There is no doubt that one of the most dreaded viruses with which we can infect our computer are malware called ransomware, a type of malicious application that is able to block access to our documents by encrypting them until we do not pay A rescue with which to unlock the contents of the kidnapped computer.
This type of virus is so dangerous due to the fact that in order to achieve its objective, that is to say that we can not access our documents, it applies complicated encryptions to certain types of files of the system, besides the user files, which makes it very difficult To fight and try to recover the encrypted files, except paying.
At this point the only solution is to pay the cybercriminals the sum requested to release our documents, and although most of the time we can retrieve the files hijacked, the truth is that paying the required only encourages hackers to continue in business, Which will sooner or later be extended to companies and other places where the inability to access information is a matter of life or death, such as hospitals.
It is worth mentioning that some of these ransomware are capable of encrypting more than 200 file extensions, including docx, dot, doc, txt, xls, xlsx, xlsm, 7z, zip, rar, jpeg, jpg, bmp, pdf, pptx, pps , Ppt, xla, xls, xltm, xlt, xml, odt, odb, csv, rtf, blend, css, cdr, raw, sqlite3, sqlite and sql, just to name a few.
If you want to recover files hijacked by some ransomware, do not hesitate to continue reading the instructions and instructions that are described in this article.
Table of Contents
Is it possible to decrypt files?
The answer to this question fortunately is a resounding Yes. However at this point we must take into consideration that there are multiple variants of ransomware infections, which means that the type of encryption used will be different for each type of ransomware, and therefore , The recovery of the encrypted files should be addressed with the appropriate tool to ransomware with which our computer was infected.
One of the most widespread ransomware is known as Locky, which is spread through doc or .xls attachments via e-mail. These emails ensure that the subject of the message contains a very important document or invoice.
If the user who receives them is properly informed or does not care about their own security, they will most likely execute the files contained in the mail, after which will be requested the necessary permissions to show the complete content of the document in question, including The macros they contain.
This immediately downloads an executable file that begins to encrypt the files,which after this encryption, will be viewed with the extension “.locky”, and can not be accessed until we pay the rescue or implement a solution.
Tools to decrypt files
In response to this problem that with each passing day extends more and more, the most important antivirus developers in the market have begun to create tools in order to combat ransomware and prevent its expansion to other scenarios.
These tools are not only for the detection and removal of ransomware, but can also be used to decrypt the files encrypted by these ransomware.
How to decrypt a file
We mentioned earlier in this article that there are different methods to decrypt a file encrypted by a ransomware, which vary according to the type of virus that infected them.
In this link, we can find a list with file decryptors for most of the current ransomware . The only thing we will have to do is download them, execute them and follow the instructions offered by the installer. It should be noted that on this page we will find a solution to infections through MRCR, CryptON, Damage, Cry9, Marlboro, Globe3, OpenToYou, GlobeImposter, OzozaLocker, FenixLocker and many other ransomware.
However, at this point we will focus on files locked by Locky, one of the most important and widespread ransomware type viruses and certainly with a high likelihood of infection if we do not take any precautions to preserve our security.
Decrypt Locky and AutoLocky Files
To begin with the process of decrypting the files encrypted by Locky and AutoLocky we must do the following:
The first thing we need to do is download and install Emsisoft Decrypter AutoLocky, which we can do
This tool is one of the simplest and quickest ways to get decrypted ransomware encrypted files from the market . But best of all is that with Emsisoft Decrypter AutoLocky we can undo any file encryption that has been established for the document, provided it has the Locky extension, returning it to its original state, ie we can open them with its corresponding program without having Lost data in the process.
Once we have downloaded the application, we execute it by double clicking on the file ” decrypt_autolocky.exe” to start it.
After that, the application will start. We authorize the execution and press the ” Yes” button to proceed with the process.
Immediately, Emsisoft Decrypter AutoLocky will try to recover the decryption key for the files. Once you have it, you will be able to see a window in which you have found it, a new window will be displayed indicating that you have found the key corresponding to our system.
At this point it is recommended to start decrypting only a handful of files, since there is a possibility that the key found is not correct.
The license agreement will then be presented. Press the “Ok” button to accept it and then the AutoLocky Decryptor interface will be presented, ready to start decrypting the hijacked files.
Note that AutoLocky Decryptor will only check the “C:” drive by default. In case we want to add other units, all we have to do is click on “Add Folder”.
To begin decrypting encrypted files, all you have to do is click on the “Decrypt”button .