Title basically says it all. My roommate’s computer got a virus(or possibly was hacked) and all the files on his machine were encrypted. Can this be fixed, or is a re-install the only way to go here?
What is the operaton system? Mac? Windows? What version is the OS? Is there any other issues with the computer so far? Weird programs suddenly installed or other programs missing or weird pages coming up randomly when you’re surfing the Internet?
All the files? How do you know that they’re encrypted? What diagnostics have been done?
If your roomate has a ransomware program such as this one then he has to start over.
Completely wipe the machine and reinstall. Have roommate take a course in “How not to be an idiot online.”
(You could also backup the files onto a CDR/DVD and hope that someday the encryption gets cracked. But that may not happen.)
There is a theory that if these encryptocriminals infect your machine and your files are already encrypted all that happens is that they are all converted into plain text.
It might be worth making copies and encrypting them again to see if they are recoverable.
Otherwise the above is a sound suggestion.
He should treat the situation the same way as if he had suffered an ordinary harddrive crash: install the OS again and replace the files from last week’s backup.
He does make weekly backups, does he? If not, then what would he have done in case of an ordinary harddrive crash?
Rubbing their nose in it is rude dude.
Yeah, I guess it is, sorry. But I felt the point needed to be made…
How do you know they’re “encrypted” and not “corrupted”?
Well, a new text file has appeared on his desktop claiming that his files have been encrypted. I only looked at his laptop for a minute or so this morning right after I got out of bed.
Well at least the operating system files weren’t encrypted, otherwise you wouldn’t know that the files were encrypted.
Yeah, I get that. I’m guessing it’s only things like .docs, .mp3s, .jpgs, etc that got encrypted by the virus.
Doesn’t seem like much of a point given that 99.999% of people don’t do weekly backups of their harddrive.
I would be very curious to see if it didnt just do something silly like rename .doc files to .docc files or somethign like that. Simple, and quite effective at bringing the average user to a screeching halt.
I’d google a text string from the ransom note. If the “encryption” is just a trick such as those drackhillix suggests, someone else will have figured it out and posted their solution.
If its really encrypted, probably SOL.