpg (42 KB, 450x337) Image search: [Google]

42 KB, 450x337

>>51646196
he plans to upgrade to 7

>>51643949
This

>>51643257
There is nothing you can do but pay up, sven.

>>51643257
1. Suck it up and accept that all your shit is lost.
2. Fomat ALL infected drives.
3. Reinstall OS and stuph.
4. Learn from this experience that you should make backups from now on.
5. End of story.

File: screen-shot-2015-05-21-at-10-02-16.png (272 KB, 770x439) Image search: [Google]

272 KB, 770x439

I can relate to you OP
I got a ransomware in form of aa game trainer ,but lucky for me all I had was games and movies ,so I gave a middle finger to the hackers.
I'm sorry for you but think about this,
You say you had thousands of photos in your hard drive .were you looking at them everyday?would you have noticed if one of them missing?its really not that important .so I would suggest you to not to give hackers what they want,and learn a big lesson from.
But that's just me

Different anon here. Aside from using common sense, are there any programs to prevent this from happening to me in the future? I'm currently using kaspersky premium (was free with 35$ mail in rebate) and it has a cryptowall blocker/preventer included. This (along with the other included software) should be sufficient yes? Kaspersky is one of the more trusted and reliable brands from what I can tell.

>>51643294
>Pay the ransom
>dumbass
Who's the real dumbass?

As for OP, say goodbye to your shit. And don't be fucking stupid and download random shit.

>>51646682
Thanks for the words of encouragement, anon! It's nice to see that not everyone on this site is a selfish, rude, classless piece of shit. And I understand what you mean about the perspective of these photos, but I am a very sentimental person, so I would really like to try to save/decrypt the photos, if at all possible. However, I am not realistically in a position to even consider paying the hackers $500 right now, so that is not a realistic option. But, if they might be willing to bargain and accept the $45 or so that I have in a friend's PayPal account, I have to be honest, I would be willing to consider that.

And I actually just got done submitting something to Kapersky support helpdesk and included several of the encrypted/infected files, so I'm hoping to hear back from them some time soon and, hopefully, learning something about the realistic possibility of decrypting these files.

By the way, I'm curious, when you got hit with this ransomware malware, did you make an effort to contact the hackers through Tor or some other way? If so, how did that go? What did they say during the communications? What price did they initially ask for? And did they offer to negotiate and lower it?

>>51646999
Linux

>>51647032
I didn't even try to contact them ,all I had was movies and games downloaded off of the internet.but from what I heard they're not down for negotiation,but might be different in your case

>>51647027
>Who's the real dumbass?
You for replying to the wrong person.

Don't negotiate with terrorists. Throw your computer in a skip and move on, see it as an opportunity to start fresh.

>>51647032
Do not negotiate with these people, come to terms with the loss of the photos. In future use backup solutions. If you talk to police/FBI they will tell you the same, may as well report it if you can be bothered.

>>51643257
Why don't normies into backups?

just think of this like your house burned down and all your photo albums and movie reels went up in smoke.

No, you are fucked, pay the man if you really absolutely need your thousands of amateur pictures you can't take with you to the grave anyways and be done with it you idiot.

>>51647187
Because muh iCloud already backups everything.

Until your iPad crashes, some retard at the "Genius" Bar says "it's okay, we'll just reset it to factory settings", and once reset, the iPad conveniently decided to sync with iCloud, by saying "hey, there's nothing on my drive, so please delete everything on the cloud storage seeing as nothing should be there".

And this is how my gf lost years of data thanks to glorious iCloud sync, and how I learned about how pants on head retarded iCloud sync is, and that Apple has no fucking backups of anything. Seriously what the fuck Apple.

Unless you have data that is absolutely important and the only copy of it like pics of a dead relative you loved very much or tons of work shit you have to hand in, don't pay the money. For every person that doesn't pay them money, the worse the ransom ware industry becomes. The best way to "get them back" is to not give them money at all and tell them to fuck themselves.

File: He+choose+the+wrong+train+to+attack+_b29f99c95c719311e3c262f8d921aa4d.png (64 KB, 252x200) Image search: [Google]

64 KB, 252x200

>>51645982
TL:DR stands for "Too long, didn't read" you retard

>>51643257
It's that latest version of Teslacrypt you got hit with. Unless you have a full backup of all your files you're fucked as they (troubleshooters) have yet to be able to decrypt these files as the .ccc extension is still new.

This is why I never take photos, who fucking cares.

Protip: ALWAYS BACK UP YOUR DATA

If OP had made a backup he could simply wipe his hard drive and restore it.

Yo OP how did you get the AIDS? Sharing IS caring.

>>51647383

umm I don't have spare 1tb storage units so do I go to the magical HDD tree and just pick one?

OK, I actually went to one of the http links and got to a page where it mentions that the ransom has been doubled to 1000USD and is offering me the option to buy BitCoins and send the payment to some BitCoint Wallet. It is also offering me the opportunity decrypt 1 file for free right now, to show that the decryption key is legitimate and will work to decrypt the encrypted files, if I make the ransome payment. Is there possibly any way to use this opportunity to decrypt the 1 file for free and then obtain any sort of beneficial information about the decrpytion key or process? If so, should I use the 1 free decryption now, or should I wait to try it later on? Or, is it possible/likely, if I don't use this opportunity to decrypt the 1 file for free, that I will lose this opportunity to decrypt 1 file for free?

Here is the message being displayed on the webpage right now:

> Your files are encrypted.
> You did not pay in time for decryption, that`s why the decryption price increases 2 times. At the moment, the cost of decrypting your files is 1000 USD. In case of failure to 09/12/15 your key will be deleted permanently and it will
> be impossible to decrypt your files.

> First connect IP:

> We give you the opportunity to decipher 1 file free of charge! You can make sure that the service really works and after payment for the CryptoWall program you can actually decrypt the files.
> Please select a file to decrypt and load it to the server
> Note: file should not be more than 512 kilobytes

Seriously, will someone more knowledgeable than me try to respond with a reasonable and helpful response??

>>51647435
Work at McDonalds for 4 hours and you'll have enough to buy one.

>>51647452
>"how do you expect me to make a bigmac? Just reach into the fryer and pull one out magically?"

>>51647444
There are also clickable icons for on the page for Refresh - Payment - FAQ - Decrypt 1 file for FREE - Support

> And after clicking on FAQ, it shows this:

Question: How can I decrypt my files after payment?
Answer: After payment, You can download the CryptoWall Decrypter from your personal page. We guarantee that all your files will be decrypted.

Question: What did I have to fill in form "Transaction ID"
Answer: Fill this form with bitcoin transaction address wich are you payed.
(example 44214efca56ef039386ddb929c40bf34f19a27c42f07f5cf3e2aa08114c4d1f2)

>Trash thread
>200+ replies

That virus wont just delete itself after removing and restarting the OS, it sticks to the hardware.

I suggest you get a new computer, and it'll also help you move on from windows 10.

>>51647514
>it sticks to the hardware
laughinggirls.jpg

>>51647497
welcome to /g/

File: watt.png (365 KB, 632x668) Image search: [Google]

365 KB, 632x668

>>51647514
>

What's the best OS level defense against cryptoware?

>>51647452

>just get a 2nd job and buy one!! ;))

nice advice there mate

>>51643889
>about how I might be able to decrypt/regain access to the files on my computer that were encrypted?
>2048 RSA
Try this:
https://noransom.kaspersky.com/

If it doesn't work, you're entirely fucked. It would take fucking Titan years, let alone anything you will ever have access to.

>>51647514

>it sticks to the hardware

I love this

>>51643257
You literaly have to run a exe file to get this. Common sense is not compatible with your hardware.

>>51647589
>I DONT KNOW WHAT A BIOS VIRUS IS

>>51647547
Windows 7 and NOD32/ESET

Combined with not being a retard.

>>51647613
Wouldn't you be able to easily remove a virus to your bios by simply clearing cmos values manually?

>>51647636
BIOS viruses (If they really exist) overwrite a part of the BIOS firmware itself, so no.

>>51647613

I don't, tell me more

Maybe this is an adnvantage of having a 250 GB SSD...I keep all of my stuff on my external HDD and back it up my Documents to it, daily.

>>51647636
>>51647656
>DOESN'T KNOW ABOUT THE HUGE SHIT THAT HAPPENED A FEW YEARS AGO WITH badBIOS

is this even the /g/ i used to browse? there's only technologically impaired people and disgusting weeabo mac shills now.

>>51647676
>badBIOS
It was never really proven to be real.

>>51647605
Please do, I want to see you fail.

>>51647605
Do you have a logo yet?

>>51647605
You can actually get tracked and sent to jail if you live in america.

>>51647605
torrents what else

>>51647605

>this post

heheh nothing personnel kid

>>51647605
Go to private trackers and upload tons of FLAC files for the virgins to download and implant the virus.

Best way to get quality data.

>>51647187
Because it costs money on extra drives or the backup service, and a little effort to set up.