Ransomware

jercra · May 11, 2014

Does he have backups of his important data? If so you can just boot to a windows CD (or Linux if you can't find a Windows disk) and format the drive and the computer will be fine. He'll also want to reset all of his passwords if he had any of them stored on the computer in the browser cache or PW programs. Also, tell your dad that you don't have to install anything to watch internet porn.

CaptainLaddie · May 11, 2014

He could remove the hard drive and plug it into a Mac or Linux system and recover his important data that way -- if it isn't already gone (because I'm sure these folks trying to get a ransom from him are honest and will happily hand his data right over).

Couperin47 · May 11, 2014

CaptainLaddie said:
He could remove the hard drive and plug it into a Mac or Linux system and recover his important data that way -- if it isn't already gone (because I'm sure these folks trying to get a ransom from him are honest and will happily hand his data right over).

Nope, in almost all cases this software has encrypted virtually all the files on the HD and without the public key he can't recover a damn thing, if he was incredibly lucky and was hit with 'incompetent ransomeware' there's a slight chance, the fact that they scanned his drive, found his phone # and actually called him means this was not a 'script-kiddie', it's the work of sophisticated Internet mafia, mostly located in E. Europe and their software is NOT 'incompetent'.

SumnerH · May 11, 2014

CaptainLaddie said:
He could remove the hard drive and plug it into a Mac or Linux system and recover his important data that way -- if it isn't already gone (because I'm sure these folks trying to get a ransom from him are honest and will happily hand his data right over).

It sounds like something akin to CryptoLocker, which encrypts lots of files (e.g. Office files) and then sends the key to a central server. You pay to get the decryption key back. If that's the case, accessing from another OS won't help you access those files, though it'll let you get to other files.

http://en.wikipedia.org/wiki/CryptoLocker

SumnerH · May 11, 2014

If he's lucky it might be CryptoDefense:

[SIZE=13.63636302947998px]research by Symantec discovered that CryptoDefense contained a major design flaw, inadvertently allowing the private key to remain stored on the computer within the user's [/SIZE]Application Data[SIZE=13.63636302947998px] folder due to the behavior of Windows' encryption API[/SIZE]

canderson · May 11, 2014

I can't help but that's scary as fuck they called him.

Couperin47 · May 11, 2014

canderson said:
I can't help but that's scary as fuck they called him.

Yep. Need to endlessly preach: backup image on a separate HD and decent serious AV, the Webroot SecureAnywhere would have almost certainly popped up a huge GET ME OUT OF HERE the second he stumbled to that web page, and it's friggin 5 bucks this weekend. Most of the free AV options these days are too limited... just scanning at download isn't enough anymore...

jercra · May 12, 2014

When you first boot the computer you should see a screen that says "press F2 (or F12, or Del or something) to enter setup" or something along those lines. That will take you to the bios where you can change your boot order to put CD ROM first in the list. Some computers also just have a separate boot selection screen the you can access by hitting some other key before it gets to its current boot. If yours does then you can just hit that key and select the CD ROM.

wibi · May 12, 2014

raylaw21 said:
How can I boot from a windows CD? Which we do have. I can't get into safe mode or any other mode since they deleted Admin account. Also we do not need any of the files on his computer if that helps.

Trash the HD, buy a new one and reinstall windows on that drive.

Couperin47 · May 12, 2014

wibi said:
Trash the HD, buy a new one and reinstall windows on that drive.

This advice is akin to telling someone to install a new engine in their car the first time it needs new spark plugs...

wibi · May 13, 2014

Couperin47 said:
This advice is akin to telling someone to install a new engine in their car the first time it needs new spark plugs...

A new HD costs the same as a new set of spark plugs. Your analogy might work if HD costs were the proportionally the same as an engine to a car.

Couperin47 · May 13, 2014

wibi said:
A new HD costs the same as a new set of spark plugs. Your analogy might work if HD costs were the proportionally the same as an engine to a car.

Except that the logical comparison is between the cost of the new HD ($80 to $120) vs the cost of a reformat & MBR rebuild if even necessary (rarely) which is ZERO ... I'm not screwing NGKs or Champions into a laptop nor am I plugging Seagates or WDs into a 4 or 6 banger...

Search

Search

Ransomware

raylaw21

New Member

jercra

No longer respects DeChambeau

CaptainLaddie

dj paul pfieffer

Couperin47

Member

SumnerH

Malt Liquor Picker

SumnerH

Malt Liquor Picker

canderson

Mr. Brightside

Couperin47

Member

raylaw21

New Member

jercra

No longer respects DeChambeau

wibi

Member

Couperin47

Member

wibi

Member

Couperin47

Member