all files and folders in the pc got encripted

HI ,
       I have pc with windows 7  32 bit  suddenly on my pc all files and folders got encrypted and getting a  messages that  : you have to pay  $500 to get your files and folder decrypted back
please advice
Who is Participating?
Alan HardistyConnect With a Mentor Co-OwnerCommented:
You have generally got 2 choices here:

1.) Pay the ransom and hope that the files get decrypted
2.) Restore the files from a backup or from Shadow Copies, if Shadow Copies is enabled.

Some useful reading for you (depending on the flavour of Virus you have):

Colin McDonaldCommented:
Sounds like your machine has been infected by a virus.

I would hazard a guess that Cryptowall 2.0 has been installed on your PC

Do you have a recent backup of your computer/Files and Folders?
indeed, there is no solution to this but restoring a backup.

If you have the volume shadow enabled it is important to get rid of the Virus first.  Otherwise your back-up gets encrypted too.

Getting rid of the virus:  use combofix. Free download on the site bleeping (you can google combo fix as it is wel known).

When the virus is gone, install a decent anti-virus program. I advise Avast, McAfee or BitDefender.

After these steps, we could try to get the data back.
Herefore, you could try whether you can install other versions.

Right click on a map and select versions.
Here you could restore a version of the documents before it got encrypted.

If you do not have this possibility (it needs to be enabled), the only choice is to restore a backup. Cross fingers you got one...

Good luck. Remember: Get rid of the virus first.
We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Zaheer IqbalTechnical Assurance & ImplementationCommented:
You can try this website to unencrypt
Zaheer IqbalTechnical Assurance & ImplementationCommented:
andreasSystem AdminCommented:
recent crypto trojans usually dont have weakness in the encryption so the encryption websites frequently will not work (its worth a try of course).

I personally would not "remove" the virus from the hdd. I would cleanly re install on a new harddisk and then use some tools to extract the files from the shadow copies (if any) shadow explorer is a nice tool to do this.

You also might use some data recovery tools on that disk and try to recover old versions of files that are not overwritten by now. But this will only work if you dont use the harddisk anymore as a production drive, only READ from it if you want to keep your chances higher for data recovery. This also means dont run the windows anymore.

Remove the disc from the pc install a new one and re-install the operating system on the fresh disc in the computer. Then proceed with data recovery.
You poor man sorry to hear you got stung..
Do you have the name of the Ransomware  or know what type it is how you got it? As there different types. Sounds as if you have the worst.
To help you first understand it..
What is ransomware? How did you get it and possible
What should I do if I have ransomware on my computer?
for example
FBI CyberCrime Division Virus Moneypak Scam Unlock Guide
How to rescue your PC from ransomware
sanjeevkmrsAuthor Commented:
i have a virus that encrypt the Excel file and change the extension from XLS to XLS.enc0ded!XXXXXXXXXX

any way to decrypt this files ???
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.