Help me Jow Forums...

Help me Jow Forums... My laptop got infected with the Hermes virus and about 70% of my media files now have the hrm extension and are unplayable. How do I decrypt. I really don't want to redownload 100+ GB of movies, music, etc. Help me Jow Forums

Attached: hermes-2-1-ransomware.png (972x600, 173K)

Other urls found in this thread:

pcrisk.com/removal-guides/10952-hermes-ransomware
bleepingcomputer.com/forums/t/640086/hermes-ransom-help-support-topic-decrypt-informationhtml-ransom-note/
download.bleepingcomputer.com/demonslay335/HermesDecrypter.zip
support.kaspersky.com/10556
twitter.com/SFWRedditVideos

Restore from your backups

No backups...no cloud. Any advice to decrypt hrm will be helpful

>No backups...no cloud

Attached: 1534289518124.jpg (550x512, 31K)

Decompile the infected binary. Find out how they implemented their crypto, then write a decryptor.

>No backups

Attached: behave.jpg (300x168, 9K)

Format the disk and then do a reverse format to restore the data

Correct answer.

zip the entire drive, then email them to decrypt it as one of your 3 test files.

Attached: hermes.jpg (514x383, 52K)

I hope you learned your fucking lesson. Btw you can't decrypt, pay up and hope to God they haven't forgotten which key decrypts your shit.

So what did you do to get that?

Basically useless if the key isn't stored somewhere on the disk

You have exactly two options.

1) restore from backup or redownload
2) lose all of it

There is nothing else you can do. Don't fucking pay them, there's less than a 50/50 chance you get a working key from them and it sounds like you don't have anything that is irreplaceable. Stop being a whiny bitch and get to downloading.

>emailing a 20-30GB (minimum, likely more like 80GB) file
>not knowing how cryptography works

How did you even get ransomware in the first place? I'm genuinely curious.

Everyone wants to know how you got it, pls

And that my friends is why you should always have a external backup

Attached: 221f8b776f63e7e426054977b69eb8ed.jpg (400x300, 22K)

Take a two week vacation and manually change each extension from .hrm to whatever it was previously

It is very unlikely that any method exists to decrypt it without paying them. There have been a few cases where this has been possible, but they all involve either an incompetently-written virus (basically just pretends to encrypt) or authorities managing to seize their control server.

If they know what they're doing (they probably do) and their server doesn't get siezed (it probably won't) and you don't pay them (you probably shouldn't), there is nothing you can do.

It sounds like you don't have anything irreplaceable, just a bunch of movies. Suck it up, wipe it, start downloading again, be more careful next time.

What kind of files do people have here that are irreplaceable? The only thing I can think of are family pictures or a paper you're currently writing. Pictures are a bummer, but when is the last time you actually looked at them, you have a memory for a reason.

Damn, someone should make malware that just changes the extension.

Its media files. Format and use Linux since you're too stupid to use Windows without getting a virus. Maybe consider stop pirating and executing random shit from untrusted sources... Brainlet.

I like to revisit the different gapes I have created over the years and wish to relive the experience pictorially.

Not him but I've pirated since 1999 and found only five or six legit positives over a shitload of soft.

So about 3 movies in decent quality? Just redownload?

You learnt your lesson, next time use linux.

Do anything other than paying them since people paying them is what encourages these people to make more ransomware.
You can redownload 100+ GB files in like 1 day

i can tell by your english you're some stupid fucking third worlder

Music I made. But I have that backed up on DVDs, mirrored across 3 drives, and on 2 cloud services.

How the fuck do you even get ransomware?
I only run MSE and torrent all the time, I even tested with MBAM just now and nothing came up.

In the future store all your media files inside a 7zip archive. So that way if this happens again you can have them decrypt that archive as part of the 3 free decrypts.

Just pay the ransom you faggot. I've paid dozens of ransoms for my dumbshit clients over the years.

The decryption process is usually very quick, and then at the end the ransomware guys even have a helpful message about how to backup your documents. Cheeky buggers, but a great customer service.

I rate ransomware 9/10

>Hermes virus
pcrisk.com/removal-guides/10952-hermes-ransomware
bleepingcomputer.com/forums/t/640086/hermes-ransom-help-support-topic-decrypt-informationhtml-ransom-note/
download.bleepingcomputer.com/demonslay335/HermesDecrypter.zip

...why not just have a script do it for you?

Do you really think someone who gets infected with ransomware knows how to write a script?

Dang dude, your beats arent that good

support.kaspersky.com/10556

That should work I think

Attached: 1534501344117.png (1080x917, 531K)

It won't, you nigger

Good thing that ransomware can't into btrfs.

I feel bad for you.
You don't have the money to save your files.
Perhaps I can help.
Just post your name and bank account number and I will send you some Bitscoins by Priority Mail right away.

that's what you get for using Windows, retard.

>No backups
then you really did not need these files
so whats the problem?

install gentoo

openBSD doesn't have this problem.

And how did he not notice the cpu usage involved in encrypting all his files?