Joe_LAI
asked on
Cryptolocker cracked. How to decrypt all my files?
Recently, I found my computer infected crytolocker and all my files are encrypt.
I tried to restore old version files but this virus cleanup System Restore cache. :(
I haven't done the files backup.
They asked me $600 - $1200 dollars. :(
I upload some screen dump. crytolocker.pdf
Can you help ?
I tried to restore old version files but this virus cleanup System Restore cache. :(
I haven't done the files backup.
They asked me $600 - $1200 dollars. :(
I upload some screen dump. crytolocker.pdf
Can you help ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
In addition, if the files have actually been encrypted (which I think likely), then you need to recover the files from a backup. You should not pay money to the hackers.
I second that.
Do not pay money to the hackers. They will NOT give you your data back so easily..
Hey if they were ethical people they would not be doing this in the first place.. DO NOT trust them.
Do not pay money to the hackers. They will NOT give you your data back so easily..
Hey if they were ethical people they would not be doing this in the first place.. DO NOT trust them.
ASKER
To markzz,
Did you just rename files and then you can access it ?
Did you just rename files and then you can access it ?
If the files are actually encrypted, you cannot simply rename to fix. In the example above the files were not encrypted.
Hi,
I read an article online from a security company who have stated they have cracked the encryption used by cryptolocker. I can provide the link for it if you want unless you've already and tried their methods for unencrypting/removing the infection.
I read an article online from a security company who have stated they have cracked the encryption used by cryptolocker. I can provide the link for it if you want unless you've already and tried their methods for unencrypting/removing the infection.
Here is the website.
https://www.decryptcryptolocker.com/
One of my colleagues has used it and it does work so fingers crossed it can help you!
N.B EE Admins this is not a blind link.
https://www.decryptcryptolocker.com/
One of my colleagues has used it and it does work so fingers crossed it can help you!
N.B EE Admins this is not a blind link.
ASKER
To John Hurst, OK. Thanks.
To Roshan Ejaz, I tried this website https://www.decryptcryptolocker.com/ but comes up Invalid file message.
"The file doesn't seem to be infected by Cryptolocker. Please submit a Cryptolocker infected file."
I don't know why not infected but I definitely unable to open it.
To Roshan Ejaz, I tried this website https://www.decryptcryptolocker.com/ but comes up Invalid file message.
"The file doesn't seem to be infected by Cryptolocker. Please submit a Cryptolocker infected file."
I don't know why not infected but I definitely unable to open it.
That virus comes from a disguised, socially engineering link to encourage people to click on it. I ask and encourage people never to click on links they do not know or understand. The risks are too great.
ASKER
To John Hurst, I understand the unknown link is risk. This link https://www.decryptcryptolocker.com/ is referred from Australian government. That's why I am confident to try it.
If you dont mind me asking can you boot to safe mode without cryptolocker appaearing? Just trying to see how we can resolve this..
Definitely recommend backing your files up regularly moving forward.
Also what AV do you have on the machine? Some vendors may have a Cleanup tool to help cure this problem.
Definitely recommend backing your files up regularly moving forward.
Also what AV do you have on the machine? Some vendors may have a Cleanup tool to help cure this problem.