Solved

I got cryytowall virus,,,,how i uncrypto my files

Posted on 2015-02-06
4
101 Views
Last Modified: 2015-02-17
i got a crypto virus,,,,,, and lost my files
0
Comment
Question by:Danny Paulino
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 95

Accepted Solution

by:
John Hurst earned 500 total points
ID: 40594760
There is no practical way to remove the encryption and it is a bad idea to pay. You need to clean up the machine (or reinstall Windows) and restore the files from backup.
0
 
LVL 63

Expert Comment

by:btan
ID: 40595079
agree with John. Couple of task now
- Isolate your machine, network shared drive, external media used in affected machine,
- Change your online password and other associated network login
- Identify all files encrypted for recovery to backup.

Most of the time, those cryptolocker and variant family will disable and removed the shadow copies and backup too. You can try to recover but do be caution not to have those external media used without scanning and plugging into other machine.

BleedingComputer has pretty good steps to recover as well identification. For safeguarding machine once clean up, check out Cryptoprevent for application whitelisting or Windows Applocker or Software Restriction Policy.

Below are the common one that I see most are affected with (catch the screen to see if it match what you see too)
:Cryptolocker - http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information
:CryptoWall - http://www.bleepingcomputer.com/virus-removal/cryptowall-ransomware-information

Much less affected but of same variant and very recent too
:CTB Locker - http://www.bleepingcomputer.com/virus-removal/ctb-locker-ransomware-information
:Torrent Locker - http://www.bleepingcomputer.com/virus-removal/torrentlocker-cryptolocker-ransomware-information
:Coinvault - http://www.bleepingcomputer.com/virus-removal/coinvault-ransomware-information
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 40614673
@Danny Paulino  - Thanks. That is a nasty virus and I hope you were able to restore your files.
0
 

Author Comment

by:Danny Paulino
ID: 40614716
I used Ubuntu and open offices and recovery some files,,,,,,,,,,,,,thanks
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Can we just update certificate without updating its key? 3 79
md5 password 3 98
virus encrypted files with OSIRIS extension 12 87
Converting PHP triple des decrypt to c# 9 172
You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question