DrJBHL

Decryption Tools for Ransomware

▼

Decryption Tools for Ransomware

April 23, 2016 5:30 AM from

JoeUser Forums

The Windows Club has published a pretty extensive list of tools to help you if you get zapped. First of all, it’ll probably be Petya or Locky as they’re the most common ones encountered currently. First you have to identify the malware. You upload the ransom note or a file which has been encrypted by the malware (and hope it identifies the malware) here: https://id-ransomware.malwarehunterteam.com/index.php

There’s a great list of the tools here: http://www.thewindowsclub.com/list-ransomware-decryptor-tools and each tool is specific to the malware identified, so…step one is very important.

There are also several intrusion detection tools, but according to the Windows Club, WinPatrol is free and probably the best. You can read about it at the linked url.

There are also free anti-Ransomware tools. I've written about one, but there are several, and you can read about (and get links to them) here: http://www.thewindowsclub.com/free-anti-ransomware-tools

Probably another article to read to help you get organized about what you should do if you get attacked is located here: http://www.thewindowsclub.com/what-to-do-after-ransomware-attack

The most important thing to is have recent backups, so don't be lazy: Make one now. The only backup you'll ever regret making is the one you didn't make.

Hope this helps in case you get hit. I’ve bookmarked the links above…and you might consider doing the same.

Have a great weekend!

Sources:

http://www.thewindowsclub.com/list-ransomware-decryptor-tools

https://www.winpatrol.com/

http://www.thewindowsclub.com/free-anti-ransomware-tools

186,835 views 35 replies +1

Reply #26 April 30, 2016 9:50 PM from

JoeUser Forums Top

Quoting admiralWillyWilber, reply 25

Some ransomeware lock up the internet if they do just clear your history and exit out of the internet. This seems to work.

End of admiralWillyWilber's quote

That one was just a little bit outside.

Reply #27 May 2, 2016 3:45 PM from

Elemental Forums Top

Quoting admiralWillyWilber, reply 25

Some ransomeware lock up the internet if they do just clear your history and exit out of the internet. This seems to work.

End of admiralWillyWilber's quote

I did not know this. The one time I thought I was getting ransomeware I immediately cut the power to my PC. all was fine afterward.

ObjectDock - Access shortcuts and frequently used applications from an animated dock.

Reply #28 May 2, 2016 6:18 PM from

WinCustomize Forums Top

Folks. Seriously.

Ransomware does THIS:

It installs on your computer while being disguised as another type of file.

There are two stages to the infection but let's forget about that for a minute. It encrypts your data files. It demands ransom for the encryption key. The ransom is in bitcoin paid to some web address. If it is not paid within 24-48 hrs., it doubles.

If you decide not to pay, and if it's of a type which cannot be identified and solved with various software/websites, you can throw that hard drive away, and buy a new one. If you have no recent backup? Adios to all that data, OS, etc.

It does nothing with your internet connection since they want the ransom and the only way you can pay is over the internet.

It has nothing to do with the power to your computer for the same reason.

Reply #29 May 2, 2016 6:46 PM from

GalCiv3 Forums Top

Well i don't download anything i don't know. My computer automatically updates so there's no issue there. So all they can do is freese my internet. Anyways what is that called.

Reply #30 May 2, 2016 8:45 PM from

JoeUser Forums Top

Willy -

The free antiransomware tools are "money well spent" and can only protect you.

Reply #31 May 3, 2016 10:23 PM from

JoeUser Forums Top

Keep getting at least 1 or 2 Locky-bearing email hits with each Outlook session (so about once a day), fortunately blocked by Avast's active email scanner.

Just know it's out there in force and do the simple things to protect your rig to the extent you can. This isn't the kind of thing that happens due to 'unsafe internet practices' - you can practice safe internet and still get hit. AV alone may be sufficient but considering the stakes I'd advise antiransomware as well.

Reply #32 May 4, 2016 5:16 AM from

WinCustomize Forums Top

Quoting admiralWillyWilber, reply 29

So all they can do is freese my internet. Anyways what is that called.

End of admiralWillyWilber's quote

I see you understood nothing I took the time to explain.

Just download a free anti-ransomware tool for instance, BitDefender's or Malwarebyte's.

Reply #33 May 5, 2016 2:31 PM from

GalCiv3 Forums Top

Is there any way to decrypt infected files. I heard that someone had saved photos using data recovery software? Any thoughts?

Reply #34 May 5, 2016 3:04 PM from

WinCustomize Forums Top

Did you read and check out the links in the OP?

Reply #35 May 5, 2016 3:45 PM from

Stardock Forums Top

Ahhh........hard being the Doc sometimes eh?

As always, for having the back of the community doc.....many thanks!

Welcome Guest! Please take the time to register with us.

Richer content, access to many features that are disabled for guests like commenting and posting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!