Solved

Nasty Virus

Posted on 2013-11-05
6
347 Views
Last Modified: 2014-04-30
Has anyone come accross a virus Trojan-Ransom.Win32.Agent what it has done is encypt all files and we have removed the virus but obviously the damage is done.

Backup unfortunally is not an option after an idiot has not been checking it.

Not sure if anyone has seen how to decrypt the files.
0
Comment
Question by:Alex Young
6 Comments
 
LVL 22

Expert Comment

by:David Atkin
ID: 39624860
Hello,

Unfortunately there isn't a way of decrypting the files that I am aware of without paying the fee.

I had one of these last week. Fortunately I had a backup and was able to remove the infected machine off the network and then restore the files.

Your options are:

1) Pay the fee and hope that it decrypts the files
2) Restore from a backup.

The following article is helpful at preventing this in the future:

http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

Also, stress how important the backup is to the individual that was meant to be checking it.  I do strongly suggest applying the software restrictions policy's on PCs which is explained in the article.
0
 
LVL 24

Expert Comment

by:aadih
ID: 39624893
As Scorpeo says: Without a backup you are out of luck. You may reinstall, but you will lose all your data. Sorry. :-(
0
 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 39624942
Check this out - I don't have experience with procedures but the article is good.

http://www.one-tab.com/page/qQd-mP19ROmXPpUf1by3sg
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 22

Expert Comment

by:David Atkin
ID: 39624975
Note by removing the infection, you remove the option of paying for the decryption.  I haven't found anything that will decrypt it.

This being said, there is no guarantee that paying the ransom will decrypt the files.  Although from what I have read, it does.
0
 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 39624999
I have also read that the only way is to pay - but don't pay by credit card!  This is particularly nasty and it is my understanding that by taking the steps outlined in the article in the link I posted you can prevent this from happening on other machines.
0
 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 500 total points
ID: 39625172
If you had previously enabled Volume Shadow Copy (on the server) you may be able to recover the files from an earlier time even if backup wasn't running...

Also, if you have any laptops, that haven't reconnected to the network, it MAY be possible offline files has good copies of the network share(s) on a laptop - DO NOT RECONNECT TO YOUR NETWORK - plug in an external drive and copy them from the offline system if you do.

Otherwise... I hope this doesn't put you out of business, losing most of your files.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now