Solved

WIN XP PC - files damaged/encrypted from "Crypto" virus - please help - how can I decrypt ?

Posted on 2014-10-08
7
204 Views
Last Modified: 2016-11-23
I have a WIN XP Dell PC - all files damaged/encrypted from "Crypto Locker" virus - please help - how can I decrypt ?
0
Comment
Question by:expressconsult
7 Comments
 
LVL 92

Accepted Solution

by:
John Hurst earned 500 total points
ID: 40369900
You cannot. You need to get files from backups and if you did not back up your documents, they are lost.

Do NOT pay to get the key. The perpetrators are criminals and paying them will invite deeper trouble.
0
 

Author Comment

by:expressconsult
ID: 40369949
So there is no decrypting software or tool that can help in my case ?
0
 
LVL 13

Expert Comment

by:akb
ID: 40369980
John Hurst is right. It is not possible to decrypt without the keys.
I had my first experience 2 days ago with this nasty virus.
Luckily my customer had good backups and we were able to recover after removing the virus.
If you do not have good backups then you may have no option but to pay them - that is a decision for you.

There is a good article on Cryptolocker here: http://www.pcworld.com/article/2060640/cryptolocker-creators-try-to-extort-even-more-money-from-victims-with-new-service.html
0
 
LVL 24

Expert Comment

by:Dr. Klahn
ID: 40369998
Depending on which version has hit your system, there may be a solution.  See the article at the site below:

http://www.fireeye.com/blog/corporate/2014/08/your-locker-of-information-for-cryptolocker-decryption.html

If you were hit by a recent version with a recent key, this will not do the job.  However, if you were hit by one of the earlier versions using one of the keys acquired during the anti-CryptoLocker campaign, this may work.

If this fails, the options are as previously described above.  Pay the ransom, reload from a recent full backup, or reload Windows from scratch as the system should no longer be trusted even if cleaned up.
0
 
LVL 88

Expert Comment

by:rindi
ID: 40370055
Even if you pay the ransom, you aren't guaranteed that you'll even get the keys. So as thinkpad's mentioned already, NEVER pay. At least now you can move up from XP to a supported OS....
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How do I Uninstall Sophos endpoint Security 8 70
Can't upload license into Microsoft Dynamics Nav flf file 2 47
one-way data "masking" MD5 sql 26 146
quarantine versus delete 6 60
#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
By default, Carbonite Server Backup manages your encryption key for you using Advanced Encryption Standard (AES) 128-bit encryption. If you choose to manage your private encryption key, your backups will be encrypted using AES 256-bit encryption.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now