How do I decrypt the files?

Sidebar Sidebar
S

SirDarknight

Honorable
Jun 5, 2013
9
0
10,510
15726949_1833270980283028_3519355112311045900_n.jpg


So, this is the situation with my friend's PC. He called me over today to help him solve this. He couldn't specify exactly when or how this ransomware infected his PC.

Now, he did reinstall Windows after the infection(but no change whatsoever). I did some googling and found out that a particular website provided free service of file decryption regarding this ransomware but ''they've stopped the service'' now.

I installed Kaspersky on his PC, did a few scans & things. It caught some Trojans, viruses and successfully disinfected the PC.

But, how can I get those encrypted files back?

 
Solution
kanewolf
You can't, probably. You pay the ransom and MAYBE get them back or you restore from backups .... which somebody with ransomware, viruses and trojans won't have.

Tell him/her that they need to be more careful in the future.
Sort by date Sort by votes
kanewolf

kanewolf

Judicious
Moderator
May 29, 2013
2,842
2
33,915
You can't, probably. You pay the ransom and MAYBE get them back or you restore from backups .... which somebody with ransomware, viruses and trojans won't have.

Tell him/her that they need to be more careful in the future.
 
Upvote 0 Downvote
Solution
esco_sid

esco_sid

Honorable
May 11, 2012
98
0
10,610
If they are encrypted there really is no way of getting them back it seems you will have to reinstall windows again if you still get viruses use this tool to completely erase the HDD as it will erase sectors where malware could be hiding http://www.dban.org/
 
Upvote 0 Downvote
Z

ZippyPeanut

Honorable
Dec 26, 2012
28
0
10,590
Yeah, as kanewolf says, you probably can't. But consider trying Kaspersky's decryption tools at https://noransom.kaspersky.com/. The one that looks like it might possibly work is the RakhniDecryptor tool.

CryptoLocker is bad news. In the future, be sure to have a weekly/monthly backup system in place in which all data gets backed up onto an external drive. I use Macrium Reflect. I cloned all my drives onto a 6TB external drive and (re)clone those drives about once every two months. It's important that the only time the external drive is connected to you PC is when you are backing up or cloning. At all other times it should be air gapped; otherwise it could become infected.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

T
  • Question
Question How do i delete the files from the "Others" category in storage?
Replies
3
Views
3K
Android Smartphones
USAFRet
USAFRet
M
  • Solved
Solved! How do I protect myself?
Replies
8
Views
6K
Antivirus / Security / Privacy
Deciplox
Deciplox
I
  • Locked
  • Solved
Solved! Samsung Galaxy A11 swam, then repaired... now new issues... how do I tell if I was scammed?
Replies
7
Views
7K
Android Smartphones
COLGeek
COLGeek
Frankenstein002
  • Locked
  • Solved
Solved! I think i m a victim of the GANDCRAB ransomware
Replies
9
Views
7K
Antivirus / Security / Privacy
Dark Lord of Tech
Dark Lord of Tech
U
  • Solved
Solved! Files getting Gandcrabbed what should I do?
Replies
3
Views
2K
Antivirus / Security / Privacy
Ralston18
Ralston18

TRENDING THREADS

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom