Solved

WIN XP PC - files damaged/encrypted from "Crypto" virus - please help - how can I decrypt ?

Posted on 2014-10-08
7
221 Views
Last Modified: 2016-11-23
I have a WIN XP Dell PC - all files damaged/encrypted from "Crypto Locker" virus - please help - how can I decrypt ?
0
Comment
Question by:expressconsult
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 96

Accepted Solution

by:
Experienced Member earned 500 total points
ID: 40369900
You cannot. You need to get files from backups and if you did not back up your documents, they are lost.

Do NOT pay to get the key. The perpetrators are criminals and paying them will invite deeper trouble.
0
 

Author Comment

by:expressconsult
ID: 40369949
So there is no decrypting software or tool that can help in my case ?
0
 
LVL 13

Expert Comment

by:akb
ID: 40369980
John Hurst is right. It is not possible to decrypt without the keys.
I had my first experience 2 days ago with this nasty virus.
Luckily my customer had good backups and we were able to recover after removing the virus.
If you do not have good backups then you may have no option but to pay them - that is a decision for you.

There is a good article on Cryptolocker here: http://www.pcworld.com/article/2060640/cryptolocker-creators-try-to-extort-even-more-money-from-victims-with-new-service.html
0
 
LVL 28

Expert Comment

by:Dr. Klahn
ID: 40369998
Depending on which version has hit your system, there may be a solution.  See the article at the site below:

http://www.fireeye.com/blog/corporate/2014/08/your-locker-of-information-for-cryptolocker-decryption.html

If you were hit by a recent version with a recent key, this will not do the job.  However, if you were hit by one of the earlier versions using one of the keys acquired during the anti-CryptoLocker campaign, this may work.

If this fails, the options are as previously described above.  Pay the ransom, reload from a recent full backup, or reload Windows from scratch as the system should no longer be trusted even if cleaned up.
0
 
LVL 88

Expert Comment

by:rindi
ID: 40370055
Even if you pay the ransom, you aren't guaranteed that you'll even get the keys. So as thinkpad's mentioned already, NEVER pay. At least now you can move up from XP to a supported OS....
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question