Only Way to Recover from Ransomware

Your files are encrypted – you are the victim of ransomware. Is there any way to recover?–PC Pitstop.

Only Way to Recover from Ransomware

By Leo Notenboom

… some of my files are gone, saying they have been encrypted with a public key. Files like my photos and so on. Of course they have a high fee in order for me to get them back. Do you have a solution?

That was a question I received in my morning email from a friend.

And the news is not good, because no, I don’t have a solution; there’s just no good way to decrypt files encrypted by ransomware.

Prevention before the fact is the only guaranteed peace of mind on this one.

Encrypted by ransomware

This is a type of malware – a virus – most often referred to as “ransomware“. Hackers encrypt your files and then hold them hostage for ransom.

Unfortunately, the technology they use is good – it’s the same kind of encryption technology you and I have available to us, and the same kind of technology used to keep your data secure and your internet conversations private, should you be so inclined.

It’s called “public key encryption“, and it really is one of the cornerstones of internet security.

A file encrypted using public key cryptography is essentially uncrackable, unless you have the matching private key.

And needless to say, the hackers do it right. It’s essentially impossible to decrypt files encrypted by ransomware without their private

Article Continued Here

 1,159 total views,  2 views today

(Visited 1 times, 1 visits today)

6 thoughts on “Only Way to Recover from Ransomware”

  1. One of these pages pops up, when I visit a site, that says a whole bunch of crap, that I have a virus, and I should pay this or that. I just exit out of everything, (except that virus notice, which won’t let me get rid of it any way possible) and restart my computer, and wa-la, it’s gone!

  2. I have this nonsense happen several times. I use a decompiler on the software that was downloaded. The virus must have the code in it to function. decompiler and trace down the program and there will be a branch to a strip of code that doesn’t read an an operating code. It will also be marked by ” ” most of the time. remove it and place a space key code instead.
    rerun the computer with all items removed and when the ransom code is demanded hit the space bar and your out. then REMOVE that garbage and make a backup of all of your important items.
    One trick these clowns do is make multiple copies in your system hidden as system code. Since you have recovered your data, just do a high security erase on the drives and reload. This means reinstalling your software but then make a master DVD of it before anything else goes in. keep making backups on your data.

    If it happens again just wipe the drive and reload two dvd discs. An easier way is to use a hard drive backup and keep it from your machine until needed.

  3. Browser hijacking is annoying, but won't affect your files and is easy to resolve. If the fake FBI warning is preventing you from closing a browser tab, simply open task manager (press the CTRL, ALT and Delete buttons at the same time), find your browser in the list of processes, click on it and hit End Task. If you have multiple tabs open, it may be a little hit or miss before you end the correct one. As this type of scam is generally a phishing attempt (call a number or go to a website where you pay a fee or have your information stolen), the files on your hard drive aren't impacted.

    1. @Walter SChwenn:

      See TECHLICIOUS’ posting. It has most of the answer you need. In short, type ctr+alt+delete and when Task Manager comes up, shut down the task that is your browser.

      There is one bit that TL didn’t mention, though– when you restart your browser it will probably ask you if you want to reopen the page(s) you were on when you had Task Manager shut it down. Tell it ‘NO’, or you’ll just have repeat the whole process.

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.