Free tools to search decrypters for encrypted files
The Bitdefender company, addressing the problems that affect many people around the world, has created a new tool called Bitdefender Ransomware Recognition Tool (BRRT). Thanks to it, users who have been victims of a ransomware attack will be able to identify a family of malware based on samples of encrypted files, and then receive a solution that will help in decrypting the data.
Ransomware reconnaissance instruction
2. Run the downloaded program - allow administrator rights and accept the EULA license.
3. The tool has two fields to fill:
- the location of the ransom note file (usually an HTML or TXT file located in every folder with encrypted files)
- the location of any folder with encrypted files
5. Press "Scan". If only one location is indicated, the tool will display a warning about an inaccurate recognition result.
The content of the "ransom-note" window is sent for automatic analysis to the Bitdefender cloud. If the search was successful, the user will receive a list of potential threats with a percentage matching probability.
If the Bitdefender Ransomware Recognition Tool matches the encrypted files to an existing decryptor, it will indicate a link to download it.
There is no decryptor. What's next?
Did Bitdefender Ransomware Recognition Tool not find the decryptor? Not all is lost yet. Here's what you can do:
1. First of all, visit this page (choose Polish language), which, like the BRRT tool, helps in identifying a particular ransomware, but it contains a much larger database of these viruses (432 ransomware variants). As in the above instructions, please provide a ransom demand file and a sample of the encrypted file.
In the above screenshot, the ransomware was identified, which encrypted the user's files. You can easily decrypt them by finding a decryptor for the TeslaCrypt ransomware.
Where to search for decryptors?
Fortunately, all the best decryptors are in only two places:
- The No-More-Ransom project page contains decryptors for all major encryption viruses. Most of them were developed by Kaspersky Lab and Emsisoft.
- Dozens of descriptors were developed by Emsisoft. All are available on this site .
It still did not work. What remains?
Do you already know (or still do not know) which ransomware option has encrypted your files, but the decryptor is not available? The last resort is the service from AVLab. We will try to decrypt your files for which there are no official decrypters. Contact us . The file decryption service is payable. The price of decrypting files depends on the complexity of the task and starts from 1000 PLN.
Learn more about our offer
We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.