Anyone infected Crytolocker and paid him bitcoin money?

Yesterday, my computer infected Crytolocker when I clicked one email attachment.
All files are encrypted and I haven't backup and System protection on my Windows 7 PC.
So I decided to pay him 2.36 bitcoin.   I waited one day but still no feedback. I am worries about lost money and files.

Anyone has this experience and paid him to get files ?

I will backup whole system if I can get back all data.
Also any suggestion after that ? Should I need to reinstall Operating system ?
Who is Participating?
EirmanChief Operations ManagerCommented:
The first batch of cyber-criminals who created the Cryptolocker ransom software seemed to have modicum of ethics.
The decryption process did work if you paid on time.

The general advice is/was .... never pay unless the encrypted data is ultra-critical.
In an ideal world ultra-critical data should be backed twice (different locations & off the network)

Recently, I've seen ransomware for sale on some hacker sites for fairly small money.
Now a much wider range of amateur criminals with zero ethics are engaged with this practice.
I guess this type of individual just takes the money and run.
andreasSystem AdminCommented:
Didnt paid myself but others who did who i knew also didnt got any response.

Same result money and files lost.

Operating System needs to be reinstalled. You cannot be sure you removed all files from the virus and all possible traces/backdoors the attackers installed.

If you dont reinstall there is a great chance its encrypting again soon, even without pening an e-mail attachment.
Joe_LAIAuthor Commented:
I paid to his bitcoin address. not myself.
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

andreasSystem AdminCommented:
Sure you did as some people i knew did too. All of them didnt got a reply.
EirmanChief Operations ManagerCommented:
If it was my PC, I would wipe it and install everything again .....
AND then take an image for a future quick re-install.

This type of ransomware spreads from network share to share, so beware!
For this reason, you should leave backup devices disconnected unless needed.

You will find some possible recovery hints relating to shadow copies etc. here

Be very wary of running email attachments (Even from people you trust)
and consider using this in the future
Joe_LAIAuthor Commented:
Yes, it work. They sent decryption software and all files back to normal. Eirman you are right. I did full data backup and re-install operating system. Will do daily backup with 3 days copies at least and enable  Volume Shadow Copy.
Darius MilbrookeCommented:
If you pay on time it does work.

I'ma network admin and I've had cases of crypto wall and crypto locker and one having to do with some game and tesla etc.. Seems they are branding it now.

1. if you can restore the files then just reformat and restore.
2. trying to clean it NEVER works, I wasted 5 days trying this.
3. They will give u back your files if you send the bitcoin to the address AND post the transaction ID. the wallet you use to send it will have a transaction id of the address. it is a very long 100 + character string 23jb23jhrvadcghjv2u3fd2 etc... and and will give you bitcoins BUT you need to wait 5 days after uploading id and connecting your bank account. As the ransom doubles every 2 days this is not good. is a place where you can buy bitcoins fast directly from sellers. I found a guy and did  a cash deposit to his bank of america account and got the coins within 2 hours. another guy there even did a credit card but he wanted a selfie of the card holder + their id and cc in the photo. got it within 10 minutes tho.

Good luck and don't click any pdf.exe files.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.