Posted by jim guerber on February 05, 2016 at 10:18:57:
In Reply to: Ransomware ALERT!!!! posted by Barbara Brazil on January 28, 2016 at 15:09:55:
Yes, I was hit by the crypto wall ransom ware exploit. This is a pretty sophisticated program reaping millions of dollars from users every day. It required me to download and use the TOR browser, purchase bitcoins and transfer them to it and they would provide me the decryption key and program to decrypt my files.
I ultimately decided NOT to pay the $700 they wanted. When I saw the activity in progress, and windows defender repeatedly trying to quarantine the infected programs, I quickly shut my machine down.
I then took the machine to my friendly IT guy. We took the disk drives out of the computer and made images of each drive. It turned out that the C drive, and all my dropbox files were hit, but the D drive was intact. This may be because I shut down in time, or for some other reason, crypto wall decided to ignore it. I store the windows stuff and all my applications on C and all of my personal files (source code etc.) on D. So then I restored the c drive and Windows from the original CDs the vendor provided, and restored the applications from an image backup (stored on the D drive). I got hold of Dropbox and they restored all of the Dropbox files to just before the disaster happened.
So, now I am pretty much back on line and restored. This was a big lesson for me. It is getting more and more difficult to defend against this kind of thing. Check out this link and the link below....
http://www.talosintel.com/angler-exposed/
Each file can be a maximum of 1MB in length Uploaded files will be purged from the server on a regular basis.
and
http://blog.talosintel.com/2015/12/cryptowall-4.html