Studiosi Yes.. My all data kept from 10years been heckked up.. I did not pay single penny that crypto locker fuckers..40% data gone as I had few backup in external drive.
Using your car vs using a computer: In order to use a car you need driving lessons and in the end you had to take an exam........ In order to use a computer and the internet you need none of the above !!!!!!! Backups: You do not want backups....YOU MUST HAVE BACKUPS....the kind of backups that you can use to perform a "bare metal restore" Greetz, Rik A system engineer for over 20+ years PS, Removing the virus does not decrypt your files, you need the private key to decrypt the files
I'm like losing my shit over this. I understand $300 USD, but they're actually decrypting the files, and not just running away saying: *"I stole your money! HAHAHAHAHAHAHA!"* Well, it's fucking insane they'd actually also remove itself from the system after that.
Kirill Shilov your files are gone for good with this type of Malware and if you pay the fine, there's almost a 100% chance you will NOT regain access to your system without having to re-install Windows
Kirill Shilov I know what I'm talking about, I've watched some of these videos yesterday and they always say even if you pay, there's no chance your system will be unlocked... unless you re-install Windpws
PharaohII Encrypted files are not broken. If you don't have an backup that didn't get messed up then there's nothing IT can do except pay the ransom if they need the files back.
+Killer2600: Well, what IT-department does not make any back-ups of it's systems? I'm sorry but as an IT-department, if you manage to fail back-ups of your systems you can't call yourself IT...
I think you misunderstand my sentiment. I'm not actually sad for the IT personnel. But one thing to note; Backups don't always save the day. If the latest backup was a week old, how valuable is this week's work? Maybe it's worth nothing, maybe it's worth everything.
Xorax Voxal www.decryptcryptolocker.com/ Its actually legit and it doesn't contain any viruses. I just scanned it with VirusTotal and it was all clean + legit. Btw im not a bot
Backup consistently to a drive or cloud device behind a FW or if a drive, remove after backup is completed. Never pay. Also running netstat is useless, if you truly would like to see packets running to a server farm spoofed from Russia, get wire shark running on another PC, install in a dmz setup on your wireless router or hard wired router to watch them call home. Unless you can capture the packets as it's happening so you can use the decryption image, it's useless. This is an old Trojan just brought back to life so use some sense and just backup online or better yet, use Linux and never be worried again. Never never never pay, you would never recognize the Trojan string and you have a 90% chance of it reoccurring .
This is exactly why you should enable automatic backup to another hard drive or a network location. For Windows 10, it's in Settings → Update and Security → Backup
wow i'm impressed the virus actually did what it said instead of accept your payment and still remaining on the computer at least they have some type of morals.
lol, why not? it'd be better if word got out that paying them really get's your files back, then more people would likely buy back their files. if I got that, my first thought would be "no way in hell would they actually go through the trouble of decrypting my files," but if I heard that it would really get my files back, I'd reconsider paying them.
Best approach to this by what i've seen by now: 1. remove the infected/victim HDD to a not infected station, good to have an up to date antivirus on that station (do not run or access anything on the victim HDD yet); 2. make sure the new station has a free partition with plenty of space, able to store a significant more than what is supposed to be used on the victim HDD (or even full capacity); 3. since the encrypted files are created as new files and the original files are deleted, one can use a file recovery tool (e.g. OnTrack EasyRecovery) to try to recover deleted files, saving them on the partition mentioned at point 2. If the victim HDD is very crowded, there is a possibility that some files will not be recoverable, but worth trying; between the recovered files there will be lots of intentionally forgotten memories or even junk, but hopefully there will also be some/all important files previously compromised by Cryptolocker. 4. once recovery complete, delete the compromised files on the victim HDD; as for the executables which carry the virus, there are some clips which point them out, but i recommend an old fashioned clean format...
You can never be sure that you fully removed the malware. That really sucks especially considering the fact that you gave the money to criminals. Like... seriously? Are you insane? Wipe & reload is too hard for you?
Thanks for your work..... this f**** thing got me, today I guess while I was at work. Normal morning before work today.... checked PC tonight and had the big ticking time box... have read up on this thing since then for an hour & a half. What a nightmare. I don't back stuff up, my idiotic fault. I won't pay these crooks (smart evil crooks), and I expect sadly to lose everything in about 62 hours. Never have gotten one of these virus' before. I blame my kids and Minecraft type stuff
Why don't you use something like the free program Virtualbox to create a virtual machine to play around with this kind of thing? You either scrap the virtual machine when you're done or roll back to a snapshot.
How to protect yourself against these viruses: 1:Install a actually stable antivirus (no avast,malwarebytes or any other crappy one) I would recommend ClamTK 2:Install a good decrypter. 3:Never go on any suspicious sites and/or download links. 4:Remove all viruses from your computer,and backup your files on an USB drive that has atleast 16GB Of Memory. 5:If all of above fails,boot into safemode,disconnect from the internet,and recover your files manually.
Always when your system is not in use, please keep turn off computers, and if you get suddenly your system works slow than usual. Then you have to be careful.
did u disable all anti virus or real time protection when it looks for payment activation? i waited 5 hours still nothing maybe its cause my virus is blocking it?
My mum just got this on her computer, but she had a usb with 8 years worth of work and photos on it which she left in for about 5 mins. Will it all be infected, and is it safe to check it on my computer?
No file on my system is worth 300 dollars. If you have files that are that important to you, back them up on an ext drive. Reinstall windows. Once you pay them, they already won.
please help !!! i left one day my PC on and left to work and unfortunately i had my 2 TB external hard drive connected . when i came home i found cryptolocker and immediately i remove the external drive and remove the virus, but i have shit loads of encrypted files on this external drive. i the meant time i change the internal hard drive of my PC and i have a new windows working perfectly but i still can't decrypt my files :( . as soon as i saw the virus i check TH-cam on how to solve my problem but at the time was no solution for it . now i can see that great minds managed to solve the problem but i can't and i don't know how to decrypt my files from my external hard drive ! please help me
Sebastian Pal try either backing up your last backup, or booting into safe mode and removing the encryper. if that does not work, try looking up at google and search:"how to de encrypt your files with command prompt". if you want to launch command prompt, it won't work on normal windows boot mode. select boot mode and select boot with command prompt. then follow the instructions given by the internet so you can de encrypt your files. -WARNING USE COMMAND PROMPT AT OWN RISK AND MAKE IT A SYSTEM ADMINISTRATOR SYSTEM 32 IS WHERE YOUR COMPUTER RUNS ON.
Did you have any anti-virus on your machine? From what I have read, a system restore will sometimes rewind the encryption process. Kind of a scary thing to do, but if it's a last resort, I would definitely try that. Hopefully SOMEONE will soon be able to stop these fools....
Guys it's actually super easy to avoid the destruction of CryptoLocker without a firewall OR antivirus:Upload your important files onto Google Drive. (or something else)Wait till the key is destroyed.Re-install the files. (On top of that, this will actually delete unwanted junk files.)
I saw the computer and was like but macs don't really get viruses, then i saw the windows and i was like... why the hell would you spend that much money on a macbook just to get windows on it.
I just keep all mu videos,pics,music on a pen drive, if I got this virus on my computer, id just take it to get the hard drive wiped and rebooted. no way any scumbag would get money from me for my own stuff.
Kaden Poole Well, the people who made cryptolocker stopped what they were doing, and they released the master key to the decryption system, and a tool to automate it. :D
***** only 88 files are encrypted on my computer, 8 hours left, and my system isnt gonna delete shit, its the trojan, and only those 88 files, as far as im concerned, if you know how to get rid of this bs, help me, i dont like the pop-up, im okay with the encrypted files, basically pictures, a little of presentations, which i already have given out, so i dont need them.
Well lets put it into perspective - I work for an IT company doing IT support for businesses. A customer got this, so I had to go to their site, remove the virus, check all the other computers, clean exchange and then restore files from the daily offsite backups. For my time they were charged £350, about $500... They would have saved money if they just paid them ( I would have as an IT professional ). Also, paying them would have been faster
you couldve saved your money and just used a malware removal program to remove the cryptolocker and used a system restore. This is just straight up foolishness, its a SCAM
that depends, money pak is anonymous and bitcoin addresses may vary and that one is a temporary one on a server in a different country so it's not that easy
And this is why people write this kind of stuff. Now we have a tutorial for this too :( I feel really bad for those who are in this situation but this is probably the last resort. The biggest reason why not to do this is that more than likely they will not unlock your stuff because why should they really...
if windows backs up your info why not windows restore and from what i seen i dont know many people that turn off that feature and why would you? Or have i being dumb and got lucky and this is a non issue? i back up my info on dvd ever time i add pic to my system but a simple system restore seem to solve this am i missing something?
that's crazy i just look more into this and it infects network data as well so if i have my external drive hooked up bam that's lost as well so whats the solution just dvd back up? I do this anyways but what a pain.
The sad thing is is that it decrypts windows backups. Also if you have ur PC on Internet at the time cryptolocker is there u may find your online backups gone. Backup to a flash drive or a cd frequently.
Hi, The cryptowall entered my computer I run norton utilities and then norton antivirus, not knowing about cryptowall. Please, if someone can tell me, can I pay rensom now to get my files. And norton utilities have the registry's backup and I can restore it. Any help will be great. Thank you
Guys, there is a way to get around the virus, remove it without detection. And maybe get your files back. Get malware bytes, and run frequent backups to a cd or a flash drive. Once you see cryptolocker window, reboot PC into safe mode with networking, and boot it. Then run malware bytes and scan your PC. Once it's removed, reboot into the normal reboot. Then if you want encrypted files back just restore your PC from that backup. Simple, really...
Toxic Toca It will work because the encryption program is pretty useless if it can't run plus windows have way to restore a file to it's previous version thus removing the encryption
Windows cannot restore files, if the shadow copies were deleted before encryption. I can run user applications in safe mode. Probably because I use a non-shitty Windows.
If im wrong (because i infected virtual machines with a copy of Cryptolocker...the very same...several times.) If you cant do a shadow copy restore with software,you can do a normal Previous Versions Restore.Both methods have worked for me...I had a 100% recovery (Sorry...no shadow copies were encrypted) I will not argue, I just think that there are ways to keep our customers to spend more, and avoid paying these criminals
There is a way i completely agree with you, for those who have data that important and don't back it up are asking for this to happen. There is another variant of this infection circulating that encrypts back up drive & deletes shadow copies which is the one i was referring to. Wasn't trying to troll, just my mistake. I thought this was that variant. From what I've seen "CryptoLocker 2.0" is being sold for 100$ a key to other hackers to do what they please. That one is impossible to recover any data off of. news.techworld.com/security/3495444/cryptolocker-20-turns-into-worm-that-spreads-via-usb-drives/
SweatmyTechniqs No problem bro,nice mixes.Here are an important info about this Cryptolocker "2.0 " us-business.kaspersky.com/cryptolocker-2-0-thief-and-impostor/
But you can still find the private key by using software. Since it takes a long time, software has to resort to trial and error, but still, it's possible.
Nope, when the virus encrypted data, it made a connection with its database server, (which stored all encryption keys for all infected PCs), So it's not like the virus used the same key for all pcs, each infected pc got its own encryption key so it made it way more difficult to recover... There is no reverse engineering, or work-around for this one, so unless you have backups, you honestly have NO choice BUT to pay the ransom, only if you think that your data is worth as much as they want.
I heard that some group of engineers were able to reverse engineer something about cryptolocker and were able to decrypt their files, i think they were able to crack the crypto and get the key.
danermanerkider Various instances/versions of cryptolocker have been reverse engineered and servers that hold keys have been located but the encryption itself has never been cracked. The encryption is top grade AES "properly implemented" so not even the NSA can help you without finding and obtaining the key which typically is lost forever after about 72 hours *per cryptolocker's own claims that you have only 72 hours to pay the ransom or your files will never be able to be decrypted, even if you pay.
***** No you cannot. The Removal video you are thinking about IS rogueamp, however it is for the MBLBlock Ransomware, not Cryptolocker. With Cryptolocker, even Rogueamp said you have no choice but to pay the ransom.
or dont fund cyber terrorists by removing the malware and downloading the cryptolocker decrypter. You're seriously giving really shitty advice and keeping scammers afloat.
![[FULL EP.73] เปิดบ้าน 70 ล้าน "แป้ง Zbing" ยกมาทั้งญี่ปุ่น l เคหสถานบานปลาย l One Playground](http://i.ytimg.com/vi/YBnJhTt07Pg/mqdefault.jpg)
Well done paying criminals... this is like giving money to terrorists...
Or paying parking a parking :-)
Studiosi Yes.. My all data kept from 10years been heckked up.. I did not pay single penny that crypto locker fuckers..40% data gone as I had few backup in external drive.
Using your car vs using a computer:
In order to use a car you need driving lessons and in the end you had to take an exam........
In order to use a computer and the internet you need none of the above !!!!!!!
Backups:
You do not want backups....YOU MUST HAVE BACKUPS....the kind of backups that you can use to perform a "bare metal restore"
Greetz,
Rik
A system engineer for over 20+ years
PS,
Removing the virus does not decrypt your files, you need the private key to decrypt the files
+RhNegA- Those ppl. should ONLY surf the net useing a VM / Live-OS
I HAD THIS VIRUS HIT ME THREE YEARS AGO & REFUSED TO PAY 300$ FOR EXTORTION GOOD THING I HAD BACKED UP 99% OF FILES ORIGINAL PICS YET ON SD CARDS...
I would rather lose all my files than pay these criminals a dime. If you have files that are important to you, make sure you back them up.
Hey
I was hoping someone who actually paid the ransom would record it. I was curious what it looks like.
I'm like losing my shit over this.
I understand $300 USD, but they're actually decrypting the files, and not just running away saying:
*"I stole your money! HAHAHAHAHAHAHA!"*
Well, it's fucking insane they'd actually also remove itself from the system after that.
Kirill Shilov your files are gone for good with this type of Malware and if you pay the fine, there's almost a 100% chance you will NOT regain access to your system without having to re-install Windows
if you watch a related video on Symantec's website, it says your system will not be unlocked, even if you pay the fine
Kirill Shilov I know what I'm talking about, I've watched some of these videos yesterday and they always say even if you pay, there's no chance your system will be unlocked... unless you re-install Windpws
Kirill Shilov any time one gets a severe virus reformatting isn't a bad idea
Kirill Shilov so true. By the way cryptolocker is toast. There's a place you can send your files to and they can unlock them.
It's quite sad seeing IT personnel paying the ransom, better security and policies should have been in place.
Well said.
or get down to nitty gritty of the situation and learn how to fix it///
PharaohII Encrypted files are not broken. If you don't have an backup that didn't get messed up then there's nothing IT can do except pay the ransom if they need the files back.
+Killer2600: Well, what IT-department does not make any back-ups of it's systems? I'm sorry but as an IT-department, if you manage to fail back-ups of your systems you can't call yourself IT...
I think you misunderstand my sentiment. I'm not actually sad for the IT personnel. But one thing to note; Backups don't always save the day. If the latest backup was a week old, how valuable is this week's work? Maybe it's worth nothing, maybe it's worth everything.
This Guy : buys mac and realizes Mac OS is shit so installs windows
lol exactly
Gimme Them Beans Like me
It's just a virtual machine running Windows 7. I do it all the time on my Macbook Air.
Gimme Them Beans mac is a lot better than a stupid windows computer, we do not have malware or virusses and macs are also smoother than windows.
@@DAVIDERAMONDETTI bruh you can build a windows pc for half the price of a mac and get double the performance
$300? If your files are that important to you that you would pay that, it's your fault for not having the files backed up somewhere.
You almost listened to the first minute of the video. Good job on paying attention, gold fucking star.
Maybe you can call Aiden Peirce lol
Hahahahah!
Ironically I got his from downloading Watch Dogs!!!
One Chance China from a torrent website?
Red The Gamer nosteam
Why am I convinced this is going to be the future of malware... I've seen previous ransomware but not as bad as this. :/
Lee Phillips Then look up WannaCry ransomeare ;)
Nightmare Potato kinda hard not to since its been reported everywhere. I'm not surprised it happened again.
WannaCry was made by skids, not functioning properly
7 years later and you predicted something
now my friends always have backups in case this shit fucks you up
+Chromium Titanium i need to get into a habit of putting my homework for school on my USB stick
If you pay them it will just make them make more of these programs. Its *easy* to remove them, but people tend to panic...
At least once you paid 300 USD they decrypt your files... I thought the program would only steal your money :P
It's still a steal... but if they wouldn't decrypt it, people would have no reason to pay at all, with all the internet and search engines and all..
Xorax Voxal www.decryptcryptolocker.com/
Its actually legit and it doesn't contain any viruses. I just scanned it with VirusTotal and it was all clean + legit.
Btw im not a bot
Jason Chan BOT BOT BOT BOT
Ced Rickets How am I a bot LOL Look briefly at my Google+
ITS A TALKING BOT
Backup consistently to a drive or cloud device behind a FW or if a drive, remove after backup is completed. Never pay. Also running netstat is useless, if you truly would like to see packets running to a server farm spoofed from Russia, get wire shark running on another PC, install in a dmz setup on your wireless router or hard wired router to watch them call home. Unless you can capture the packets as it's happening so you can use the decryption image, it's useless. This is an old Trojan just brought back to life so use some sense and just backup online or better yet, use Linux and never be worried again. Never never never pay, you would never recognize the Trojan string and you have a 90% chance of it reoccurring .
you for got to mention vampiretap and promiscuous mode.
You actually payed the ransom wtf
He did it to see if it would work. Learn to read
Paying them $300 or 300$ to decrypt your files is just like sending them a message saying "MAKE MORE RANSOMWARE!!!"
you payed robbers
Paid
+Aidan Jones "robbers" lol
+Aidan Jones ransomers :P robbers take shit from you and dont give it back
This is exactly why you should enable automatic backup to another hard drive or a network location. For Windows 10, it's in Settings → Update and Security → Backup
+Enes Oguz (UniQuadrion) .-.
I'd use an ext HDD which has a power switch on my table, this way, I can turn off the HDD when unneeded.
While I don't support paying malware, it's an interesting video to watch.
I need this ransomware for educational purposes, where can I find it?
deep web lol. i got thr source code of zues from it xD
+PaydayWeeaboo Delete your comment now before someone accidentally clicks it. Seriously.
***** God, thank god.
***** There's something quite concerning about the fact you can post virus links in TH-cam comments anyway...
***** He split the link into two links so clicking either won't take you anywhere.
wow i'm impressed the virus actually did what it said instead of accept your payment and still remaining on the computer at least they have some type of morals.
I disagree. they have no morals. people would stop giving them money if they did not remove the virus upon receiving payment.
Nah, they're pure scumbags.
lol, why not? it'd be better if word got out that paying them really get's your files back, then more people would likely buy back their files. if I got that, my first thought would be "no way in hell would they actually go through the trouble of decrypting my files," but if I heard that it would really get my files back, I'd reconsider paying them.
Best approach to this by what i've seen by now:
1. remove the infected/victim HDD to a not infected station, good to have an up to date antivirus on that station (do not run or access anything on the victim HDD yet);
2. make sure the new station has a free partition with plenty of space, able to store a significant more than what is supposed to be used on the victim HDD (or even full capacity);
3. since the encrypted files are created as new files and the original files are deleted, one can use a file recovery tool (e.g. OnTrack EasyRecovery) to try to recover deleted files, saving them on the partition mentioned at point 2.
If the victim HDD is very crowded, there is a possibility that some files will not be recoverable, but worth trying; between the recovered files there will be lots of intentionally forgotten memories or even junk, but hopefully there will also be some/all important files previously compromised by Cryptolocker.
4. once recovery complete, delete the compromised files on the victim HDD; as for the executables which carry the virus, there are some clips which point them out, but i recommend an old fashioned clean format...
He installed windows on his mac
+Arshia Moh Pretty sure it's a VM.
No this is remote desktop
The problem is removing it doesn't get your files back. They are encrypted and only the virus author(s) have the key to decrypt the files.
this is the only reason Ive ever really thought a computer virus should be used for I think taking credit cards and bank numbers is just greedy
edit: the people with those things can deactivate them too
You can never be sure that you fully removed the malware. That really sucks especially considering the fact that you gave the money to criminals. Like... seriously? Are you insane? Wipe & reload is too hard for you?
i got a homeland security version of this once. it said i was watching child porn when i was on youtube
Thanks for your work..... this f**** thing got me, today I guess while I was at work.
Normal morning before work today.... checked PC tonight and had the big ticking time box... have read up on this thing since then for an hour & a half. What a nightmare.
I don't back stuff up, my idiotic fault.
I won't pay these crooks (smart evil crooks), and I expect sadly to lose everything in about 62 hours.
Never have gotten one of these virus' before.
I blame my kids and Minecraft type stuff
Best way to do this, install memz trojan since it is a remote desktop, totally shit face the other guys computer.
Ur the first who bought cryptolocker...
Ty for that. It was a remote lol some user
indonesia suka virus
Why don't you use something like the free program Virtualbox to create a virtual machine to play around with this kind of thing? You either scrap the virtual machine when you're done or roll back to a snapshot.
How to protect yourself against these viruses:
1:Install a actually stable antivirus (no avast,malwarebytes or any other crappy one)
I would recommend ClamTK
2:Install a good decrypter.
3:Never go on any suspicious sites and/or download links.
4:Remove all viruses from your computer,and backup your files on an USB drive that has atleast 16GB Of Memory.
5:If all of above fails,boot into safemode,disconnect from the internet,and recover your files manually.
Malwarebytes isn't an AntiVirus you genius, and it isn't shit.
MALWARE-bytes is an Anti-MALWARE, not an Anti-Virus
Katz Suck
That is just what I said...
>ClamTK
Not everyone uses Linux, dude.
Try kaspersky its great at removing virues and blocking bad websites
spit your gum out
Always when your system is not in use, please keep turn off computers, and if you get suddenly your system works slow than usual. Then you have to be careful.
Is that windows?
*On a Macbook?*
It's a software used to open an OS in another OS. OSception! :D
Oh. OK ;)
He probably used boot camp
+Isaac Ledesma
And what if it is? Are you gonna cry?
varoskovic Of course not, I'd give that guy an award.
did u disable all anti virus or real time protection when it looks for payment activation? i waited 5 hours still nothing maybe its cause my virus is blocking it?
Tell me, please, how did i get this virus ? Didnt download anything but a picture of sanic from google ._.
Well. You downloaded a .exe file accidentally while.it happened
My mum just got this on her computer, but she had a usb with 8 years worth of work and photos on it which she left in for about 5 mins. Will it all be infected, and is it safe to check it on my computer?
You must not pay for unlock the files, because this could be a scam
***** its still a scam
It is very strong encryption. There is no way to get your files back. (without backup, of course)
***** But paying encourages the creators of these viruses to make more.
***** still dumb, but my friend knows how to reverse hack a hack
he just rewrote the fire wall so all hacks bounce back to the sender.
Windows and mackbook ??
Is the source code not online? making some change in the code would make it pretty awesome
No file on my system is worth 300 dollars. If you have files that are that important to you, back them up on an ext drive. Reinstall windows.
Once you pay them, they already won.
Just encrypt the drive before getting CyptoLocker. Therefore, Cryptolocker won't have to encrypt any files.
just boot into safe mode and go to h_key local then remove the encryption
you cant all the files will still be encrypted
Why the hell is Windows on a MacBook Pro???
cuzynut
because BOOT CAMP. That's why
***** mac os isn't "sh!ty" windows fanboy
Logan Darklock *shitty
TheNeonGuy he corrected it
please help !!! i left one day my PC on and left to work and unfortunately i had my 2 TB external hard drive connected . when i came home i found cryptolocker and immediately i remove the external drive and remove the virus, but i have shit loads of encrypted files on this external drive. i the meant time i change the internal hard drive of my PC and i have a new windows working perfectly but i still can't decrypt my files :( . as soon as i saw the virus i check TH-cam on how to solve my problem but at the time was no solution for it . now i can see that great minds managed to solve the problem but i can't and i don't know how to decrypt my files from my external hard drive ! please help me
I feel bad for you. I'll try my best to research a solution.
the servers are shutdown, therefor the encryption key is gone, so you lost your files forever :/
I tried but it's not working at all :((
data recovery wizard should do it..recover whole partitions on the drive to its previous state...it is free to download and will do the job ))
Sebastian Pal try either backing up your last backup, or booting into safe mode and removing the encryper. if that does not work, try looking up at google and search:"how to de encrypt your files with command prompt". if you want to launch command prompt, it won't work on normal windows boot mode. select boot mode and select boot with command prompt. then follow the instructions given by the internet so you can de encrypt your files. -WARNING USE COMMAND PROMPT AT OWN RISK AND MAKE IT A SYSTEM ADMINISTRATOR SYSTEM 32 IS WHERE YOUR COMPUTER RUNS ON.
Did you have any anti-virus on your machine? From what I have read, a system restore will sometimes rewind the encryption process. Kind of a scary thing to do, but if it's a last resort, I would definitely try that. Hopefully SOMEONE will soon be able to stop these fools....
@@jamesbird7127 no, he did not. 7 years ago replies didn’t exist
That's what you get for installing Windows on a Mac
The only one who actually paid for cryptolocker P.S.
regedit.exe :3
*cough* *cough* Safe Mode. *cough* *cough*
Guys it's actually super easy to avoid the destruction of CryptoLocker without a firewall OR antivirus:Upload your important files onto Google Drive. (or something else)Wait till the key is destroyed.Re-install the files.
(On top of that, this will actually delete unwanted junk files.)
Lol the files are encrypted no matter where they go.
I meant BEFORE and I wrote this a hella long time ago.
nawmalFUN Before what? Before running the program? How would you know it's Crypto if you're gonna open it in the first place?
I saw the computer and was like but macs don't really get viruses, then i saw the windows and i was like... why the hell would you spend that much money on a macbook just to get windows on it.
***** I said (really) don't. not that they never get viruses. Most viruses are made for windows anyway.
they spent that much to just get CryptoLocker ... XD
Trevor Ryan I'm wondering if they regret their choices.
They prob have VirtualBox running with a WindowsVM
are you stupid? macs get shitloads of viruses, if you want something without viruses get Linux.
I just keep all mu videos,pics,music on a pen drive, if I got this virus on my computer, id just take it to get the hard drive wiped and rebooted. no way any scumbag would get money from me for my own stuff.
or you could put your important files into google drive so you dont worry about losing any files.
A very interesting video to watch. I'm glad any of my computers had been attacked by this kind of ransomware...
+X Leonhart If this were to happen, you can just grab the master key since the "company" who created this has shut down :D
+whamer100 what master key are you talking about?
+whamer100 what are you talking about?
Kaden Poole Well, the people who made cryptolocker stopped what they were doing, and they released the master key to the decryption system, and a tool to automate it. :D
OMG WHY 49% PEOPLE ADMITTS TO BUY WTF
Can i just refuse the payment somehow and let the files be encrypted? the pop-up is annoying, and thats it.
***** only 88 files are encrypted on my computer, 8 hours left, and my system isnt gonna delete shit, its the trojan, and only those 88 files, as far as im concerned, if you know how to get rid of this bs, help me, i dont like the pop-up, im okay with the encrypted files, basically pictures, a little of presentations, which i already have given out, so i dont need them.
Well lets put it into perspective - I work for an IT company doing IT support for businesses. A customer got this, so I had to go to their site, remove the virus, check all the other computers, clean exchange and then restore files from the daily offsite backups. For my time they were charged £350, about $500... They would have saved money if they just paid them ( I would have as an IT professional ).
Also, paying them would have been faster
Running windows virtual machine?
Because crypto locker is only on windows.
Like most viruses.
+Shea Mcneely
actually linux has more viruses /per installation that windows does... so yeah,..
Wow people in europe are gonna have to shell out more...
I know this video is old , but i hope , if he is the IT professional for this company that they took the 300$ out of his pay and fired him .
3:19 The is My Phone! Well, not mine, but my type of phone. The Windows Phone.
excuse me
what
Don't ever give ransomware Bas*t*rds one cent, Id rather restore from a backup.
3:04 thanks for the link nub now I can troll my computer lab :)
you couldve saved your money and just used a malware removal program to remove the cryptolocker and used a system restore.
This is just straight up foolishness, its a SCAM
+mechaart
and what about your encrypted data, dumbass?
I would not pay those scumbags. I rather lose my files.
atleast they did what they promised
i bet those cryptolocker nerds didnt even graduate pre-cool
"pre-cool"
Did you mean 'pre-school'?
***** no i meant pre-cool, as in they never graduated pre-cool and never became cool
Ahh, okay.
Cryptolocker encrypted itself
give it to indian tech support scammer.
can't you track the IP that you send the money to
that depends, money pak is anonymous and bitcoin addresses may vary and that one is a temporary one on a server in a different country so it's not that easy
How do you know, they could have used a VPN. Also, wow, stereotyping.
also probably right
Or you can pay with credit card then you can report it to your bank.
And this is why people write this kind of stuff. Now we have a tutorial for this too :(
I feel really bad for those who are in this situation but this is probably the last resort.
The biggest reason why not to do this is that more than likely they will not unlock your stuff because why should they really...
This must be sponsored by the criminals themselves.
windows phone in backround???
What a bad way to spend money. You could buy a karambit! xD
if windows backs up your info why not windows restore and from what i seen i dont know many people that turn off that feature and why would you? Or have i being dumb and got lucky and this is a non issue? i back up my info on dvd ever time i add pic to my system but a simple system restore seem to solve this am i missing something?
Pfffh, system restores are useless for this type of virus, it's better to back it up.
that's crazy i just look more into this and it infects network data as well so if i have my external drive hooked up bam that's lost as well so whats the solution just dvd back up? I do this anyways but what a pain.
jr252002
Keep your drive disconnected whenever it is not needed, or pay for an online cloud backup.
The sad thing is is that it decrypts windows backups. Also if you have ur PC on Internet at the time cryptolocker is there u may find your online backups gone. Backup to a flash drive or a cd frequently.
This only promotes more and more Ransomware tomorrow ☢☢☢
Its trippy with the whole Windows on a Mac setup. And he needs to stop chewing gum whilst recording.
thats evil
you should be ashamed of yourself for wasting $300
Hi, The cryptowall entered my computer I run norton utilities and then norton antivirus, not knowing about cryptowall. Please, if someone can tell me, can I pay rensom now to get my files. And norton utilities have the registry's backup and I can restore it. Any help will be great. Thank you
IF THIS COMMENT IS A JOKE:
This makes for great copypasta.
IF THIS COMMENT IS SERIOUS:
Why in the everliving hell are you using Norton?
Excellent advice....#takeituptheass
Windows 7 on MacBook Air ????
*Confused Screaming*
W8 do you have windows on a mac book?
szysza145 its called:"apple boot camp"
You shouldn't have done that! That's like paying terrorists!!
WALL DONE!!!!!!1111 U GOT THE FBI MONEYPAAK AHAHHAH
What slang is this
Anon what is slang (lol its called snake on dutch)
Wooow and you guys actually payed them... thanks for fueling these peoples machine.
*Paid
And why did you do that?
And so? I rather lose my files than I give money to those ssholes.
You know if you pay these people it will only encourage them.
But you really have no choice if you get infected, there's no way to workaround this virus.
brdane Can you format the drive and reinstall windows or... no? I have never caught this and I would love to know if that is an option..
Guys, there is a way to get around the virus, remove it without detection. And maybe get your files back. Get malware bytes, and run frequent backups to a cd or a flash drive. Once you see cryptolocker window, reboot PC into safe mode with networking, and boot it. Then run malware bytes and scan your PC. Once it's removed, reboot into the normal reboot. Then if you want encrypted files back just restore your PC from that backup. Simple, really...
Omg. Just why.. why would you give them 300 bucks
+Dashwomp
to get the data back, dumbass
nooo, i thought he was buying a cheeseburger.
Always save all of your files on a usb
Windows on a Macintosh notebook?
+Robloxs Xtremeguy Not impossible
Virtual machine
ComputerExpert69 Ohh... ok.
***** Is there even Remote Desktop for Mac OS?
***** Ok.
Or you can delete the files of crypto locker in registery key and restore files to previous state
Toxic Toca Not if you do it safe mode. No user application can run in safe mode only system application can.
Toxic Toca It will work because the encryption program is pretty useless if it can't run plus windows have way to restore a file to it's previous version thus removing the encryption
BUT that's if you go to safe mood before doing anything
Windows cannot restore files, if the shadow copies were deleted before encryption. I can run user applications in safe mode. Probably because I use a non-shitty Windows.
You make your client PAY for decryption key...what kind of pc tech are you? Only you needed is to search all shadow copies...Wow WTF
WRONG! All shadow copies also get encrypted! Do some research!
If im wrong (because i infected virtual machines with a copy of Cryptolocker...the very same...several times.)
If you cant do a shadow copy restore with software,you can do a normal Previous Versions Restore.Both methods have worked for me...I had a 100% recovery (Sorry...no shadow copies were encrypted)
I will not argue, I just think that there are ways to keep our customers to spend more, and avoid paying these criminals
There is a way i completely agree with you, for those who have data that important and don't back it up are asking for this to happen.
There is another variant of this infection circulating that encrypts back up drive & deletes shadow copies which is the one i was referring to. Wasn't trying to troll, just my mistake. I thought this was that variant. From what I've seen "CryptoLocker 2.0" is being sold for 100$ a key to other hackers to do what they please. That one is impossible to recover any data off of.
news.techworld.com/security/3495444/cryptolocker-20-turns-into-worm-that-spreads-via-usb-drives/
SweatmyTechniqs No problem bro,nice mixes.Here are an important info about this Cryptolocker "2.0 "
us-business.kaspersky.com/cryptolocker-2-0-thief-and-impostor/
malwarebytes.org ppl! get protected! If u buy malwarebytes itll stop cryptolocker from encrypting any files!
You know that you can decrypt the files using special software.
You really don't know how it works dont you?
See here: en.Wikipedia.org/wiki/password_strength
Ups and Downs
Crypted files is far different from just putting random password in it. This shit is level CIA encryption
What?
But you can still find the private key by using software. Since it takes a long time, software has to resort to trial and error, but still, it's possible.
This guy is using windows on a macbook pro? seems legit.
***** k.. lol
I swear everyone with a Minecraft profile picture is a total idiot.
xEazy420 So, i'm an idiot just because of my profile picture?
MiningSabri You made an idiotic comment, and literally everyone I see on TH-cam with a Minecraft picture makes stupid comments.
xEazy420 I admit, my comment was idiotic. but, have you ever heard of jokes?
Wow, I never seed a person pay for ransomware.
It possible to decrypt the files yourself?
Nope, when the virus encrypted data, it made a connection with its database server, (which stored all encryption keys for all infected PCs), So it's not like the virus used the same key for all pcs, each infected pc got its own encryption key so it made it way more difficult to recover... There is no reverse engineering, or work-around for this one, so unless you have backups, you honestly have NO choice BUT to pay the ransom, only if you think that your data is worth as much as they want.
I heard that some group of engineers were able to reverse engineer something about cryptolocker and were able to decrypt their files, i think they were able to crack the crypto and get the key.
danermanerkider Various instances/versions of cryptolocker have been reverse engineered and servers that hold keys have been located but the encryption itself has never been cracked. The encryption is top grade AES "properly implemented" so not even the NSA can help you without finding and obtaining the key which typically is lost forever after about 72 hours *per cryptolocker's own claims that you have only 72 hours to pay the ransom or your files will never be able to be decrypted, even if you pay.
***** No you cannot. The Removal video you are thinking about IS rogueamp, however it is for the MBLBlock Ransomware, not Cryptolocker. With Cryptolocker, even Rogueamp said you have no choice but to pay the ransom.
***** With cryptolocker, it is actually impossible so far.
or dont fund cyber terrorists by removing the malware and downloading the cryptolocker decrypter.
You're seriously giving really shitty advice and keeping scammers afloat.
+Sylvanas Windrunner It's amazing that we've invented technology that allows people to alter the timeline, isn't it?
upload date
You don't have to pay Them you can easily get by it
how?
My Computer got it awhile ago so I barely remember but you need to go in through safe mode
what is this blasfomy, IT using a Mac
Don't Pay. I mean I've never had this virus and I already know how to remove it.
Do tell my good sir because whatever it is I'm sure I've tried it