Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

CBT Virus

Posted on 2015-02-04
5
Medium Priority
?
367 Views
Last Modified: 2015-02-18
1 of my customers did pick up a virus CBT virus which encrypt all her files and they want some money to encrypt the files

I did remove the CBT from the pc but the files are still encrypted ,is there anyway I can decrypt these files.

Thanks
SD
0
Comment
Question by:Dirkie Laubscher
5 Comments
 
LVL 13

Expert Comment

by:Mark Galvin
ID: 40588472
Is this the one where there is a text file advising that if you pay XXX bit coins they will provide the decrypt key?

I have a client with that last year and its restore the last full backup they had. Following an complete review and subsequent lock down of their LAN.

You can try https://www.decryptcryptolocker.com/ and see if your client can use that program to get their files unlocked.
0
 

Author Comment

by:Dirkie Laubscher
ID: 40588504
Hi I did try the site but says my file doesn't need to be decrypted ,seems she is screwed and she doesn't have backups
0
 
LVL 13

Expert Comment

by:Mark Galvin
ID: 40588514
Oohhh, no backups? Not a great start. Is it much data?
0
 
LVL 11

Expert Comment

by:Wilder1626
ID: 40588521
Hi

Have you scan you PC with MalwareBite? Might be a good thing

https://www.malwarebytes.org/

You may also want to look at this link:
Malware troubleshooting: recover your files damaged by CTB Locker Virus.

System Restore of Windows may help in resolving some issues, but not all the time.  You can give it a try also.
0
 
LVL 17

Accepted Solution

by:
Ivan earned 2000 total points
ID: 40588595
Hi,

there is no decrypting system for CBT-Locker. There is a site http://www.shadowexplorer.com/ that will allow you to see data created by Shadow Copy in Windows, if you have set that up. This may save you some data. Other then that, there is no known system.

For older Cryptolocker, there is a website https://www.decryptcryptolocker.com/  which may decrypt some data.

Regards,
0

Featured Post

[Webinar] Cloud Security

In this webinar you will learn:

-Why existing firewall and DMZ architectures are not suited for securing cloud applications
-How to make your enterprise “Cloud Ready”, and fix your aging DMZ architecture
-How to transform your enterprise and become a Cloud Enabler

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
A quick guide on how to use Group Policy to create a custom power plan and set it active on Windows 7.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question