Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

Recommended Posts

Posted · Original PosterOP

Guys I need help, my computer got hit by a ransomware virus and all of my files have been encrypted into this .HETS format. I cannot open my files and I searched all over the internet to find any sort of decryption software. I am in serious help as I cannot afford to lose of my data over the past few years. Any help or any tool regarding to break the decryption would be appreciated! 

Link to post
Share on other sites

That will not be possible unless the malware doesn't use "proper" encryption and/or a weak password. Neither of which this particular one seems to do: https://howtoremove.guide/hets-virus-file/


Remember to quote or @mention others, so they are notified of your reply

Link to post
Share on other sites
6 minutes ago, kinofiron257 said:

Guys I need help, my computer got hit by a ransomware virus and all of my files have been encrypted into this .HETS format. I cannot open my files and I searched all over the internet to find any sort of decryption software. I am in serious help as I cannot afford to lose of my data over the past few years. Any help or any tool regarding to break the decryption would be appreciated! 

Backup up all the files to another drive also and keep it unplugged from anything 


Please quote or tag  @Ben17 if you want to see a reply.

If I don't reply it's probly because I am in a different time zone or haven't seen your message yet but I will reply when I see it ? 

 

Link to post
Share on other sites
1 minute ago, Ben17 said:

The page just has pretty general advice, unfortunately.

 

The other page says "military-grade encryption algorithm" and "private decryption key", which means you're pretty much SOL. Unless the attacker uses the same key for everything or uses a weak algorithm, there isn't much you can do to decrypt it.


Remember to quote or @mention others, so they are notified of your reply

Link to post
Share on other sites
1 minute ago, Eigenvektor said:

The page just has pretty general advice, unfortunately.

 

The other page says "military-grade encryption algorithm" and "private decryption key", which means you're pretty much SOL. Unless the attacker uses the same key for everything or uses a weak algorithm, there isn't much you can do to decrypt it.

I was thinking that but thought I'd add it anyway just in case it's useful at all thanks for the extra info though ?


Please quote or tag  @Ben17 if you want to see a reply.

If I don't reply it's probly because I am in a different time zone or haven't seen your message yet but I will reply when I see it ? 

 

Link to post
Share on other sites

Found some more info:
https://howtofix.guide/hets-decrypt-removal/?cn-reloaded=1

Quote

 

The cryptography algorithm used by Hets is AES-256. So, if your files got encrypted with a specific decryption key, which is totally distinct and there are no other copies. The sad reality is that it is impossible to restore the information without the unique key available.

 

In case if Hets worked in online mode, it is impossible for you to gain access to the AES-256 key. It is stored on a remote server owned by the frauds who distribute the Hets infection.

 

This article also has a decryption tool available, which may or may not work, since apparently the criminals made changes to the malware.


Remember to quote or @mention others, so they are notified of your reply

Link to post
Share on other sites

I wonder why AV didn't pick this up? 


RYZEN 5 3600 | MSI GTX 1060 6GB GAMING X | 16GB CORSAIR VENGEANCE LPX 3200 DDR4 | MSI B350M MORTAR | 250GB SAMSUNG EVO 860 | 2TB SEAGATE BARRACUDA | 1TB TOSHIBA SSHD | 120GB KINGSTON SSD | WINDOWS 10 PRO | INWIN 301| BEQUIET PURE POWER 10 500W 80+ SILVER | ASUS 279H | LOGITECH Z906 | DELL KB216T | LOGITECH M185 | SONY DUALSHOCK 4

 

LENOVO IDEAPAD 510 | i5 7200U | 8GB DDR4 | NVIDIA GEFORCE 940MX | 1TB WD | WINDOWS 10 GO HOME 

Link to post
Share on other sites
3 hours ago, Mark Kaine said:

I wonder why AV didn't pick this up? 

Depends on the AV. Only paid solutions really have any semblance of actual malicious encryption detection.


My Workstation

i7-9750H 6-core - GTX 1660 Ti - 4K Samsung OLED - 32GB DDR4 - 1TB NVME

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×