Held to ransom by Zepto !

Teresa07

Unluckily, there is still no decryptor available to decrypt the files encrypted by this ransomware. What you can do now is to locate and delete the zepto ransomware from your PC and then wait an effective decryptor.

takman

RebekahAmy wrote: »

Once your PC is infected with ransomware, your files will be encrypted that is hard to decrypt. Currently, there is no method to get your file back that encrypted by Zepto ransomware. Therefore, learn to how to prevent PC from ransomware infection is very important for a computer user. Otherwise, you need to pay for lots of money to hackers to decrypt the encrypted files. Please note that ransomware is a kind of malware designed by cyber criminals to extort money from its victims.

That's a bit contradictory isn't it!. First you say their is no way to get your files back and then you go on to say their is a method by paying them!. It obviously isn't a good method and wouldn't be recommended but it is still a method!.

AndyPix

Super spammy post from RebekahAmy there ..


Currently there is no way to decrypt the files encrypted with the latest strains of this evil !!!!.
People have paid the ransom and had their files restored, others have not.


Although it just feeds the ransomware industry to pay them, you have to weigh up if the lost files are worth the payment to you.


For users who use file servers, you can install cryptolocker canary that utilises file scanning techniques to look out for the popular file extentions created by cryptowall etc and take action (such as disabling all shares, or the NIC) if one is detected .


https://community.spiceworks.com/how_to/100368-cryptolocker-canary-detect-it-early?page=4

Spency

Any files that are encrypted with the newest Locky variant will be renamed with random alpha-numerical characters but utilize the .zepto extension. When you discover that your computer is infected with ransomware you should immediately create a copy or image of the entire hard drive. Doing that allows you to save the complete state of your system (and all encrypted data) in the event that a free decryption solution is developed in the future.
It seems that there is no way to get the data back except for using the back-up. However, you can remove this virus from your computer to ensure the security of the system.

DoaM

Spency wrote: »

Stuff

Am I right to be somewhat suspicious of the above as a first post, resurrecting a near-two-month-old thread?

jshm2

You can recover most of the data using a data forensics solution. But this will cost you upwards of £200. Hence why home users are better to just start again from backups and ensure they set permissions to no EXE's running in %appdata

JohnB47

jshm2 wrote: »

.....just start again from backups and ensure they set permissions to no EXE's running in %appdata

I've heard of this before but can't find anything about it on this thread. Could you expand on how to do that? Thanks. I'm using Windows 10.

D_M_E

This sort of thing is a right pain.

A bit late now, but one way of avoiding getting anything like this from email is to set your email to read in PLAIN TEXT ONLY and, if you get an email which contains unwanted links it will in most if not all cases stop the link being clicked on.

Doing this you will see a lot of emails have attachments - these will be either the original HTML email and/or any nasties in the email.

Also, if you do do this, tell all your friends you only want plain text emails, anything with an attachment will be treated with great suspicion.

If you must view a particular email in all its singing and dancing HTML etc glory, then set your email to display everything, look at that particular email then reset to plain text immediately after watching.