Poll of the Day > my wife got ransomware on her computer.

(+) Yeah! (+)

the one that locks down the entire computer, the shittiest type.

so now i have to fix that, and then go around to the various computers on my network and make sure they didn't get infected, too.

this is what i wanted to do today.
---

Don't blame your hand
---

FellWolf posted...

Don't blame your hand

but his hand is the one who downloaded the virus!
---

no, i know it's not my hands fault, but i still had a stern talking to it
---

---

To be fair, she was probably just looking at raunchy porn.
---

Literally nobody believes Helly is successful enough to have a computer.
---

i know a great indian software company that could unlock your pc remotely for $500, ok?
---

Blighboy posted...

Literally nobody believes Helly is successful enough to have a computer.

smh @ this poor shaming
---

if you pay, does the stuff actually go away?

Fam_Fam posted...

if you pay, does the stuff actually go away?

Most of the time, yes. The ransomware loses its effectiveness if they get a reputation for not actually giving control of the computer back.
---

RCtheWSBC posted...

Blighboy posted...

Literally nobody believes Helly is successful enough to have a computer.

smh @ this poor shaming

I don't think it's his fault, it's more like society has stacked the deck against most guys now a days, particularly well off, intelligent white men like myself and Helly. We have enough "advantages" that it's just assumed we all have a PC, and the barriers for entry just get higher and higher. We just have to work disproportionately hard to obtain a worthwhile product. Where as women can go into literally any Bestbuy and have an army of clerks bending over backwards to provide them with the best possible tech experience, and they have free pickings.
---

Smarkil posted...

Fam_Fam posted...

if you pay, does the stuff actually go away?

Most of the time, yes. The ransomware loses its effectiveness if they get a reputation for not actually giving control of the computer back.

yep.

it's easy enough to just get rid of if you know how, but the majority of people who get ransomware like this don't know what's even going on enough to think someone else could just remove it
---

The world doesnt want you playing p5
---

the fuckin thing isn't even done downloading yet anyways
the hell is the ps3 so slow
---

helIy posted...

Smarkil posted...

Fam_Fam posted...

if you pay, does the stuff actually go away?

Most of the time, yes. The ransomware loses its effectiveness if they get a reputation for not actually giving control of the computer back.

yep.

it's easy enough to just get rid of if you know how, but the majority of people who get ransomware like this don't know what's even going on enough to think someone else could just remove it

Bad part is, people go to the police, and the police just tell them to pay the money.

My piece of ransomware was masquerading as if it was from the FBI. Actually fooled me for a minute, before I read the stuff like "use Moneypak" and it tipped me off. But I got rid of it myself after looking up info on my PS3's web browser. Thankfully it wasn't one of those really nasty things that begins deleting or encrypting your files.

i can't get this shit off.

her laptop refuses to boot anything from USB, and it doesn't have a disc drive.

like, i can choose to boot from USB, but then it gives me a fucking error message, and i've tried several different flash drives.

it's like this thing hijacked into the bios.
---

Boot into safe mode; run system restore.

My grandfather used to get this shit all the time, and that was how I always got rid of it.

you say that like that wasn't the first thing i tried

pretty sure this is one of those bullshit encryption ones, because the recovery menu is telling me there's no goddamn admin account.
---

It's dangerous to go alone. Take this.
http://www.shadowexplorer.com/downloads.html

Assuming you can eventually get it to boot up.
There is a certain trick you can do that swaps the sticky keys dialog with the command prompt. Then use that to create a new account.
---

the most i can do, it seems, is get into command prompt.

or...not?

i was in it, closed it out to see something and then went back to it

now it's telling me i don't have access to it.

this is some fucked up shit.
---

Sticky key...
http://www.top-password.com/blog/how-to-reset-windows-7-password-using-sticky-keys-trick/

helIy posted...

the most i can do, it seems, is get into command prompt.

https://operating-systems.wonderhowto.com/how-to/create-admin-user-account-using-cmd-prompt-windows-0125689/
---

hokay, i actually got somewhere.

it used a syskey fucking password.

i was able to get back into command prompy and copy the files from system32/config/regback into just the config folder

that let me actually boot into windows. now i get the ardious task of meticulously going through all of her files
---

Tell her she's grounded for three weeks
---

i didn't actually think that method was gonna work, either

it was like a last-ditch hail mary before just shoving a new HDD into the thing
---

RCtheWSBC posted...

Tell her she's grounded for three weeks

This and add a good spankin'. >_>
---

dragon504 posted...

RCtheWSBC posted...

Tell her she's grounded for three weeks

This and add a good spankin'. >_>

And for good measure you might want to check the browser history for the last site she was on...
---

i already know what caused it
---

helIy posted...

i already know what caused it

I assume you're saving that tidbit for the next time wifey wants to argue then?
---

nah, she switched from firefox to chrome without any adblocker

then she clicked a link she got from facebook, which led her to downloading a "driver updater" tool.

i got the same spam message with the link to it in my messages, too.
---

Well that's just depressing...
---

Blighboy posted...

Literally nobody believes Helly is successful enough to have a computer.

God, that was amazing.
---

helIy posted...

the shittiest type

helIy posted...

it's easy enough to just get rid of if you know how

you do NOT have "the shittiest type" if you can just casually get rid of it. "the shittiest type" is the kind that you CANNOT FIX EVER even if you had all the time in the universe...
---

Sahuagin posted...

helIy posted...

the shittiest type

helIy posted...

it's easy enough to just get rid of if you know how

you do NOT have "the shittiest type" if you can just casually get rid of it. "the shittiest type" is the kind that you CANNOT FIX EVER even if you had all the time in the universe...

you gonna try semantics here huh
---

Rootkits are bad too. You don't even have any "symptoms" until you search for something on Google, click on the result and get a webpage that tells you you're a bot or something. I've uh... had a lot of malware problems over the years, lol.

helIy posted...

you gonna try semantics here huh

not sure what you mean, but I mean that the "bad" kind of ransomware is the kind that encrypts your data with strong RSA. something that you can't fix no matter what.

about 6 months after taking Systems Administration at the University of Calgary*, and having discussed this issue at least a couple times, they *got* one of these and had no choice but to pay the ransom, and that's a university.

(* which included a tour of their data centres, which is one of the coolest things I've ever done)
---

Sahuagin posted...

about 6 months after taking Systems Administration at the University of Calgary*, and having discussed this issue at least a couple times, they *got* one of these and had no choice but to pay the ransom, and that's a university.

hahaha, what

you literally never have to pay them.

you can easily get your data back

worst case scenario is you need to get a new hdd and an external hdd enclosure
---

With encryption it becomes literally impossible on a physical level to get into it. You have to find a way to get the key to break it.

helIy posted...

you literally never have to pay them. you can easily get your data back

so now you know more than the entire computer science and engineering department and systems administration staff at a major university...?

do you even understand the concept of encryption? do you know what RSA is?
---

jamieyello3 posted...

With encryption it becomes literally impossible on a physical level to get into it. You have to find a way to get the key to break it.

which isn't hard when it's ransomware that's doing it.

you have to be able to access the drive, that's it. That's why I said an external hdd enclosure.
---

Sahuagin posted...

helIy posted...

you literally never have to pay them. you can easily get your data back

so now you know more than the entire computer science and engineering department and systems administration staff at a major university...?

do you even understand the concept of encryption? do you know what RSA is?

you're talking about locky, right?

yeah, you can get your data back from that pretty easily
---

it sounds like you don't know what encryption is
---

Heh, I once got one that locked me out and took a photo of whatever the camera was looking at. Apparently my chair, known as [name]'s_PC, was looking at, making and distributing CP and I was either going to jail in seven days or paying off a fine. I started a shutdown, it came up saying "so and so programs are preventing the system from shutting down," then it closed the virus thingy (the screen Lock) so I cancelled the shutdown and used an anti-virus.

Most likely had a very, very primitive version of a ransomware. But it was a good first lesson to what viruses are and that they actually exist. (Was only a young kid with inept parents).

Hopefully you can get rid of it Helly, without paying that is.
---

It's literally physically impossible to access properly encrypted data.

Because you could fix it I can tell you right now your ransomware didn't encrypt anything.

As long as you have a restore point you can get your files back with Shadow Explorer that I linked to above.
---

jamieyello3 posted...

It's literally physically impossible to access properly encrypted data.

Because you could fix it I can tell you right now your ransomware didn't encrypt anything.

it did, it encrypted image files, of all things.
---

jamieyello3 posted...

It's literally physically impossible to access properly encrypted data.

Because you could fix it I can tell you right now your ransomware didn't encrypt anything.

I don't understand this. With today's technology, there's got to be something that can fix that.

helIy posted...

it did, it encrypted image files, of all things.

so what is your magical way of retrieving encrypted documents?
---

Sahuagin posted...

helIy posted...

it did, it encrypted image files, of all things.

so what is your magical way of retrieving encrypted documents?

with locky, probably the most common encryption ransomware, it stores the encryption key locally because it doesn't contact a server anymore to retrieve it.

the hardest part is finding the thing, it chooses a normal looking file name that would belong in the windows folder.
---

@helly

You accessed un-encrypted data that was denied access to you by the ransomware.

WarGreymon77 posted...

I don't understand this. With today's technology, there's got to be something that can fix that.

Usually that involves tricking whatever you're trying to exploit into giving you the key. It's pretty hard to prevent hackers from doing that in a lot of larger systems, like a console.

Also you're right to an extent. Quantum computers are coming, and the way they work destroys encryption.

Helly does not own a quantum computer.