1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cryptolocker! Anybody know how to get encrypted files back?

Discussion in 'General Programming Chat' started by superhero81, Feb 4, 2014.

  1. superhero81

    superhero81 Newbie

    Joined:
    Sep 6, 2013
    Messages:
    29
    Likes Received:
    3
    Hi,
    I was at my dad's yesterday and he said he was having computer problems, so I checked it out. Yes...the dreaded Cryptolocker. Though I've heard about this, I was lucky enough to have never gotten it. I removed it, but found in the registry that it encrypted A LOT of his important work files...Pictures with my mom and family. Excel and Word files.
    Does anybody have any idea on how to fix them? I tried a system restore to an earlier time, but the only time he has on the computer is a time where the virus is on the computer. I also tried Shadowexplorer, but the same thing.... The only time to revert back to is when the virus was on the computer.
    Please, if anyone has any suggestions or fixes please let me know.
    Thanks.
     
  2. nonai

    nonai Power Member

    Joined:
    Oct 10, 2013
    Messages:
    524
    Likes Received:
    63
    hi buddy, there is no fix for that. you can try paying the extortion fee, and it may or may not give you your files back. there have been reports of people paying the fee and never hearing back from the author.
     
  3. SYKing

    SYKing Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 22, 2010
    Messages:
    2,253
    Likes Received:
    369
    Occupation:
    Student
    You have super power use your powers to fix the pc although You are superHero :D

    Just kidding bro, try to clean from CC

    Thanks
     
  4. Enryu

    Enryu Junior Member

    Joined:
    Jan 30, 2013
    Messages:
    189
    Likes Received:
    158
    If you want to save the data, I believe the only option is to re-infect the computer in the same manner and pay the extortion fee to decrypt the files. If you decide you don't care about the data and don't want to pay, then you have a few more options including doing a clean reinstall of Windows or using a factory reset partition already present on the computer.
     
  5. superhero81

    superhero81 Newbie

    Joined:
    Sep 6, 2013
    Messages:
    29
    Likes Received:
    3
    Thanks for the reply everyone. Do you think it's possible if I do a clean re-install and then use a data recovery software? Any chance it would bring back the original file and NOT the encrypted one from Cryptolocker? That looks like my last resort.
     
  6. bigwhite

    bigwhite Regular Member

    Joined:
    Sep 27, 2011
    Messages:
    473
    Likes Received:
    54
    Never give up. Nothing is impossible and it will be a fun learning experience.
     
  7. rootjazz

    rootjazz Jr. VIP Jr. VIP

    Joined:
    Dec 21, 2012
    Messages:
    614
    Likes Received:
    313
    Occupation:
    Developer
    Location:
    UK
    Home Page:
    Sorry to break this to you. But your options are
    1) Pay the fee
    2) Lose the data

    A backup is the ONLY way to get your data back without paying.

    I don't mean to be negative on the users being positive above. But your won't be able to get your data back.

    Cryptolocker is a damn fine piece of software (with regards for what it is trying to do)

    That is if you infact have cryptolocker and not some lame copycat (of which there are a few). The copycats can be recovered, but would need to know what you actually have
     
  8. superhero81

    superhero81 Newbie

    Joined:
    Sep 6, 2013
    Messages:
    29
    Likes Received:
    3
    Hi, Yes I agree with you. It seems there is no way to get it back. I don't know how to tell if its a copycat or not? I just know it says cryptolocker...
    My dad had almost everything backed up... He actually just wants a PHotoshop file and a .rtf file (wordpad) which was encrypted... Everything else he had backed up.
    So we just need to get the .rtf file and the. psd file back. Any ideas?
     
  9. s0ap

    s0ap Executive VIP Jr. VIP Premium Member

    Joined:
    Sep 23, 2008
    Messages:
    230
    Likes Received:
    810
    Occupation:
    :] guess
    Location:
    Congo/DRC
    Pay them or lose the data. That's the bottom line.
     
  10. superhero81

    superhero81 Newbie

    Joined:
    Sep 6, 2013
    Messages:
    29
    Likes Received:
    3
    We will lose the data then. I'm not paying $300 to get a few files back, plus it encourages them to keep doing it.
    Oh well, I tried. Thanks for the replies everyone.
     
  11. Pawtoen

    Pawtoen Newbie

    Joined:
    Feb 7, 2014
    Messages:
    37
    Likes Received:
    12
    Try Hijackthis and format .
     
  12. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,793
    Likes Received:
    6,331
    Home Page:
    1.pay ransom
    2.restore from backup (if you had one).

    they are the ONLY two ways.