Solved

HOW_DECRYPT

Posted on 2014-04-01
2
834 Views
Last Modified: 2014-04-01
Hi

A customer recently, a week ago, got infected with the HOWDECRYPT virus on a Windows XP workstation

He ran MalwareBytes and cleaned his files but he was unable to recover his files since XP doesn't provide the file version restore option

Is there any way to recover his encrypted files without actually paying the 'ransom' ?

thanks

yann
0
Comment
Question by:Yann Shukor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 5

Accepted Solution

by:
Pasha Kravtsov earned 500 total points
ID: 39970095
As far as I know the malware encrypts all the files and it stores the decryption key not on the local machine but in a remote server so no unless you pay the ransom you can't decrypt the files. This article pretty much sums it up: http://krebsonsecurity.com/2013/11/how-to-avoid-cryptolocker-ransomware/
0
 
LVL 28

Expert Comment

by:Bill Bach
ID: 39970159
Agreed.  I have had several clients get bitten.  All had had to restore from backup.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question