| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 142676 | 2016-08-17 05:08:00 | Crypt0L0cker *.ENC Extension | berryb (99) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1424595 | 2016-08-17 05:08:00 | Hi all As far as I know anything encrypted with the Crypt0L0cker is lost but the .ENC extension I think is new and thought it was worth asking if anyone has a fix for the files. This is a bad version as it has encrypted everything docx, jpg etc including Ace Payroll data. No backup and no file restore. I did have software or a program run command that I could check the restore points and file versions but cannot find it at present so if anyone knows of this please let me know. |
berryb (99) | ||
| 1424596 | 2016-08-17 05:46:00 | If you're lucky, depending how you look at it, enc MIGHT be a Lotus 1-2-3 file? HERE (www.google.co.nz). | B.M. (505) | ||
| 1424597 | 2016-08-17 22:16:00 | "Any files that are encrypted with TrueCrypter Ransomware will have the .enc extension appended to the end of the encrypted data filename. " https://id-ransomware.malwarehunterteam.com/ https://noransom.kaspersky.com/ there is/was a website with all know keys, but I cant find it . Perhaps someone here will know the website Chances are , your data wont be recoverable . |
1101 (13337) | ||
| 1424598 | 2016-08-18 00:00:00 | This may have been the website listed earlier which you can upload files to help find a solution to unlock www.nomoreransom.org |
Lawrence (2987) | ||
| 1424599 | 2016-08-20 02:50:00 | Hi thanks for the replies. Got the files decrypted by purchasing Dr Web Rescue Pack www.drweb.com. This worked and all files are back. Cost about NZ$250 so better than the US$500 to $1000 other option. Sent them 3 encrypted files, they sent back one of the files decrypted so they proved they can do it, purchase their software and about 6 hours later got the link to download the decrypt exe. Now have offsite secure daily backups on the PC. Cheers |
berryb (99) | ||
| 1424600 | 2016-10-10 20:20:00 | Hi all As far as I know anything encrypted with the Crypt0L0cker is lost but the .ENC extension I think is new and thought it was worth asking if anyone has a fix for the files. This is a bad version as it has encrypted everything docx, jpg etc including Ace Payroll data. No backup and no file restore. I did have software or a program run command that I could check the restore points and file versions but cannot find it at present so if anyone knows of this please let me know. hi, i can help you for your .enc or .encrypted extension files, please send me some of your encrypted files with ransom note file. (mcerdem82@yahoo.com) |
mcerdem (17493) | ||
| 1424601 | 2016-10-13 21:47:00 | Hi thanks for the replies. Got the files decrypted by purchasing Dr Web Rescue Pack www.drweb.com. This worked and all files are back. Cost about NZ$250 so better than the US$500 to $1000 other option. Sent them 3 encrypted files, they sent back one of the files decrypted so they proved they can do it, purchase their software and about 6 hours later got the link to download the decrypt exe. Now have offsite secure daily backups on the PC. Cheers Any chance I can have a copy of the .exe they sent you to decrypt your files? I know it says it has a unique key, but its what the exe does differently to the 2015 version that I want to figure out! ADDED NOTE: The guy above is asking for $200 more than what Dr Web offers without the subscription. |
Paton (17494) | ||
| 1424602 | 2016-10-13 22:01:00 | How are these guys managing to decrypt these files? I thought the encryption was really secure. | linw (53) | ||
| 1424603 | 2016-10-13 22:57:00 | Malwarebytes Anti-Ransomware must be worth installing, even though it is still a Beta Version. Don't know if it would have prevented your problem but it is free. Watch the video clip demo in the link at Bleeping Computer. Latest version is 0.9. D/l from the link or From MalwareBytes site. www.bleepingcomputer.com Glad to see you are now doing regular backups- keep a System Image Externally. |
blanco (11336) | ||
| 1424604 | 2016-10-14 00:16:00 | Dr Web at the time said they could decrypt 10% of what was in the wild. Fortunately the .ENC was one of the 10%. | berryb (99) | ||
| 1 2 | |||||