Jump to content

My friend needs help!

skljom
By skljom
in Troubleshooting
 Share
Posted

Hello guys. My friend recenlty got ransomware, malware or adware called Locker v4.10 and it encrypted all his .jpeg and .docx posts. I used MSE and malwarebytes but all it did is it  removed trojans and adwares and malwares, but the files are still locked and encrypted. I've tried this: http://deletemalware.blogspot.com/2015/05/how-to-remove-locker-virus-and-restore.html  but it won't work at all . . . It deleted his restore points, shadow copies and everything. He's got full HDD of his family and friend pictures, around 10 000 pictures . . . Can you help?

Hoe Hoe Hoe and a bottle of RAM © Gankplank

Link to comment
https://linustechtips.com/topic/373621-my-friend-needs-help/
Share on other sites
Link to post
Share on other sites
Posted

If his files are really already encrypted then that's pretty much it. 

 

To test if the ransomware is really gone, try creating a new jpg to see if it gets encrypted.

Updated 2021 Desktop || 3700x || Asus x570 Tuf Gaming || 32gb Predator 3200mhz || 2080s XC Ultra || MSI 1440p144hz || DT990 + HD660 || GoXLR + ifi Zen Can || Avermedia Livestreamer 513 ||

New Home Dedicated Game Server || Xeon E5 2630Lv3 || 16gb 2333mhz ddr4 ECC || 2tb Sata SSD || 8tb Nas HDD || Radeon 6450 1g display adapter ||

Link to comment
https://linustechtips.com/topic/373621-my-friend-needs-help/#findComment-5054020
Share on other sites
Link to post
Share on other sites
Posted

http://deletemalware.blogspot.com/2015/05/how-to-remove-locker-virus-and-restore.html

24 fps for that "cinematic" feel


After a couple weeks of behavioral sciences at my school I can easily conclude my parents need to grow up.

Link to comment
https://linustechtips.com/topic/373621-my-friend-needs-help/#findComment-5054070
Share on other sites
Link to post
Share on other sites
Posted

it might be a little bit crazy or useless, but what you can do is try to make a dual boot and use a hdd recovery program to decrypt, access the pictures and copy them to an external hdd.

Gaming pc:cpu: i7 4770k // gpu: ZOTAC GTX 980 TI AMP EXTREME EDITION 6GB//ram kingston hyper x 16GB DDR3// hdd:2TB seagate //ssd: samsung 850 pro 256 gb ssd) // mb: MSI z97 gaming 5 

Gaming/work laptop asus n551jk :cpu: i7 4710hq //gpu: GTX850m 2GB //ram: 8GB //hdd: 750GB HDD

Server: HP ML350 G5 //cpu : 2x intel xeon e5130 quadcore // ram:12GB // gpu: nvidia 6200 256mb //hdd: 500 GB 15K SAS RAID-0 // 2x 700w hp power supply

Link to comment
https://linustechtips.com/topic/373621-my-friend-needs-help/#findComment-5059301
Share on other sites
Link to post
Share on other sites
Posted

it might be a little bit crazy or useless, but what you can do is try to make a dual boot and use a hdd recovery program to decrypt, access the pictures and copy them to an external hdd.

 

Unfortunately, this isn't scifi. Encryption and decryption are not as straight forward as pop culture wants to think.

When you encrypt something, you use a special formula or code, then to decrypt it, you need to have that source code or dictionary to understand what the now encrypted code means. 

there are ways around this, for a very simple encryption you might be able to get away brute-forcing a solution. (i.e. trying every possible combination of letters and characters for a set number of spaces, hoping to find the encryption formula so it is.)

 

:TLDR: He needs the special "codec" to decrypt it, or it will take a very, very, very long time.

Updated 2021 Desktop || 3700x || Asus x570 Tuf Gaming || 32gb Predator 3200mhz || 2080s XC Ultra || MSI 1440p144hz || DT990 + HD660 || GoXLR + ifi Zen Can || Avermedia Livestreamer 513 ||

New Home Dedicated Game Server || Xeon E5 2630Lv3 || 16gb 2333mhz ddr4 ECC || 2tb Sata SSD || 8tb Nas HDD || Radeon 6450 1g display adapter ||

Link to comment
https://linustechtips.com/topic/373621-my-friend-needs-help/#findComment-5063848
Share on other sites
Link to post
Share on other sites
Posted

Basically you are screwed because you removed the malware. There is an option to pay some cash to decrypt everything (XXX$), now you are officially fucked.

Primary: Lenovo T61 / Intel Core2Duo T7200 @ 2.2GHz / 3GB DDR2 / NVIDIA Quadro NVS 140M / Fedora 22 <<<< THE WHITE KNIGHT

Secondary: Compaq Presario CQ56 / AMD V130 @ 2.3GHz / 2GB DDR3 / AMD Radeon HD 4250 / Windows 8.1 <<< THE FORGOTTEN HERO

Link to comment
https://linustechtips.com/topic/373621-my-friend-needs-help/#findComment-5063868
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Troubleshooting

×