How do I recover my data from a CryptoLocker infection?

« Other questions
0
0

Does anyone have a decrypt tool for the Cryptolocker malware which is on the internet now?

It has encrypted my files and I need to have them opened.

  • You must to post comments
5
0

May I just say this? You really, really, really, and I do really mean really, need to backup your computer. Daily. Not every once in a while. Not when you feel like it. Every. Single. Day. If you don’t then you will have problems even without malware. Mark my words on this. When you do find this out it will be too late. Don’t make the mistake of ignoring backups. For your own good and sanity as well as others. If you lose photos that you can’t recover (or rather, it is of a lost loved one), what will you do? Yes, you can recover files from seemingly dead drives and yes you can recover partitions that have been removed, but if you don’t have the experience, or any technicalities make it more difficult, what will you do? You’ll be in a world of hurt.

Start backing up once you get things sorted out. And backing up means testing your backups! That cannot be overstated! A backup that doesn’t work is useless. And no, the cloud doesn’t count as backup. And yes external hard drives can die, in fact anything mechanical can die (and then consider dirty power signals if you don’t have a UPS or UPSes – mechanical or not things can die). And yes, that means redundant storage is a good idea (even if they often die at the same time [e.g. because of a power supply blowing up or other power problems as above] they don’t always). And no, redundant storage isn’t the same as backing up.

I know this sounds harsh but it is deliberate because it is a serious thing that you’ve found out the hard way (and it could be a lot worse). Do yourself a favour and start daily backups (automated is easiest) and make sure to test regularly. Daily backups includes full, incremental and differential (I’ll not get into the technical information; the point is it isn’t just files that have changed or new files – it is a cycle).

* Edit:
Just to add several points. Redundant backup is an even better idea (you still should test it and the other rules apply but redundancy is a good thing in computing). If you have remote backup (with physical access even better but if not at least it is better than only one backup) in addition to physical backups at the premise, it decreases the chance of data loss. Of course, you should make sure your backups have the security they need (as above). But don’t rely on the cloud. You note that some people relied on Megaupload.com for the backup of their own work, and once it was shutdown they lost access to it. If they had proper backup they wouldn’t have had that problem – but they did have problems. What happens if the data centre has a disaster? What then? If that’s your backup then you better hope you don’t have data loss before you get more so-called backups. Also, don’t believe copying to a DVD means you never will have to replace it (even if it doesn’t break you would want to replace it every so often). On the other hand, DVDs don’t exactly work well for nightly backups.

Also, on the note of malware: you should be aware that at least one notorious old virus subtly corrupted data over time, so that even if you had backups they too could have corruption. That was a brilliant idea of Dark Avenger, I must say, despite the malice involved (that’s not the only ingenious thing he did or has been done by virus writers; I knew many over the years and there are some really good programmers and really clever virus writers – or at least there used to be). In addition, disks can exhibit this problem without malware (sectors can go bad and while you might be saved with replacement sectors [I can’t recall what this is called] you shouldn’t risk it). And redundant storage can also have this problem (that is to say, it has the potential to copy the bad sectors in addition to the good sectors). Just some additional things you should know.

  • You must to post comments
0
0

Hi,

Depending on the type of cryptoware, there are some programs for earlier versions. I would suggest you check out the help section of Bleepingcomputer.com and or Malwaretips.com , both require registration,but are populated by security conscious users. Many experts visit these forums and offer free assistance. Be patient though,as it can take a few days to get help from volunteers.

I will see if I can dig up some links to the decryption articles from last year. Good luck.

  • You must to post comments
0
0

Wow! There are tons of helpful free sites now. Here are just a few of the good ones.
https://www.fireeye.com/blog/executive-perspective/2014/08/your-locker-of-information-for-cryptolocker-decryption.html

http://blogs.cisco.com/security/talos/teslacrypt

https://noransom.kaspersky.com/

Google “decrypt cryptoware” for more information. Please be wary of the ads for assistance, as they charge for their services,and use the same free resources I posted above. Good luck.

  • You must to post comments
0
0

for remove Cryptolocker use this special guide! http://soft2secure.com/knowledgebase/crypt0l0cker

  • You must to post comments
Showing 4 results
Your Answer

Please first to submit.