Joe_LAI
asked on
Anyone infected Crytolocker and paid him bitcoin money?
Yesterday, my computer infected Crytolocker when I clicked one email attachment.
All files are encrypted and I haven't backup and System protection on my Windows 7 PC.
So I decided to pay him 2.36 bitcoin. I waited one day but still no feedback. I am worries about lost money and files.
Anyone has this experience and paid him to get files ?
I will backup whole system if I can get back all data.
Also any suggestion after that ? Should I need to reinstall Operating system ?
All files are encrypted and I haven't backup and System protection on my Windows 7 PC.
So I decided to pay him 2.36 bitcoin. I waited one day but still no feedback. I am worries about lost money and files.
Anyone has this experience and paid him to get files ?
I will backup whole system if I can get back all data.
Also any suggestion after that ? Should I need to reinstall Operating system ?
ASKER
I paid to his bitcoin address. not myself.
Sure you did as some people i knew did too. All of them didnt got a reply.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes, it work. They sent decryption software and all files back to normal. Eirman you are right. I did full data backup and re-install operating system. Will do daily backup with 3 days copies at least and enable Volume Shadow Copy.
If you pay on time it does work.
I'ma network admin and I've had cases of crypto wall and crypto locker and one having to do with some game and tesla etc.. Seems they are branding it now.
1. if you can restore the files then just reformat and restore.
2. trying to clean it NEVER works, I wasted 5 days trying this.
3. They will give u back your files if you send the bitcoin to the address AND post the transaction ID. the wallet you use to send it will have a transaction id of the address. it is a very long 100 + character string 23jb23jhrvadcghjv2u3fd2 etc...
circle.com and coinbase.com and gocelery.com will give you bitcoins BUT you need to wait 5 days after uploading id and connecting your bank account. As the ransom doubles every 2 days this is not good.
paxful.com is a place where you can buy bitcoins fast directly from sellers. I found a guy and did a cash deposit to his bank of america account and got the coins within 2 hours. another guy there even did a credit card but he wanted a selfie of the card holder + their id and cc in the photo. got it within 10 minutes tho.
Good luck and don't click any pdf.exe files.
I'ma network admin and I've had cases of crypto wall and crypto locker and one having to do with some game and tesla etc.. Seems they are branding it now.
1. if you can restore the files then just reformat and restore.
2. trying to clean it NEVER works, I wasted 5 days trying this.
3. They will give u back your files if you send the bitcoin to the address AND post the transaction ID. the wallet you use to send it will have a transaction id of the address. it is a very long 100 + character string 23jb23jhrvadcghjv2u3fd2 etc...
circle.com and coinbase.com and gocelery.com will give you bitcoins BUT you need to wait 5 days after uploading id and connecting your bank account. As the ransom doubles every 2 days this is not good.
paxful.com is a place where you can buy bitcoins fast directly from sellers. I found a guy and did a cash deposit to his bank of america account and got the coins within 2 hours. another guy there even did a credit card but he wanted a selfie of the card holder + their id and cc in the photo. got it within 10 minutes tho.
Good luck and don't click any pdf.exe files.
Same result money and files lost.
Operating System needs to be reinstalled. You cannot be sure you removed all files from the virus and all possible traces/backdoors the attackers installed.
If you dont reinstall there is a great chance its encrypting again soon, even without pening an e-mail attachment.