My Samsung Galaxy Note II was infected by a virus called the "FBI virus." Fortunately, I've managed to remove the malware but my problem now is that all my files have been encrypted.
How can I decrypt these files and recover my data?
Asked
Active
Viewed 1,841 times
4
-
a lot of your data may be backed up to your google account – Colin Pickard Oct 02 '14 at 10:23
-
You should provide, like how you know those files are encrypted (eg. maybe they were moved somewhere else), show some sample or even some encrypted files (that you are not sensitive). You should also perform a full backup of the files, in case decryption attempts make you lose the copy you are working on. – Ángel Oct 02 '14 at 12:32
2 Answers
2
If the malware is same as the one identified as Andr/FBILock-A by anti-virus firm Sophos, they have detailed removal instructions here:
http://nakedsecurity.sophos.com/2014/07/25/android-fbi-lock-malware-how-to-avoid-paying-the-ransom/
It appears that (according to Sophos) this malware does not actually encrypt files, so you may be the victim of some other attack.
this is an image they posted of the malware:
Colin Pickard
- 1,800
- 2
- 11
- 14
-1
An online decryption tool is available from FireEye:
https://www.decryptcryptolocker.com/
The thing to note here is that it is specific to certain types of Ransomwares. If you are encrypted by a new variant of Ransomware then it might not decrypt.
abhinav singh
- 283
- 1
- 4