Identify the ransomware that encrypted your data with this free tool

By: Madeleine Dean
2 minute read

Malware programs can infect your computer without you even being aware of it, working silently while extracting the information they’re after. On the other hand, malware like ransomware is quite obvious, making no efforts to hide their presence.

Ransomware are malicious programs that restrict access to the infected computer system, only to demand that the user pay a ransom in order to regain access to the system. Ransomware does the dirty deed in two different ways: either it encrypts files on the system’s hard drive or locking the system completely and displaying a message demanding the user to pay.

Companies and individual researchers are developing recovery tools constantly, which is why most of the time malware is successfully removed. However, there are rare cases when decryption is impossible and users pay the ransom for the encryption key.

If you have been infected and need to know which malware family encrypted your data, you can use ID Ransomware to find that out. All you have to do is upload an infested file or the message the malware is displaying to your screen.  ID Ransomware can currently detect 55 types of ransomware but does not offer any file recovery services. Here’s the list with all the ransomware it can identify:

7ev3n, AutoLocky, BitMessage, Booyah, Brazilian Ransomware, BuyUnlockCode, Cerber, CoinVault, Coverton, Crypt0L0cker, CryptoFortress, CryptoHasYou, CryptoJoker, CryptoTorLocker, CryptoWall 2.0, CryptoWall 3.0, CryptoWall 4.0, CryptXXX, CrySiS, CTB-Locker, DMA Locker, ECLR Ransomware, EnCiPhErEd, Hi Buddy!, HOW TO DECRYPT FILES, HydraCrypt, Jigsaw, JobCrypter, KeRanger, LeChiffre, Locky, Lortok, Magic, Maktub Locker, MireWare, NanoLocker, Nemucod, OMG! Ransomcrypt, PadCrypt, PClock, PowerWare, Radamant, Radamant v2.1, Rokku, Samas, Sanction, Shade, SuperCrypt, Surprise, TeslaCrypt 0.x, TeslaCrypt 2.x, TeslaCrypt 3.0, TeslaCrypt 4.0, UmbreCrypt, VaultCrypt

Uploaded files are analysed against the database of signatures. Results are ordered by the number of matches found between the malware and the data base. If the malware is identified, the files you uploaded are deleted. Once the rasomware type has been identified, you can search by the threat name to get the latest recovery information. Since many ransomware share similar extensions on files, in some cases, the results are not 100% clear.

If no results are found, the uploaded files are shared with trusted malware analysts for further analysis or for identifying a new malware type. As far as data confidentiality is concerned, ID Ransomware states clearly:

With that said, I cannot guarantee files are kept 100% confidential. The data is temporarily stored on a shared host [to be shared with trusted malware analysts if necessary], and I am not responsible for anything done otherwise with this data.

Obviously, our advice is to install an anti-malware software in the first place and avoid suspicious sites or files. We recommend BitDefender’s free BDAntiRansomware.

RELATED STORIES YOU NEED TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Discussions

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading