ty for your respond.
I totally get what you mean...
I would never Chose to Support those pple or pay them Money. but at the Moment I feel like I have even to try it, because I can't find and actually solution, which could decrypt my files to make them work again.
the .ceber Support and guarantee for decrypt the files, Looks not huge on paper. I don't know if they even have Support.
My only hope is, that they can decrypt my whole files properly, because they were the pple, who have made this mess. It's true, I don't want to damage the files with some rename tries or multiple decrypts.
but at the Moment, I can't really see another solution. Just to try it out. My thought is that this should fix and work out. and then never Comes back. I know I would never let my files again without a safe backup on a disconnected hard drive.
It's like you said. there is no guarantee for decrypt and recover the files. but I think with a random Software the chances will be not better. I tried to check my copies out with shadow Explorer. the program could not even read something out. the full file section is empty. don't know if deleted or something Buggy with the program.
and wow. that is really sad. the first Story where he paid the Money and his files did not work after the decryption. he could not open them correctly. that is sad to hear.
could an fix or user based decrypt Programm do that better in the future?
and what do you mean with "R-Studio or Photorec may be helpful to recover some of your original files but there is no guarantee that will work"?
how you mean the "recover"? the files are there, or not? just crypted. will this recover delted files, that were damaged and lost, or just recover old origin files like they were before the cryption? how should this work, if there are no backup files anymore?
I don't think that I got dual infections. or how do you mean it? It's the first time that I got this ransomware infection. and every file Ends with .cerber - I haven't done any Manual changes with the files.
I don't agree that there will be less infections on the Internet, when I try to not pay them or recover my files. I felt that the only protection against this, is the knowledge and the prepare and backup to your own files. and to share These informations and soltuions with others. when I rly would known, what a huge Virus makes a round here, and how easy this is to get, I would prepared myself alrdy and did a safe backup on my harddrive. everything was fine, so I did not thought about it.
strange. the last guy said that it is nearly impossible to decrypt files by ransomware. so how even dodge the payment, if there is no other possible solution? if the files are really important to you and you have no backup aviable? If you Need the files to work with it. you will pay. and they know it. that's the sad Thing about this whole criminal set.
I never saw such a bleep before. my full Computer is unuseable now. because all my work and what I have done here, is based on the data files. just unbelievable.
Keep your head up for possible Solutions. I appreciate it.
add: the GPcode encrypted files is from 2008. this outdated tool won't work with .ceber crypts or? or does this work on the same way?
I also tried the recover Tools like R-Studio. but this won't work. the files to recorver or copy are all full .cerber endings.
how does shadow copy work exactly? I Need to do a Manual Windows backup or reset Point, to get shadow copy files on my Computer? because I haven't done some. or do shadow copies be made frequently automatic, so I can use them later?
In that case, I could recover the needed shadow copy files with a tool like listed on top?
and what can the data recovery programs acutally do, when I have made no shadow copies? can the programs just detect my full hdd database from previous days? or how does it work?
Edited by Gomez123, 20 March 2016 - 09:29 AM.