crypto locker virus

how to remove crypto locker virus and uncrypt files
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

☠ MASQ ☠Commented:
Removal is the easy part. Create a Kapersky bootable CD and run a scan from it to remove the active part.

Still working on the decryption :(
If you have backed up versions of the files affected you can run a comparison to get the encryption key used.

See also
Was hit by this one last week...the removal is easy enough with the right AV(we used Vipre) but the documents we recovered from backup as we couldn't get any other fix...

Having said that apparently if you have Shadow copies running you might be able to get out of jail with software called Shadow Explorer...see this post and comments at the end for reference...note I've not tried this so only passing on the info...note as well this Panda software apparently doesn't work without the key so its the comments further down you need to refer to

Course if you didn't have shadow copies enabled this is irrelevant anyways...

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
How much is the data worth to you?  If you don't have a back up the only option at this point is to pay the ransom.  I would do everything I could first but I understand they destroy the unencryption key within 72 hours.  Maybe there will be a fix soon but at this time I'm not aware of one.
Newly released Acronis True Image 2019

In announcing the release of the 15th Anniversary Edition of Acronis True Image 2019, the company revealed that its artificial intelligence-based anti-ransomware technology – stopped more than 200,000 ransomware attacks on 150,000 customers last year.

gesolinkAuthor Commented:
Cleaned virus, but no way to unencrypt data
Giovanni HewardCommented:
Are they going to track-'em-n-wack-'em the bad guys who are getting all these ransom money? It is ridiculous if Feds don't step in and try to find those behind the virus.
Giovanni HewardCommented:
The FBI (for one) is looking into it and is asking victims to file a report with them.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.