all files and folders in the pc got encripted

HI ,
       I have pc with windows 7  32 bit  suddenly on my pc all files and folders got encrypted and getting a  messages that  : you have to pay  $500 to get your files and folder decrypted back
please advice
sanjeevkmrsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Alan HardistyCo-OwnerCommented:
You have generally got 2 choices here:

1.) Pay the ransom and hope that the files get decrypted
2.) Restore the files from a backup or from Shadow Copies, if Shadow Copies is enabled.

Some useful reading for you (depending on the flavour of Virus you have):

http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information

http://www.bleepingcomputer.com/virus-removal/cryptowall-ransomware-information

Alan
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Colin McDonaldCommented:
Sounds like your machine has been infected by a virus.

I would hazard a guess that Cryptowall 2.0 has been installed on your PC

Do you have a recent backup of your computer/Files and Folders?
0
engeltjeCommented:
indeed, there is no solution to this but restoring a backup.

If you have the volume shadow enabled it is important to get rid of the Virus first.  Otherwise your back-up gets encrypted too.

Getting rid of the virus:  use combofix. Free download on the site bleeping computer.com (you can google combo fix as it is wel known).

When the virus is gone, install a decent anti-virus program. I advise Avast, McAfee or BitDefender.

After these steps, we could try to get the data back.
Herefore, you could try whether you can install other versions.

Right click on a map and select versions.
Here you could restore a version of the documents before it got encrypted.

If you do not have this possibility (it needs to be enabled), the only choice is to restore a backup. Cross fingers you got one...

Good luck. Remember: Get rid of the virus first.
0
Webinar: Miercom Evaluates Wi-Fi Security

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom how WatchGuard's Wi-Fi security stacks up against the competition in our upcoming webinar!

Zaheer IqbalTechnical Assurance & ImplementationCommented:
You can try this website to unencrypt

https://www.decryptcryptolocker.com/
0
Zaheer IqbalTechnical Assurance & ImplementationCommented:
0
andreasSystem AdminCommented:
recent crypto trojans usually dont have weakness in the encryption so the encryption websites frequently will not work (its worth a try of course).

I personally would not "remove" the virus from the hdd. I would cleanly re install on a new harddisk and then use some tools to extract the files from the shadow copies (if any) shadow explorer is a nice tool to do this.

You also might use some data recovery tools on that disk and try to recover old versions of files that are not overwritten by now. But this will only work if you dont use the harddisk anymore as a production drive, only READ from it if you want to keep your chances higher for data recovery. This also means dont run the windows anymore.

Remove the disc from the pc install a new one and re-install the operating system on the fresh disc in the computer. Then proceed with data recovery.
0
MereteCommented:
You poor man sorry to hear you got stung..
Do you have the name of the Ransomware  or know what type it is how you got it? As there different types. Sounds as if you have the worst.
To help you first understand it..
What is ransomware? How did you get it and possible
What should I do if I have ransomware on my computer?
http://www.microsoft.com/security/resources/ransomware-whatis.aspx
for example
FBI CyberCrime Division Virus Moneypak Scam Unlock Guide
http://guides.yoosecurity.com/remove-fbi-cybercrime-division-virus-moneypak-scam/
How to rescue your PC from ransomware
http://www.pcworld.com/article/2084002/how-to-rescue-your-pc-from-ransomware.html
0
sanjeevkmrsAuthor Commented:
thanks
0
kbasionyCommented:
i have a virus that encrypt the Excel file and change the extension from XLS to XLS.enc0ded!XXXXXXXXXX

any way to decrypt this files ???
Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.