Jump to content

Some of my files cannot be opened any more because someone wants me to pay him to get access to them (paytordmbdekmizq)


Recommended Posts

Some of my files like Word docs, Excel docs, pictures, and even 3rd party files cannot be opened any more because some hacker left a note in the folder saying that payment must be made at paytordmbdekmizq.pay4tor.com in order to decrypt the files so I can use them again.  I've heard of this being called file hostage.  This is the first time it's ever happened to me.  Norton 360 scanned one of the folders involved and found nothing.  Can anyone tell me what my options are?  Does anyone know if paying actually gets your files back?

 

Also, how would the hacker have gotten into my pc in the first place?  Did I simply click on his site, download a pic?  I'm usually careful about not installing unknown .exe files so it must've been other means.  Does anyone have any idea of what I could do to fix this?

Link to post
Share on other sites

  • Root Admin

It sounds like you may be infected with the CryptoLocker infection. If so then if you don't have backups of your data then you probably have no choice except to either lose them or pay.

 

Please see the following

http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

Link to post
Share on other sites

Thanks for the reply. I've since learned that it's the Cryptowall 2 infection. When I looked more closely at the "ransom" note, the perpetrators actually say what the infection is.  There's an active main thread for this infection on this site which I've been following (I wasn't able to paste the link).  It seems to be getting many people.  

Link to post
Share on other sites

  • Root Admin

Yes, we can remove the items launching it but that will do nothing to recover your documents. Up to you but myself I'd probably cut my losses and do a factory restore or fdisk, format, and reinstall Windows. Then make sure I follow a good backup regiment. Myself for my "very important" files I have 3 external backups. For just casual work I have 2 backups. Never are all the backup drives connected to the computer so there is no chance that all of them could get infected. Keep up on safe computing practices and keep older plugin software up to date just like Windows critical updates.

You may find these articles of value

Backup Software

The complexity of finding, preventing, and cleanup from malware

Do I need a Windows Registry Cleaner?

MBAE Exploits How they work

Malwarebytes Anti-Exploit in action

Product information for Malwarebytes Anti-Exploit

As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers

How do I disable Java in my web browser? - Disable Java

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.

Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.

If you're not currently using Malwarebytes Premium then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.
Link to post
Share on other sites

As for backing up, I was thinking of just getting an external hard drive (ie/ Western Digital MyBook) and just copying and pasting my important files.  Do you think that would be good enough?  I'm reluctant to use any software because that would mean leaving the backup device connected. 

 

Do you have any hardware recommendations for backing up purposes?  Western Digital is a known name but I've stayed away from them because one of them broke on me years ago (could just be bad luck). 

Link to post
Share on other sites

  • Root Admin

No doubt that hard drives fail regardless of MFG. But nothing else beats the price. The issue/concern though is that you can potentially backup a file that might be part of this infection and could potentially bring it back. I mean you can go through your data and see what works and what does not and only copy over data files you created that still work. Anything else do not copy over.

I have multiple backup drives now days as I've had them fail on me too.

Link to post
Share on other sites

  • 1 month later...
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.