Free Ransomware Decryption Utilities


Ransomware removal toolsSecurity company Trend Micro has published some free tools which claim to be able to remove ransomware from a computer and recover any encrypted files. Not having any infected computers to hand, I've not been able to test these. But it might well be a good idea to add this to your list of things to try if you're unlucky enough to be affected.

You'll find the tools, and details on how to download and use them, at and they should work fine with all recent versions of Windows.


Please rate this article: 

Your rating: None
Average: 4.4 (13 votes)


The webpage that Trend Micro sends you to for a consumer no longer exists.

Emsisoft probably has the most (widest variety) of free ransomware decrypter tools available, currently covering 20 different variants:

When shown & explained, I seem to have no issue with the 60-80+ age group in backing up.

If they can do this, what is the issue being reported here?

Maybe you have to do a video showing it & leave that on their desktop? That's what I did. You're welcome.

Thanks to rob.schifreen and zootsocket.
Good info, hopefully helpful and bookmarked!

The No More Ransom project was set up in response to the number of these attacks suffered by users in Belgium and the Netherlands. They have also produced a number of decryption tools in conjunction with Europol, Kaspersky and Intel. Details here: Fortunately I haven't needed to resort to these measures, but if the worst happens it's useful to know what help is available.

Agreed, & thank you.

I believe that people must catch up with the tech out there. In Win 98, the entire drive was 2GB (including Windows, programs, AND your data). But, we had yet to have digital media. For that time-frame, you had no choice BUT, to keep it all on the PC. t was also the very beginning of the net, & not as full of bad guys as it is now.

We HAVE TO instruct people to keep their data backed up to two sources, or it may be lost forever.

Thank you for that link- I'll def have a look!


Great aspirations but in my experience a totally lost cause. Although no longer involved with active support, not too long ago I was servicing a whole raft of customers and a good 90% couldn't be bothered to understand backup software or even do it if they did. These same folks were click-happy with everything and screamed like wailing banshees every time they got infected which was regularly. MC - Site Manager.

Mr Midnight Cowboy. I appreciate your feelings towards some people who 'Could Not be Bothered' Please understand though, there are also people like me who though fairly intelligent, somehow find it difficult to grasp a lot of 'Techy' stuff, and sort of lose track when trying it, mainly because they perhaps - like me - have missed out on simple basic stuff.Believe me, i wish i could, but some of it just 'passes me by'

I appreciate this and was not including this group in my post although I should maybe have made this clear. You should see me trying to assemble so called "easy fix" furniture kits :D I've also been living in Brazil for 12 years now but my command of Portuguese still only extends to a few phrases. Everyone has different skill sets and levels of ability but this is a separate issue from the lazy and/or apathetic approach to particular tasks. MC - Site Manager.

So, you're here to say, what exactly?

Everyone is f*cked & don't bother?? Nice.

Glad you're not in "active support" now. Good grief. What a lousy "no help, adds to problem" proclamation. Geez. Happy for you to NOT have to help others- & am sure they are, too.

and agreed, totally!

I don't understand why this comment looked like it was meant to react to geekomatic's useless rant.

Naturally I don't know what rankled your feathers but it hardly could have been MC's words. They IMHO just were reporting of facts that all too many people do not want to admit. Are you by chance one of those people?

I can only report what I found. In fact we provided an excellent service but were not a charity or volunteer group as in the 8 years + I've been helping out here. Customers were given every encouragement and practical help based on their support plan but the drop off rate thereafter was pretty steep. This data provides something of an insight but bear in mind these are only reported figures. The overall true figures for "never" will be a lot higher. MC - Site Manager.


Well, you're obviously dealing with people a lot more on the ball where these things are concerned than I am. I doubt I could get anyone to upload a file, let alone set-up/use a separate account to examine files- lol. My main user-base is middle-to older aged residential clients. I stress backups, which are unplugged when not in use. I also specify portables- as we have power issues in our area which could surge & kill a powered HDD.

I like people to understand their files & file structure. So, I ask their backups are done once a month (usually). I have them create a year folder & then copy/paste into the corresponding month folder within that. Every fourth month, delete the oldest, so you only have three backups at one time. It also helps if they accidentally delete something they didn't mean to- they still have three copies of it left in their backups.

Obviously, I'm dealing with folks with very little data to backup-- you, need a different solution.

I wish you luck!

What many of us would really appreciate is a step by step page on what to do to stop a ransomware attack.

Then another page on what to do if you get a ransomware attack.

I've run across about half a dozen ransomware attacks. No one knew anything was wrong until their "pop-up-timer" appeared on their screen with the instructions for "payment or else". Fortunately, all had a fairly recent backup of their data on external media (USB drives: flash or hard disk). You can possibly mitigate an attack by only ever logging in under a limited account (vs. admin)-- but that still allows you to "okay" the dialogue box which would be presented to you to "allow" it to run. It would be a "warning", but still one which you might inadvertently click, "yes" to.

Ransomware almost always comes through a fake/infected email or an infected download (hidden within a "legitimate" program you might download & run on your computer).

Therefore, the best protection is preventative: copy your user data out of the computer periodically & then unplug that backup so that it cannot be accessed in the event of an attack on the PC. Remember that ALL attached storage (local, network, internet) can be encrypted by the ransomware. This, means that even Dropbox will get hit if you're logged into it, at the time.

Think of it another way: your computer is the LEAST safe place to store data. Act accordingly & "back-up, back-up, back-up".


I am part of a team that supports about 1,600 sites. We were getting one ransomware attack a day. Now it's slowed down a bit. What is interesting is that of the few that have paid, the majority were not given the rights to unlock their data, and so they have paid for nothing.

What I have also done is tell our clients that if they are suspecting of a file use virus total which when I experiment gives reasonable accuracy. The other trick I tell them is if they are suspicious and use a gmail account wait a day before examining the file because gmail scanners seem to need some time to pick up on new ransomware software.

I am also loading on computers Malwarebytes anti-ransomware; I have no idea how well it is as I have been unable to test it, but it does have some good comments by people.

I am also using AOMEI to get an image copy on a removable harddrive so if a ransomware attack takes place, we have a copy.

I do not know what else I should do?


Re. "I do not know what else I should do?"
It may be a loosing battle but how about at least telling them about (my) First Commandment of Safe Computing:
. Read AND THINK before you click!
Quoted from

Re. Malwarebytes Anti Ransom:
I am in the same boat as you. I just don't ever seem to be at danger of catching that stuff so I have no first person experience with ransomware and thus with MB Anti Ransom. I have it installed on all of our 5 computers.

BUT: Over the years I have learned to "trust" Malwarebytes. So I have (strong!) hope that it might work in case it ever is needed. I believe there is not much more I can do but believe...