You are welcome to discuss various security topics with our professional team and other users like you!
Read our Registration Agreement and create your FREE account here!

*

Execute

  • *****
  • 372
  • +55/-0
  • Your friendly neighbourhood IT guy
      • View Profile
All_Your_Documents.rar Virus
« on: February 16, 2017, 10:17:00 am »
There is a new ransomware virus dubbed All_Your_documents.
It is named that way because after it infects a PC,
it puts user's files inside a password protected archive,
named All_Your_documents.rar.

Afterward, the user is prompted to pay a ransom for the unlock code
and put it inside the following Internet page shown down here:



You can read more about the malware:
"All_Your_documents.rar Virus" from this link.

If you have been infected by the virus or have
any questions regarding the malware, feel free to ask!

Best Regards,
Execute

*

puskas

  • *
  • 1
  • +0/-0
      • View Profile
Re: All_Your_Documents.rar Virus
« Reply #1 on: February 16, 2017, 04:01:17 pm »
Hi! I've just realized I got infected by the abovedescribed ransomeware. I've read trough your page about this ransomeware, as well as everything that is aout there on goggle. I'm currently doing the scan with SpyHunter (it already found some issues, but still scanning, and at the same time kaspersky also removed something it didn't like. After reboot I will probably do the manual removal as well in safe mode, just to get rid of it for sure. My question is really: will I be able to encrypt my files back to their original state with the free version of Spyhunter? (or with any other decryptor software out there? Can you tell me anything optimistic? :) Or should I just accept my fate and format everything?

*

TINAPAYMASAKER

  • *
  • 1
  • +0/-0
  • Hello
      • View Profile
Re: All_Your_Documents.rar Virus
« Reply #2 on: February 17, 2017, 12:47:30 am »
Hello!

My computer is being infected with this kind of malware, it happens just yesterday. To be honest with you I am really into downloading movies via torrent and maybe that's where I got the malware. I have been using torrent many years ago and I never had anything like this. I hope you could help me to  bring back all of my important files. Thank you so much and godbless

*

Execute

  • *****
  • 372
  • +55/-0
  • Your friendly neighbourhood IT guy
      • View Profile
Re: All_Your_Documents.rar Virus
« Reply #3 on: February 17, 2017, 05:34:25 pm »
@puskas, @TINAPAYMASAKER

Currently, there is no decrypting tool available for this ransomware. Even if a security software removes the cryptovirus from infecting your and other PCs furhter, it cannot decrypt your files. If a decryption method is found, we will contact you to notify you of that and update the article in the blog.

What I can tell you is that after you remove the virus, it will no longer be active - usually security programs make sure of that. Formatting your hard drive should be your last option, as formating may leave some files in the system that can still leave the ransomware active. The security software is the thing that cleans your PC from the virus and its files. Also, if you do format your disk drives, it might be next to impossible to restore any files that got deleted before that. Usually, some ransomware viruses deleted the original files and encrypted their copies (because it made copies of them). So Data Recovery Programs could recover the deleted data and restore the original files. You should try that out, although for this particular case, the files might just be put inside that .rar file. I suggest you try Data Recovery programs, before formatting.

Note: If you come across a service that states that it can decrypt your files and bring them back to normal, be aware that they cannot do that, as even engineers and researchers from AV companies struggle with this, So a service that guarantees such a service as successful, especially if they want money for that is a scam. Some companies paid over 1000$ for such a service and their files weren't recovered, of course.

*

Grover Frank

  • *
  • 2
  • +0/-0
      • View Profile
Re: All_Your_Documents.rar Virus
« Reply #4 on: February 18, 2017, 09:06:51 pm »
This kind of virus uses encryption method to decrypt of system data which can be accessed only by the decryption key.
I believe this keys are not available.
Encrypted file is only available through the cyber criminals, victims may be tempted to purchase it and pay the exorbitant fee.
You can try some Malware Removal Tool which may help you to remove those viruses.
I have heard about Malwarebytes Virus Removal Tool which tends to remove malwares and viruses from system.

*

Execute

  • *****
  • 372
  • +55/-0
  • Your friendly neighbourhood IT guy
      • View Profile
Re: All_Your_Documents.rar Virus
« Reply #5 on: February 20, 2017, 02:49:00 pm »
Most anti-virus programs and security tools nowadays should be able to remove the virus, but unfortunately are unable to decrypt the files...