Crypto RansomWare

Hey everybody, welcome back. Want to show you what we are working on over here today here at PC911. We have here another Crypto virus computer in here. This is from an attorney, lots of documents,  briefs, legal stuff. So we are going to have to kind of comply with these guys. If you are not familiar with the crypto virus basically this here is a ransom. It encrypts your whole hard drive. All your data, picture pretty much everything asks you for $500. It gives you a time line as you can see here you got 99 hours or it is going to go from $500 to $1000. They are really nice, they gave you a decrypt one file for free where you can actually see that they do got the key on their side we are just getting to the nice part.

First thing we did here was we basically ran our malware bytes which is free and it is kind of easy to get the crypto virus out once it’s in but it’s a little bit too late. You can see it there ransom lock it trace and if you go to these files, if we go to the document folder you can see all these files they are all basically encrypted you can see all these here and there is the name there.

After the scan

This is very different names and how it actually encrypts, you can see there is no numbers, no names and it is called the lock it file. So that’s what we got going on and we are going to get ourselves some bit coin, we are going to make this payment and we are going to cross our fingers that we can get this stuff back. I’ll keep you posted thanks for watching.

Hey guys, here is a little follow up to this crypto wall virus that we are trying to get recovered. We are having trouble here with the decrypt one file for free. I have uploaded here several times and I just don’t get a response back. So I would like to you know confirm that they got the key on their end. We’ve got over here the support and we are in communication here imagine this.  You see there where the responses that are you know I am sending one I can’t get it decrypted. So now here they are asking me to which we actually tried we to the sendspace.com and basically upload the file there and the plan is that they are going to pick it up on their end decryption it and send it back.

So if that works out then I guess that they have confirmed that they have our key. And we will go ahead with the payment.  We have already secured 1.2 bit coins, we did that through Western Union this time last time we did it through another means. Pretty simple process there is a $50 transaction fee for that, so your $500 turns into…it is actually over $600 because this $500 payment depends on where you get your bit coin.

The BitCoin Cost

If you have to go to an open market its going to be about $550-$600 . Then you are going to wind up paying that transaction fee you will be surprised $50 to get that transacted. So we use local bit coins, made that purchase. Got that balance in our account and we are just waiting here to get some confirmation that we are just going to shoot over the bit coin. Keep our fingers crossed hopefully we can get this data back. Thanks for watching I’ll catch up with you soon.

Hey guys, here we are back with this Crypto wall on encryption. We are kind of stuck we don’t know what happened on the other end. But we have requested several times as you see here that’s the support page to show us that they got the decryption key. But they responded initially but after that no more response. We sent them the file through sendspace and nothing and sent them another one afterwards. Then we sent them another saying that we got the bit coin ready they are to show us the key.

Take Backups

No key now basically think it was 7 days that they gave us has expired. So now we are at $1000 if you want your stuff back. So it is not looking good for this customer here so we will see how it goes. If you’re watching this and you don’t want to be in this situation make sure you have backups. Multiple backups and there are some software out there that can help prevent this as well. I really wouldn’t rely on that. The best thing to rely upon is your backup.  Will follow up with you and let you know what happens here.

Think you may have ransomware on your machine? Let us show you how to detect if you are infected with ransomware