HELP, my pc is "LOCKED"

xHeramis

Estimable
Jan 15, 2016
3
0
4,510
0
I was downloading something but accidentally downloaded a virus. Most of my files have been turned into .aurora and most of my program aren't accessible (I can't use snipping tools to take a screenshot) So theres a note pad that I can't close and it says

==========================# YOUR PC BLOCK #==========================
SORRY! Your files are encrypted.
File contents are encrypted with random key.
We STRONGLY RECOMMEND you NOT to use any "decryption tools".
These tools can damage your data, making recover IMPOSSIBLE.
Also we recommend you not to contact data recovery companies.
They will just contact us, buy the key and sell it to you at a higher price.
If you want to decrypt your files, you have to get RSA private key.
In order to get private key, write here:
oktropys@protonmail.com
And send me your id, your id:
1335195369
And pay 150$ on 1DVrBzv6hb1D217NNqbjaForF3eG3HXc7a wallet
If someone else offers you files restoring, ask him for test decryption.
Only we can successfully decrypt your files; knowing this can protect you from fraud.
You will receive instructions of what to do next.
==========================# YOUR PC BLOCK #==========================

I restored point, and the other random programs it installed got deleted but the notepad thing is still here and I still can't access my programs. I also don't have the option to factory reset my pc. hellp plss
 

USAFRet

Illustrious
Moderator
I was downloading something but accidentally downloaded a virus.
:no:


https://www.pcrisk.com/removal-guides/12850-aurora-ransomware
----------------------
Aurora uses RSA-2048 - an asymmetric encryption algorithm. During the process, this malware appends filenames with the ".Aurora" extension (e.g., "sample.jpg" is renamed to "sample.jpg.Aurora").
----------------------
Aurora uses RSA-2048 algorithm. Therefore, public (encryption) and private (decryption) keys are generated individually for each victim. Restoring files without the private key is impossible.
----------------------
Unfortunately, there are no tools capable of cracking RSA-2048 encryption and restoring files free of charge. The only solution is to restore everything from a backup.
----------------------


Either recover from an uninfected backup you made before this happened, or full wipe and reinstall.
 

mdd1963

Distinguished
Downloading 'something'....

Unfortunately,...

you've been 'crypto lockered'.....

Unless it is one of the older variants that have released keys for decryption, your chances are not good of recovering anything....
 

lumineZ

Prominent
Jul 25, 2017
47
0
610
9
https://sensorstechforum.com/aurora-files-virus-how-to-remove-it-and-restore-files/


Or just wipe the drive and re-install windows. (and here is the reason why one should always backup the files)
 

Wolfshadw

Splendid
Moderator
Option 1) Pay $150 and pray they actually give you the decryption key rather than ask for more (hey! If he's willing to pay $150, maybe he'll pay $250!).

Option 2) Format and reinstall from a recent backup you made.

Option 3) Say, "screw it" and format without any backup, losing all your data.

Just curious, what anti-virus program were you running that allowed this through?

-Wolf sends
 

xHeramis

Estimable
Jan 15, 2016
3
0
4,510
0


Will factory resetting pc help? I got it on my 1tb ssd ):
 

xHeramis

Estimable
Jan 15, 2016
3
0
4,510
0
Thanks y’all I guess I’ll just reformat my drives. Should’ve been way more careful and no I don’t have anti virus, thought defenders would be fine.
 

USAFRet

Illustrious
Moderator
I was downloading something but accidentally downloaded a virus.
:no:


https://www.pcrisk.com/removal-guides/12850-aurora-ransomware
----------------------
Aurora uses RSA-2048 - an asymmetric encryption algorithm. During the process, this malware appends filenames with the ".Aurora" extension (e.g., "sample.jpg" is renamed to "sample.jpg.Aurora").
----------------------
Aurora uses RSA-2048 algorithm. Therefore, public (encryption) and private (decryption) keys are generated individually for each victim. Restoring files without the private key is impossible.
----------------------
Unfortunately, there are no tools capable of cracking RSA-2048 encryption and restoring files free of charge. The only solution is to restore everything from a backup.
----------------------


Either recover from an uninfected backup you made before this happened, or full wipe and reinstall.
 

USAFRet

Illustrious
Moderator


Antivirus can only go so far.
Something you downloaded and you installed...that's all on you.
 
Thread starter Similar threads Forum Replies Date
M Antivirus / Security / Privacy 1
U Antivirus / Security / Privacy 1
M Antivirus / Security / Privacy 1
B Antivirus / Security / Privacy 1
F Antivirus / Security / Privacy 1
H Antivirus / Security / Privacy 11
C Antivirus / Security / Privacy 4
S Antivirus / Security / Privacy 1
J Antivirus / Security / Privacy 1
T Antivirus / Security / Privacy 8
J Antivirus / Security / Privacy 4
C Antivirus / Security / Privacy 6
W Antivirus / Security / Privacy 2
D Antivirus / Security / Privacy 6
T Antivirus / Security / Privacy 2
A Antivirus / Security / Privacy 2
C Antivirus / Security / Privacy 1
velocityg4 Antivirus / Security / Privacy 2
kanishmarsh Antivirus / Security / Privacy 2
K Antivirus / Security / Privacy 1

ASK THE COMMUNITY