Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

I got cryytowall virus,,,,how i uncrypto my files

Posted on 2015-02-06
4
Medium Priority
?
103 Views
Last Modified: 2015-02-17
i got a crypto virus,,,,,, and lost my files
0
Comment
Question by:Danny Paulino
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 98

Accepted Solution

by:
John Hurst earned 2000 total points
ID: 40594760
There is no practical way to remove the encryption and it is a bad idea to pay. You need to clean up the machine (or reinstall Windows) and restore the files from backup.
0
 
LVL 65

Expert Comment

by:btan
ID: 40595079
agree with John. Couple of task now
- Isolate your machine, network shared drive, external media used in affected machine,
- Change your online password and other associated network login
- Identify all files encrypted for recovery to backup.

Most of the time, those cryptolocker and variant family will disable and removed the shadow copies and backup too. You can try to recover but do be caution not to have those external media used without scanning and plugging into other machine.

BleedingComputer has pretty good steps to recover as well identification. For safeguarding machine once clean up, check out Cryptoprevent for application whitelisting or Windows Applocker or Software Restriction Policy.

Below are the common one that I see most are affected with (catch the screen to see if it match what you see too)
:Cryptolocker - http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information
:CryptoWall - http://www.bleepingcomputer.com/virus-removal/cryptowall-ransomware-information

Much less affected but of same variant and very recent too
:CTB Locker - http://www.bleepingcomputer.com/virus-removal/ctb-locker-ransomware-information
:Torrent Locker - http://www.bleepingcomputer.com/virus-removal/torrentlocker-cryptolocker-ransomware-information
:Coinvault - http://www.bleepingcomputer.com/virus-removal/coinvault-ransomware-information
0
 
LVL 98

Expert Comment

by:John Hurst
ID: 40614673
@Danny Paulino  - Thanks. That is a nasty virus and I hope you were able to restore your files.
0
 

Author Comment

by:Danny Paulino
ID: 40614716
I used Ubuntu and open offices and recovery some files,,,,,,,,,,,,,thanks
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question