Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

WIN XP PC - files damaged/encrypted from "Crypto" virus - please help - how can I decrypt ?

Posted on 2014-10-08
7
Medium Priority
?
222 Views
Last Modified: 2016-11-23
I have a WIN XP Dell PC - all files damaged/encrypted from "Crypto Locker" virus - please help - how can I decrypt ?
0
Comment
Question by:expressconsult
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 98

Accepted Solution

by:
John Hurst earned 2000 total points
ID: 40369900
You cannot. You need to get files from backups and if you did not back up your documents, they are lost.

Do NOT pay to get the key. The perpetrators are criminals and paying them will invite deeper trouble.
0
 

Author Comment

by:expressconsult
ID: 40369949
So there is no decrypting software or tool that can help in my case ?
0
 
LVL 13

Expert Comment

by:akb
ID: 40369980
John Hurst is right. It is not possible to decrypt without the keys.
I had my first experience 2 days ago with this nasty virus.
Luckily my customer had good backups and we were able to recover after removing the virus.
If you do not have good backups then you may have no option but to pay them - that is a decision for you.

There is a good article on Cryptolocker here: http://www.pcworld.com/article/2060640/cryptolocker-creators-try-to-extort-even-more-money-from-victims-with-new-service.html
0
 
LVL 29

Expert Comment

by:Dr. Klahn
ID: 40369998
Depending on which version has hit your system, there may be a solution.  See the article at the site below:

http://www.fireeye.com/blog/corporate/2014/08/your-locker-of-information-for-cryptolocker-decryption.html

If you were hit by a recent version with a recent key, this will not do the job.  However, if you were hit by one of the earlier versions using one of the keys acquired during the anti-CryptoLocker campaign, this may work.

If this fails, the options are as previously described above.  Pay the ransom, reload from a recent full backup, or reload Windows from scratch as the system should no longer be trusted even if cleaned up.
0
 
LVL 88

Expert Comment

by:rindi
ID: 40370055
Even if you pay the ransom, you aren't guaranteed that you'll even get the keys. So as thinkpad's mentioned already, NEVER pay. At least now you can move up from XP to a supported OS....
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question