DirtyDecrypt.exe

On this page is detailed description of DirtyDecrypt.exe. Ways to remove the threat and methods to protect the computer against similar attack is also presented.

DirtyDecrypt.exe is a ransom program that can held back some of your computer files. Unlike Police and FBI virus that locks the system, this one will encrypt files found inside your hard drive. DirtyDecrypt.exe affects files like photos, music, videos, documents, and so on. Opening these mentioned file will pop-up a message stating that file is corrupted. In some cases, the virus will issue a message stating the following:

“This file can be decrypted using the program DirtyDecrypt.exe
Press CTRL+ALT+D to run DirtyDecrypt.exe”

In the event that you wanted to use this said tool to decrypt the files, it will prompt you to pay for the code. This code unlocks the program so that you may use it to return files to its previous state. Be aware that DirtyDecrypt.exe affects only files that exist during the infection. Newly created files will not be involved in the corruption.

There are several ways how one computer can be infected with DirtyDecrypt.exe. It could be Trojan or virus infection that dropped the virus. In some instances, visiting harmful web sites can inject the code into the system. Software downloads and online videos can be another source of DirtyDecrypt.exe virus.

In order to decrypt all affected files inside the computer, you must remove the virus. Removal may not be simple; it requires some experience in troubleshooting system. Accidental deletion of system files may lead to bigger trouble. Thus, if you are not well-versed in this field, we suggest that you seek assistance from experts.

TypeRansomware
Sub-TypeWindows Lock, PC Lock
OS AffectedWindows

Follow these Procedures to Remove DirtyDecrypt.exe

Procedure 1 : Create bootable USB drive via Kaspersky Rescue Disk

Procedure 2 : Start the computer with Kaspersky Rescue Disk

Procedure 3 : Remove DirtyDecrypt.exe with WindowsUnlocker

Procedure 4 : Run a virus scan using the same tool to ensure that no more leftover items from DirtyDecrypt.exe

Ransom Trojans and viruses will lock the screen and makes the computer unusable. Common ways to deal with this type of infection is to boot the PC using another device. For this tutorial we will do a bootable disk that contains DirtyDecrypt.exe remover.

Create a USB Bootable Device

1. Download Kaspersky Rescue Disk from their official server. Click the button below. The file will be in .ISO format.

2. Download this utility called rescue2usb to record your .ISO file into the USB drive. Obviously you need a USB thumb drive at least 512MB in capacity. Plug it to the computer.

3. Once you have the two programs, double-click on the rescue2usb.exe to start creating a bootable USB drive.
4. You will see on the screen in the program called Kasperksy USB Rescue Disk Maker. Click on Browse and locate the .ISO file.
5. Under USB Medium, select the proper drive of your USB device.
6. Click on START. It will now begin to create a bootable USB drive with Kaspersky Rescue Disk in it.

Start the Computer with Kaspersky Rescue Disk.

1. You must set the computer to use other bootable device aside from hard drive. For this procedure, enable your BIOS to boot to USB device. If you are not familiar with this, please refer to your computer's instruction manual.

2. Another option is to access the Boot Menu right after you turn one the PC. It will present a Menu so that you can select a preferred boot drive. Select Removable Devices.

Boot Menu

3. Your computer will now start and load Kaspersky Rescue Disk.
4. If you see a message on the screen, please Press any key to enter the menu. You only have 10 seconds to do this, otherwise it will boot with the hard drive.

5. Next screen will be the interface language. Please select desired language to use.
6. You must run the program in Graphic Mode. This gives you easy access to all commands and menus.
7. End User License Agreement will appear. Please accept to continue using the program. Press 1 to proceed.

Using WindowsUnlocker to Remove DirtyDecrypt.exe

1.Click on the K button at the lower left corner of the screen.

2. Select Terminal on the list. It will open a command prompt.
3. Type windowsunlocker and press Enter on your keyboard.

4. On WindowsUnlocker menu, please type 1 to Unlock Windows. This utility will clean the registry for malicious entries.

5. After the cleanup process, it will display the menu once more.
6. Press 0 on your keyboard to exit WindowsUnlocker.

Run a Virus Scan

1. After removing DirtyDecrypt.exe, you need to delete all remaining components.
2. Click on the K to display the menu.

3. Select Kaspersky Rescue Disk. This will open the virus scanning tool.
4. You need to update the program first. Select My Update Center tab and click on Start update. This requires an Internet connection.

5. After updating the program, select Object Scan tab and click on Start Object Scan. You must scan the following:

  • Disk boot sectors
  • Hidden startup objects
  • All drives

6. Scanning the entire hard drive may take some time. Please let the scan to finish.
7. Once the scan process is complete, the tool will prompt you for preferred actions on detected threats. Deleting all threats is recommended.
8. You can now turn off the computer, unplug the USB drive, and start Windows in normal mode.

Protect your PC from DirtyDecrypt.exe or Similar Attack

Turn On Security Features of your Internet Browser

Internet Explorer - Activate SmartScreen Filter

Internet Explorer versions 8 and 9 has this feature called SmartScreen Filter. It helps detect phishing web sites and protect you from downloading malicious files online. You may have avoided DirtyDecrypt.exe virus if this has been active on your PC. To turn on SmartScreen Filter, follow these steps:

1. Please open Internet Explorer.
2. On top menu, select Tools (IE 9). For IE 8, please look for Safety menu.
3. Select SmartScreen Filter from the drop-down list and click on Turn on SmartScreen Filter.

IE SmartScreen Filter

4. Please restart Internet Explorer.

Google Chrome's Enable Phishing and Malware Protection

With Google Chrome's Phishing and Malware Detection feature, you will have lesser risks browsing the web. It will display a warning when the site you are trying to visit is suspicious. To enable Phishing and Malware Protection, please do these steps:

1. Open Google Chrome.
2. Click on the Customize and control Google Chrome (3-Bars Icon) located on top right corner of the browser.
3. Select Settings from the drop-down list.
4. Once on the settings page, click on Show advanced settings... at the bottom of the page to see the rest of the Chrome setup.
5. Locate Privacy section and mark 'Enable phishing and malware protection'.

Chrome Security Settings

6. Please restart Google Chrome. New settings keep your browser safe while surfing the web.

Mozilla Firefox - Block Attack Sites and Web Forgeries

Phishing and Malware Protection is a built-in feature on Firefox version 3 or later. It warns you when a page you are trying to visit contains phishing content or an attack site designed to drop threats on the computer. To help you keep safe while browsing the Internet using Firefox, please follow this guide:

1. Open Mozilla Firefox browser.
2. On top menu, click on Tools. Then select Options from the list.
3. Select Security and put a check mark on the following items:

  • Warn me when sites try to install add-ons
  • Block reported attack sites
  • Block reported web forgeries

Firefox Security Settings

Remove DirtyDecrypt.exe & Protect Your Computer Now!

Get Protection
30 Day Trial

2 Responses to“DirtyDecrypt.exe”

  1. Daniel
    July 16, 2013 at 9:43 am #

    I had a problem on my computer I virus entered the new ramware police April this year, is called dirtydescript.exe, the virus that nearly eliminated almost entirely, but I have most of the photos and videos encrypted, I have already tried several of desencryptacion software as panda and ksfety but none serve because the weight of the files remain the same change and these programs do not identify them as equals. In your page’ve seen instructions on how to remove this virus, but does not put anything in the program to decrypt the files.

  2. Glyn Birtwistle
    July 19, 2013 at 3:46 pm #

    Yep, I’ve got the same problem, virus removed but files still encrypted. Anyone got any idea how to decrypt them please

Leave a Reply

Your email address will not be published. Required fields are marked *

(Required)

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>