Spyware, Viruses, & Security forum

Alert

Is there any way to decrypt files encrypted by Ransomware

by martinjennifer / September 22, 2016 5:42 AM PDT

I have been searching for some techniques which can be used to decrypt Ransomware affected files.

There are some ways like System Restore which actually doesn't work.

Can anyone have some good knowledge about how can we do it.

Discussion is locked
You are posting a reply to: Is there any way to decrypt files encrypted by Ransomware
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Is there any way to decrypt files encrypted by Ransomware
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
While I have knowledge about this.
by R. Proffitt Forum moderator / September 22, 2016 9:18 AM PDT

The thing here is what you use for Ugo Ransomeware won't work for Hilcrop infections. This means you have to identify the infection by name first. If you can't then you turn to a wipe of the machine and restore from recovery media and backups.

-> We are now decades into PC use. All owners today know about backups. Whether they do or not seems to be if they value what's on that PC.

PS. Added this with edit. I forgot my goto forum when I can't ID the culprit is Bleepingcomputer.com. I don't go there often but when I do, it's serious. Great place.

Post was last edited on September 22, 2016 9:19 AM PDT

Collapse -
Is that the answer to my Question?
by martinjennifer / September 24, 2016 1:41 AM PDT

Hi R. Proffitt,

I think that your reply was not the one I am looking for. I simply asked you that is there any way to decrypt files by Ransomware or Locky or Crypto..

Collapse -
Yes.
by R. Proffitt Forum moderator / September 26, 2016 7:10 AM PDT

You are asking for something that doesn't exist yet. You want to decrypt for 3 or more ransomware systems. And in those 3 there are often variants so I'm back to the beginning. You have to identify the pest/ransome first then research how to decrypt.

If you can't do this identification or decryption I'd still get to bleepingcomputer forums.

Collapse -
Martin, I saw you follow up with this reply.
by R. Proffitt Forum moderator / September 24, 2016 7:34 AM PDT

"I think that your reply was not the one I am looking for. I simply asked you that is there any way to decrypt files by Ransomware or Locky or Crypto."

I have to write no. Each ransomer uses a different encryption plus there were versions that could result in losses. You just know what you are dealing with before you attempt a decryption.

I'm going with my first advice and write you need to ID the culprit first. Bleepingcomputer is great for this.

That said, I am seeing folk that want one stop decryption. I haven't seen that yet.

Collapse -
None That I Know Of, Except To...
by Grif Thomas Forum moderator / September 26, 2016 3:20 PM PDT

....wipe the drive, reinstall the operating system, drivers, and programs, then replace all important documents and files using your backups. If you happen to have a backup system image, then the reinstall is quicker and easier but so far, I know of no way to actually decrypt the infected files while in place. Of course, there have been a few who paid the ransom and got relief when the malware writer gave them the decryption key, but even paying the ransom doesn't guarantee a "good" key.

Hope this helps.

Grif

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?