Jump to content
  • Announcements

    • CyberGod

      Donate and Get VIP Premium Accounts Plus More!!!

      If you have ANY questions about donating, please PM ADMiN   ••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••   CP NEEDS YOUR DONATIONS!!!   Cyberphoenix runs on high-end Intel Servers , Your donations help us keep the site running smoothly     Donating to CP not only provides you an opportunity to support the site but also get your name posted in the shoutbox, recognizing that you donated, and publicly thanking you.   Benefits of Donating ► Respect of all of our staff, mods, and members.   ► Access to our special VIP forums.   ►A Green name color.   ► A custom member title. (Instead of teacher you could be l337 Donator)   ►In depth tutorial on how to activate windows (including windows 7) / office & receive windows updates!   ► #1 Priority when you request in VIP Requests.   ► The latest HTTP (non rapidshare) links and Premium Downloads!!!   ► You get to have an email like yournamehere@cyberphoenix.info (PM for info!)   ► Max PM storage from 50 to 10,000.   ► Can DELETE your own posts.   ► Avoid all Flood Control Limits.   ► Can change your display name max of two times every 30 days. (PM for info!)   ► RapidLeech Services.   ► Can request, and get #1 priority, in the shoutbox.   ► There is so much that isn't listed here. Donate Today!   We also have a lifetime package available!
    • Mr Grumpy

      Post Requirement for requests

      Before a request can be made there is a requirement that a minimum of 5 other posts be made. This can include an introduction post and replies to other posts. Please do not try to bypass this requirement or the request may be deleted. That includes trying to use the shoutbox where requests are strictly forbidden.
    • Mr Grumpy

      Definition of anime

      Anime is not ordinary animated video it is Japanese movie and television animation, often having a science fiction theme and sometimes including violent or explicitly sexual material. Please do not post ordinary animated video in this section. It belongs in either type of movies or TV shows depending on what is being posted
    • CyberGod

      Rules of the CyberPhoenix Community : A Must Read   03/18/2018

      All Boards: 1.1 Cyberphoenix is a family forum open for all ages. Explicit, vulgar language, drug, religion, political talk, nudity, porn, hacking, money schemes, scams,advertisements and such others are not allowed. There will be a straight ban, no bargains. 1.2 No mini-modding. Use the report button but do not add your own criticisms.The forum language is strictly limited to English. This includes posts, titles, signatures, profiles and other forms of public display and also includes the main audio language of movies etc. 1.3 No advertisement of any website or forum in posts or signatures nor any live links to be posted. 1.4 All e-mail addresses, passwords and external links of any kind MUST be coded. 1.5 No bumping of threads. 1.6 No impersonating a staff member. 1.7 Respect one and all and No Flaming 1.8 Any member with multiple accounts will have all accounts permanently banned immediately, no bargains. 1.9 No Disrespecting CyberPhoenix Staff will be tolerated and can lead to a Permanent Banned.     Warning System: 2.1 Members breaking rules will be appropriately warned or banned. 2.2 Members with three warnings will be immediately banned.For serious offences or anti-forum activities and posts, members may be banned without warning. 2.3 Warnings may have an expiry date or may be permanent if more serious. 2.4 Do not argue about warnings or bans because they could escalate; pm senior staff if necessary.   Posting Rules: 3.1 a) All topics must contain a valid description. b) Topics must be posted in the relevant forums. Check before you post. c) All freeware posts must have the software homepage link in the post.   3.2 Topic titles must be appropriate. No adjectives such as new, latest, etc. or other such words are to be used in the title. 3.3 Absolutely no duplicate posts. Search before you post and update your links, by editing your post, if necessary. Add to the existing post on that topic. Non-compliance will get post deleted and member warned. No bargains and no clarification on this. 3.4 ALL externally hosted files MUST have a 'freely available' option without the need for Premium Accounts or Registering, completing surveys or assorted hoop-jumping. This also means ensuring file sizes are within the limits specified by any Hosting Site you upload to. Larger files requiring Premium or Registering access may only be shared providing a 'free' option has been given. Disabling the Add Blocker is considered Hoop-Jumping and isn't allowed. 3.5 . No Trading or selling allowed and promoting of Premium Accounts to enable faster/unlimited downloading is not allowed. Each site has advertising within it's own pages clearly showing benefits of Paid versus Free accounts. Please do not act as a salesperson or chase commission through referrals. 3.6 Posts should not contain explicit, offensive, shocking, nudity, and meaningless matter. All freeware posts must have the software homepage link in the post. 3.7 No megapost or multiple threads for a topic allowed. (Only Staff and VIPs with permission from admins can).No index page, every post is to be separate. 3.8 Do not excessively and unnecessarily 'pad out' your archives/files (rar,zip,etc..). For example, adding a 10MB .mp3 with a 50k .sis OR 3mb image file with a 3mb .apk just to earn an extra file host point is totally unacceptable. Maximum acceptable file size that can be added in rar/archive is 3mb. Staff reserve the right to edit any file & re-upload or simply remove/trash without notification. 3.9If the RaR file has a Password you must give the Password and/or the Post will be Deleted and further action can happen   Banned Filehost: 4.1 Filevelocity, linkcrypt, ryushare and 4shared are not allowed on CP. Any post/thread not adhering to this policy will be deleted. Further file hosts may be added in future. File Host Banned (CS), Hulkload, Filehost banned (NF), picofile.com and egofiles, banned filehost (UR) and Uploadgig,com now added to banned list as well as File Host Banned (KF).Fileshark.pl, Linkshrink.net Banned filehost (mu) and worldbytez.com and u4 banned file host 4.2 No Redirector, masked, protected or referral links otherwise your post may be edited or simply removed/trashed without notification. These sites include, but not limited to the following, subject to addition with immediate effect: 4shared adf ly adfoc.us anonym.to any.gs bit.ly File Host Banned (CS) Downloadsafe.org dyo.gs egofiles file.cloudns.org filehost.s7s7.org filemates.com Fileshark.pl. Filevelocity File Host Banned (KF) letitbit net linkcrypt linkcrypt.ws linksbucks com Linkshrink.net makeashorterlink com masl to Banned filehost (mu) Filehost banned (NF) paste2.org Peeplink.in picofile.com q.gs qqc.co ryushare ryushare com Filehost banned File Host Banned (SU) sharecash com sharecash org. banned redirect filehost (Ss) Short.go4down snipurl com tinylinks.co tinypaste.com tinyurl com u4 banned file host uploadbox com Banned file host (ug) banned filehost (UR) usercash com verified-download.com worldbytez.com   Spam Rules: 5.1 No promoting any website. For the Link Heaven section sites that are within the rules are allowed. 5.2 No webhosting discussion, introduction or advertisement unless it is a CyberPhoenix sponsor. Passwords with other site names are not allowed. 5.3 Unrequired passwords but posted or Posts requiring passwords with missing passwords will turn the post spam. Spam will be deleted and the member banned 5.4 Wrong content in files with dubious names or containing security threats will lead to bans.   Private Messaging: 6.1 All above rules apply to private messaging. Poaching any member or staff member is strictly forbidden. 6.2 PMs from staff and admins must be replied within 48 hours or the member will be restricted from using the forums.   Avatars and Signatures: 7.1 All above rules apply to avatars and signatures. 7.1 The total maximum dimensions for all images in a signature is 500px (width) by 200px (height) horizontally only.   Explicit Guidelines: 8.1 Sticky Requests: No request for a post to be made sticky. No polls for topics usefulness or stickiness. 8.2 Normally no username or password changed except staff or VIP. 8.3 Don’t ask for promotions, send applications in the designated forum only. No advertising sites or email addresses in images or text.   ShoutBox Rules: 9.1 No Spamming, flaming or vulgar words or discussions about banned subjects. 9.2 Strictly No Requests in Shoutbox or your Privilege will be Revoked. There is a separate forum for requests. 9.3 No answering requests or posting large images in shoutbox. 9.4 ShoutBox is for General Chat - Political Statements will be kept to a minimum (If CP Staff thinks it too much he/she will stop it).   Regards CyberGod       These rules may be subject to amendments at any time so please keep referring back from time to time.   Legend: Basic rules fundamental. Usually about all sections. Usually about Download Links sections. Usually about requests and general sections. Advanced rules specification.
Sign in to follow this  
Tech 425

Hit by RansomWare? This is What You Need to do NOW!!

Recommended Posts

Hit by RansomWare? This is What You Need to do NOW!!


Ransomware is a growing threat – here's what you should do if you fall victim to an attack.

Ransomware is a form of malware on your computer that can lock your screen, files or operating system temporarily. It does so with the expectation that you, the user, will fork over the cash to get yourself out of the bind that an exploitative transgressor has used to hold your machine hostage. 

It’s been around for over 20 years now in one form or another, but never before has malware been so prevalent – and now, in an age where digital currencies, such as Bitcoin and Ethereum, can be used to conceal such dubious transactions, it’s increasingly likely that you'll encounter one of many ransomware ‘strains’ in the near or distant future.

Unfortunately, what’s less clear is what to do in the event that you’re struck by ransomware; with so many variables, including what type of ransomware you’ve fallen victim to, extricating yourself from an attack is no easy task. Luckily, we at TechRadar Pro are here to bail you out.

Screen-locking or encrypting ransomware?

Generally, there are two kinds of ransomware that you could be facing for which simply rebooting your machine or clearing your browser cache isn’t an immediately viable solution. 

The first, and easiest to resolve, is called screen-locking ransomware. This stunt typically involves a warning, allegedly issued by the police, FBI or other authority, that unless you pay the amount demanded your system will remain unusable. 

You’ll see screen-locking ransomware like this dubbed with a variety of different names, such as ‘lock screen ransomware’, across the web. However, for the sake of consistency we’re going to refer to it as screen-locking ransomware throughout this guide.


The other common type of ransomware is a tad more complicated to address. It’s called encrypting ransomware, and often it will lock or progressively delete your precious files, as an incentive for you to reach for your wallet instead of taking the time to carefully consider your next steps. 

Regardless of what type of ransomware you’re seeing, the first step is to make sure that it’s real. It’s easy for fraudsters  to tap into the naivety of PC or Mac users by producing a fake ransom that someone will inevitably believe. 

If you’re on Windows, try opening Task Manager and closing out of the compromised application by pressing the Control, Shift and Esc keys simultaneously. If you’re on a Mac, do the same thing in Activity Monitor by pressing Command, Option and Esc.

Terminating screen-locking ransomware

If you’ve determined that it’s screen-locking ransomware you’re dealing with, and that no amount of keyboard shortcuts can save you, you’ll want to start contemplating your options. Before you do that, though, make sure nothing is connected to the infected device in question, lest the disease spread and your whole office get mad at you.

That means disconnect any connected peripherals, such as external hard drives, printers, webcams and anything else that could potentially be used to ruin your life like that one episode of Black Mirror – learn from Shut Up and Dance. Then, disconnect from the internet completely if you can.

Next, try to take a screenshot of the ransom note. If that’s impossible, use a phone or camera to take a photograph of the note on your screen. This can be used as evidence should you decide to file a police report later on.


If you’re using a Windows laptop or tablet, restart your system in Safe Mode by turning it off and then turning it back on while holding both the power and ‘S’ buttons on the keyboard. Mac users should reboot their computers by holding shift during bootup, and Windows PC users should consult their motherboard instruction manuals to access Safe Mode from the BIOS.

From there, you should be able to dislodge the ransomware using a free malware removal tool. 

If that doesn’t work, you can attempt to return to an earlier system state either in Windows System Restore (Select ‘Advanced Boot Options’ at startup or search ‘Recovery Options’ from the Cortana-enabled search bar at the bottom-left corner of the screen). Mac users can perform a similar exercise by restoring their files in Time Machine (Command+Space+Time Machine). 

After you've done this, we recommend running your antivirus software of choice one more time before filing a police report as your final step. 

Discharging encrypting ransomware

Encrypting ransomware has become increasingly common in the last couple of years. It goes by a number of different names, or strains, too, although there are only a few you’ll have to familiarize yourself with. 

Some of these strains, like GoldenEye and Crysis, are named after popular video games, the latter of which you won’t want to run no matter how impressive your graphics card is. Others have been crafted after horror movie villains, as is the case with Jigsaw, which is programmed to delete all of your files slowly and painfully over a 72-hour span.

If you or someone you know has fallen victim to encrypting ransomware, you’ll want to take a lot of the same steps we talked about in the previous, screen-locking ransomware section. So get disconnecting all of your peripherals and network connections, take a picture of the ransom note and make sure you have the best antivirus to troubleshoot the issue.

Should your trusty antivirus fail you the first time, reboot into Safe Mode using these instructions and try it again:

  • Windows tablet/laptop: Power button + S at startup
  • Windows desktop PC: Click restart + hold down Shift on login screen
  • Mac: Restart + hold down Shift

Once you’re in Safe Mode, do what you can to recover your files, either encrypted or deleted. There’s a plethora of file recovery software out there you can use. You can also use Crypto Sheriff and ID Ransomware to identify the encryption you’re dealing with and remove it from there. 

There’s also a website called No More Ransom that’s equipped with the decryption tools necessary to remove some types of ransomware decryption. 




If you have your important files backed up elsewhere, perhaps the best way to get rid of encrypting ransomware without succumbing to the desires of criminals is to reinstall your OS. 

Reinstall Windows 10

Mac users can reinstall macOS High Sierra by powering-on or restarting their computers and holding Command and R at the same time to access macOS Utilities, then selecting ‘Reinstall macOS’. 

Remember to file a police report using the photo you took earlier when you’re done.

  • Like 1

Share this post

Link to post
Share on other sites

yeah ransomware has been around for ever.. pain in the butt.. ive dealt with it alot fixing clients computers, never dealt with the encrypting versions though.. i usually just reboot into safemode and run a portable version of unhackme and malwarebytes.. then just remove the left overs manually.. thanx for the read tech.. :sun:

  • Like 1

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this