Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

wincle.exe - ransomware


  • This topic is locked This topic is locked
7 replies to this topic

#1 alyx

alyx

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 15 July 2015 - 11:00 AM

hi to all,

 

this topic has been covered but i need further help.

 

I was infected with virus about a month ago. I was able to copy most my work off my system and clean the system out with malwarebytes. It was a so called blessing in disguise to be honest, i re-formatted my system and re-load the software.However, the files that have been encrypted is there a way to de-crypt them. I urgently access to some of the files, mostly jpegs. i have tried the de-crypter that's available on here but no luck



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:37 PM

Posted 17 July 2015 - 09:09 PM

Greetings,

Most likely there is no way to decrypt the files. Do you know the exact name of the encryption? What name was on the pop up screen telling you your files were encrypted?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 alyx

alyx
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 18 July 2015 - 07:27 AM

 CryptoLocker, the one with the big red screen. the version i got nailed with was a new version. as mentioned. i clean out my system, backup the files, reformatter my lappi. It just so happens i need to somehow uncrypt the files....

thank you in advance if there is a solution



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:37 PM

Posted 18 July 2015 - 07:40 AM

I doubt your files can be decrypted but there is a Topic where experts in the field can look at your situation and answer questions you may have. I would suggest you review and post your request for help in the Locker Ransomware Support Topic.

Wish I could be of more assistance beyond referring you elsewhere. Let me know if you plan on posting there.
 
Gary
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:37 PM

Posted 20 July 2015 - 08:52 AM

Can I be of any other assistance before closing this Topic?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 alyx

alyx
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:37 PM

Posted 20 July 2015 - 12:09 PM

thank you for all your assistance. If a solution does become available please post it. It just suck i can recover the corrupted files.

must mention that i narrowed my infection to a well know website cnet. At at that point in time, i was downloading software i needed from cnet and with many of these, they all come with add on's that just gets added on during installation or afterwards once one reboots the machine. Thus the infection came from one of these software's, i think i downloaded some Codec's from cnet.

thank you for the suggestions.

 



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:37 PM

Posted 20 July 2015 - 03:36 PM

The Encryption experts I work with have indicated there will not be any decryption tools that can reverse what has been done. That is because of the method of encryption, the random nature of the code and the fact the code is removed from a User's computer after the infection. Therefore there is nothing to work with to try to decrypt the files.

Sorry for the bad news.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:37 PM

Posted 20 July 2015 - 03:36 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users