|
Virus did corrupt all pictures on computer
Hi,
I am not sure this is the right thread. A kind of virus did corrupt all pictures on a friend's windows based computer. All jpg files won't open any more. He told me some ads were asking for money to retrieve them all. I took a jpg on my mac which i can't open either. Jpg files still seem to have coherent sizes. Link removed (warning: may infect your PC if under windows i believe). Any help would be appreciated to recover the picture (or hint where to get help). With the process i would be able to recover all my friend's pictures. Regards, Haroun |
are you using windows?
Okay, maybe a simple approach: get a live CD, start up with that, mount the hard drive, mount a USB stick, copy n paste the pictures. Chances are not the pictures are infected but the system to open them...read (tadaaaa) windows itself.... My thought: infecting ALL the pictures (individually) takes time, and that could be a give away... listening on... Thor PS - if you are using ***dows...consider THIS a fork in the road to switch to Linux...we'll help you find the right distro :) |
Hi Thor,
My friend uses ***dows as you say :-) I use mac os on my end I took his pictures to my mac which can't open them either (true that the copy paste was not made from a CD startup) Can i somehow send a sample corrupted jpg to see if you can find a way to open it ? Haroun |
Link removed
|
Let's see, an infected window$ machine and a friend with a Mac helping out by posting possibly infected files to a Linux forum...
First, please do not link those from this forum - please remove the links. Next, please seek help in a window$ forum to identify and fix the window$ problems. If your friend wants to switch to Linux, this would be the right place. |
Hi,
I removed the links. I am just trying to get help from the best guys, thus Linux guys :) Haroun |
Thank you for removing the links.
In order to recover the images it will be necessary to identify how they have been corrupted or encrypted, and that is entirely a window$ related question. If you can find out more information about what has happened to those files and re-ask a more specific question with some suppporting information someone would be able to help. Good luck! |
Ok thanks! Do you know a good window$ forum that could help out ?
|
One thing that I'm curious about: how do you know that these image-files have been corrupted by malware?
How do you know that they are not simply ... damaged? |
My friend had a pop-up asking for money to get access back to his pictures...
|
It appears that your friends computer was infected by cryptolocker malware. The files are encrypted and impossible to recover.
The virus can be removed but the files are lost unless you have a backup. I suggest using malwarebytes software. |
i think if its like the fbi moneypak virus i think the criminals encrypt the files on your pc and hold a ransom for the keys.
if so i dont think it would be practical to be able to get access back (i wouldnt pay the ransom because they are probably bluffing). what happens when you run the file command: Code:
[schneidz@hyper photos]$ file dscf0171.jpg |
I agree, as far as I know the criminals have the keys and no guarantees that if you pay they will honor their terms.
|
Quote:
|
Schneidz, it gives:
Code:
haroun$ file 858HDJES.jpg |
| All times are GMT -5. The time now is 12:49 AM. |