Topic: Please Help - Ransomware has stolen my files and I need to pay in BitCoins - page 2. (Read 3891 times)

Your degree clearly wasn't in reading comprehension. OP stated the exact virus name in the first post

We have nothing to do with ransomware and this isn't an exchange site.
So, Why the fuck would you create an account here looking for help.
Too bad localbitcoins won't sell at market rate, that is our problem some how?
You can't figure out how to buy them at an exchange but you figured out how to create an account here
and troll the forums.
Don't click on BS links, you deserved what you got.

Thanks for advice I will leave thread alone after this post aswell.

I found it hard to believe he did not backup important files.  The last company I worked for I know pushed backing up important files.  It was stressed very much to use the network drive.  We also had a enterprise anti-virus that forced you to update in background, so most computers did not get infected unless very very early after the malware release.

Frankly I would not trust the op.  He refused to meet with  danny h.  Strong chance he is looking to con someone to take a fake cc or paypal.

Also he could be a signature shill. Posting a topic to allow people in signature campaigns to post here with legit answers.

I won't post again.  And I do not believe him as he would not meet with danny h.

Also classic excuse I forgot to backup my files.  Feel sorry for him and send him a coin that he charges on his cc and good luck to you.

I wish OP could give us exact virus/malware he has.  If he had that we could tell him a lot more.  My bachelors degree is actually based on computer security.  I added on quite a few extra hours to get this vs standard bachelors at a University.  Bitcoin and security are what I enjoy reading about.

We can guess and throw out ideas.  But without knowing exact variant he has it's all guesses.  It is bad you do not have backups, this makes it harder.  My last company we suggested storing backups of anything important on a network drive that we had with all kinds of security on it. 

Does your company have a help desk?  I still say this is a good option depending on how well they are.   I would hope they could look at it and say if it's a lost cause,  or if they can get rid of malware.  There is a chance it's not really some super encryption on it, but the malware makes it appear this way.  Or it could be more advanced and truly have them locked up.

Depending on your level it might be something you can handle.   It all depends I don't know your background.

And the third option is a computer repair service.  If you do one of these i give it a 90 percent chance they blow it away and reinstall windows.  So good that you have a safe computer again, but most likely lose data.

If you have not gotten this resolved, I know of some one that can help you.  pm me i will share the information with you.

Contact DannyHamilton and try to buy from him with cash since he's a trusted member; They WONT decrypt your files, in fact your files may not exist anymore this type of ransom ware is well-known and the pay to this address has been going around for quite long time; More information here on the one that I'm talking about http://en.wikipedia.org/wiki/CryptoLocker

Just my two cents:

If possible - mirror the HD in question, so if everything goes badly, you at least have a copy. I assume it is only your personal files that are encrypted, and that the rest of the OS is untouched.

You mentioned that there was a "test-drive" for decryption and that you got one file back. If this code is not too sophisticated, an expert might be able to crack it so all of your files could be decrypted. Perhaps if you posted on some crypto/reverse-engineering/security forum there would be some people able to help you out. Professional services might be worth a shot too, but that might quickly add up costs.  A long shot could even be the a police department with a cyber investigation unit. If such a thing exists.

Contrary to what others say, I believe you would get your files back. If word got out that nobody gets their files back from paying, then people would most likely stop paying, and the criminals would shot themselves in the foot.

Once everything is hopefully restored, get a proper backup solution and don't forget to test that it actually works now and then.

He said in an earlier post that he had no recent backup to restore the computer from. Removing the virus would not help, and since he has no backup, his last resort is to pay the ransom.

Why are we giving OP advice on buying bitcoins? I could have missed something, but is this advice so he can pay the ransomware?

OP you should in NO way pay the ransomware.   I gave my advice in a earlier post on how to get rid of it most likely.   Does your company have a help desk area that can help you? (I did helpdesk work once and removing virus's was normal.  Would not lose your job liked you talked about).

If no resources at work, and cannot do it yourself.  Look into places that fix computers vs paying ransomware.

OP: have you tried Coinbase? They have an "instant-buy" option if you verify your account with a Visa or Mastercard credit card (along with verifying your bank account).

I'm not sure how long the verification process takes as its been awhile since I did it. If you don't do the instant buy method, the turnaround time for receiving BTC is 4 business days.

As others have said, it is difficult to buy bitcoins with your preferred payment methods (paypal, MC) as they are reversible, bitcoin is not.

also click the report button when you see someone clearly wrote an answer without any thought or knowledge on the subject matter.

Danny is correct. 

Often the people with the ads in their signatures are doing nothing but spouting random advice that is often not accurate merely to get the ads in front of people.  Be wary of advice from people with the signature ad campaigns.

You would do well not to take advice from anybody that has an advertisement in their signature space on this forum.

The vast majority of those are people that are being paid per post to advertise with those signatures.  Therefore, they'll say just about anything in a discussion thread just to increase their post count (and therefore increase their income).  Generally, they know less about the topic they are discussing than the person asking the questions.

Since you are in the US, coinbase.com has fast turnaround - or at least they have in the past.

I too have seen reports where people paid and got their files unlocked, so if you need the files, this is pretty much the only way.

Good luck.

Regarding localbitcoins.com, were you looking in the "Buy bitcoins online in United States" section here, which typically works anywhere in the U.S. via Western Union, Moneygram, or branch cash deposits (ignore OKPay, Perfect Money, WebMoney, etc., they'll probably just make things more complicated)?

Also, DannyHamilton suggested he may be able to help you out directly: https://bitcointalksearch.org/topic/m.11193629. He's a widely trusted user on Bitcointalk.org, see here (and also a trusted escrow agent, see here), you should consider his offer.

P.S. I'm very sorry this is your first experience with Bitcoin , but I do hope you'll stick around once this mess is settled.

One of the downsides of being an Uper. I can help if you'd want to drive to the Saginaw/Bay City area.

TT

Scratch that, TruCoin seems a bust.

All I got was a "you have been added to our list" message and I read that people waited and waited and nothing happened.

I live in the middle of nowhere in Northern MI, so I can't just walk out and meet folks for a transaction.

Any suggestions for a specific site that seems to have quick turnaround?

Thanks

TB

Hey ALL

Again, thanks for your help so far.

Yeah, some of you haven't read thru the parts where I stated that thought I was backing up continuously, that I'm an outside consultant and therefore fell thru the cracks of IT backups.  I had antivirus, and have run lots of malware now and the threat appears to be removed.

All of my files are still here, but they are encrypted with 2048 RSA encryption.  This is like out of a movie, pay the ransom, get the key.

You don't think I'll get my files back but many have in fact, gotten theirs back.  In the spirit of get what you pay for, if they didn't make good on the promise then there would be more reports of this.  I also feel like I would not have been able to INSTANTLY get my "test" file back so quickly.  I mean, it was instantaneously available, so obviously the process is automated.

What I'm worried about at this point is the offer expiring.  I never saw the original splash screen but it's been like 72 hours.  Gotta make this happen today.  Waiting for some folks to get back to me about selling their coin.

Going to look into buying at TruCoin as a backup I guess

Bitcoin is very much like cash. Once the transaction is complete it cannot be reversed, therefore it's unlikely you'll be able to make an initial purchase of 2.5 BTC with a credit card. As DannyHamilton suggests, you can make this purchase with cash locally though, so mention your general location and maybe someone will meet you to trade BTC for cash. If no luck here, you can put a WTB (want to buy) ad in your local Craigslist. Maybe offer to pay 10% over exchange rate. Meet in a public place like a mall, restaurant, or even a local police station to avoid being robbed since you'll be carrying a lot of cash.

TT