What is Cryptorium?
Cryptorium relates to ransomware-type virus. Once infiltrated, Cryptorium starts to encrypt files making them unavailable. After encryption, it invokes its program window, which contains the following message:
OH NO, YOU HAD BAD LUCK TODAY. ALL YOUR FILES ARE ENCRYPTED!
BUT! I HAVEN’T DELETED THEM YET! PURCHASE A “GBO KEY” TO DECRYPT YOUR DATA, OR ALL ENCRYPTED FILES WILL BE PERMANENTLY DELETED WITHIN 32H, AND THEN THERE IS NO WAY TO RECOVER!
BE QUICK OR NO FILES!
There is also footnote marked with red that states :
All servers are down at the moment! You have to find it out ! The gbo keys are all generated randomly!
Hence, even if you meet all requirements of criminals, you still won’t see a decryption key. By the way, the message contains no information about payment details at all. This version of Cryptorium looks like unfinished, however, the situation might change in any minute. Anyway, you should never trust and transfer them money because they often vanish after receiving money. Good news for you is that the Cryptorium actually doesn’t encrypts you personal data, it simply changes their extension adding .enc to the end of the name of each affected file. Therefore, the best way to get your files back is to use System Restore. Of course you can do it by hand, but it will take a lot of time. Below, you will find full instruction on how to remove Cryptorium Ransomware and decrypt .enc files
How Cryptorium infects your PC?
Cryptorium spreads primarily through the illegitimate version of Fifa 2017 which you can download from torrents or third party software download sources. It also can get on computer via email message from, supposedly, legitimate company. For example, it might be bill from tax company or online store like Amazon. The virus itself is hided within an attachment. Therefore, be very wary when opening files downloaded from suspicious emails or untrusted sources. Do not rush in these moments since you can compromise your system. The malware is also distributed through fake software updates, torrent (P2P) networks, and trojans as well.
To prevent suсh kinds of the threats as Cryptorium ransomware in the future follow these tips:
- Adjust your email anti-spam settings to filter out all the potentially unsafe incoming messages.
- Make sure, the attachments with the following extensions: .js, .vbs, .docm, .hta, .exe, .cmd, .scr, and .bat. place in the black list
- Rename the vssadmin.exe process to protect Shadow Volume Copies of your files from removal.
- Raise the level of protection of your Firewall. It can prevent ransomware from connecting with its server.
- Do not forget to backup your files regularly. This will facilitate process of decrypting files in case of infection.
- Install antimalware tool because it can detect ransomware in advance and remove the malware before the infection.
How to remove Cryptorium from your computer?
The best and easiest way to remove Cryptorium from your computer is to use special anti-malware program that has this threat in its database. As stated above, you need proper and reliable anti-malware program, that’s why we recommend you to use SpyHunter.
It scans your computer and detects various threats like Cryptorium, then completely removes it. One of the best features of this program – large threat’s database. SpyHunter’s newly advanced ransomware detection technology is able to run an instant ransomware scan and show you a message about detection. After deep scanning of your system, it will easily find and delete Cryptorium. Use this removal tool to get rid of Cryptorium for FREE.
How to decrypt .enc files encrypted by Cryptorium?
Once you’ve removed virus, you are probably thinking of recovering files from encryption. Let’s take a look at possible ways of decrypting your data.
Recover data with Data Recovery
- Download and install Data Recovery
- Select drives and folders with your files, then click Scan.
- Choose all the files in a folder, then press on Restore button.
- Manage export location.
Decrypt .enc files manually
You can try to use one of these methods in order to restore your encrypted data manually.
Restore data with Windows Previous Versions
This feature is working on Windows Vista (not Home version), Windows 7 and later versions. Windows saves copies of files and folders which you can use to restore data on your computer. In order to restore data from Windows Backup, take following steps:
- Open My Computer and search for the folders you want to restore;
- Right-click on the folder and choose Restore previous versions option;
- The option will show you the list of all the previous copies of the folder;
- Select restore date and the option you need: Open, Copy and Restore.
Restore the system with System Restore
You can always try to use System Restore in order to roll back your system to its condition before infection infiltration. All the Windows versions include this option.
- Type restore in the Search tool;
- Click on the result;
- Choose restore point before the infection infiltration;
- Follow the on-screen instructions.