Sam Simon Nasser
asked on
CTB Locker virus
Dears,
my client laptop was infected with CTB locker virus, which changed all file (office files, jpg, audio, etc...) extension to .fddrpw ... i.e. text.xls.fddrpw .... when i try to rename the extension from test.xls.fddrpw to test.xls ... the file become unreadable.
is there a way to remove the extension fddrpw from ALL files, and become readable? since the virus encrypt them.
my client laptop was infected with CTB locker virus, which changed all file (office files, jpg, audio, etc...) extension to .fddrpw ... i.e. text.xls.fddrpw .... when i try to rename the extension from test.xls.fddrpw to test.xls ... the file become unreadable.
is there a way to remove the extension fddrpw from ALL files, and become readable? since the virus encrypt them.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
No. Once you got the ransom message, it is too late. First make sure you have completely removed the virus. then delete the converted files and restore them from your backups.
ASKER
@kimputer and @rindi ... there is no backup of the files since this is personal laptop, and the shadow explorer (previous versions) show no files. i tried system restore with no luck.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
An after the fact comment, use crashplan (free) for your home computers. It is free to backup to another computer or an external drive. If you want to backup to cloud then it's approximately 150/year for unlimited storage.