Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


CryptoDefense questions.

  • Please log in to reply
1 reply to this topic

#1 Southerner13


  • Members
  • 11 posts
  • Local time:08:57 PM

Posted 01 April 2014 - 05:05 PM

So I was reading a news story on Reddit that had a link to a liveleak video. I opended the link and went to get a soda, when I got back the CryptoDefense malware had installed itself. I ran Malwarebytes and it removed 2 things but I don't remember exactly what.  I noticed a news article stating that this program actually left the keys needed to decrypt your files on the computer, I looked around and found the files mentioned in the Applications Data folder. My question now is where do I go from here? I really need some of my files back, I write short stories and am a college student so I am kinda upset about this and if there is a way to get them back I would like to.
So given that I found the files mentioned the news article is there a way for me to decrypt my files or am I still up a creek? Also if there is no way to decrypt my files what is my best bet from here?
Any help would be greatly appreciated.

I am running Windows 7 Service Pack 1 build 7601 with a Core i5, and 6gb of ram. It is a Dell Laptop.

Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum.~ Animal

BC AdBot (Login to Remove)


#2 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,769 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:57 PM

Posted 02 April 2014 - 09:24 PM

A repository of all current knowledge regarding CryptorBit and HowDecrypt is provided by Grinler (aka Lawrence Abrams), in this tutorial: CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ

Reading that Guide will help you understand what CryptoDefense and How_Decrypt Ransomware does and provide information for how to deal with it and possibly recover your data.

There is also an ongoing discussion in this topic: CryptoDefense - Newest cryptolocker variant. Rather than have everyone start individual topics, it would be best (and more manageable for staff) if you posted any questions or comments in that topic discussion.

The BC Staff
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users