• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 545
  • Last Modified:

Cryptovirus file retrieval

Hi guys,

I've just received a client's PC after they had a cryptovirus removed by another IT service company.

I don't know the name of the cryptovirus, but I'm sure I can find out.

The files are all encrypted but all remain in their original location.

Do you have suggestions of how to troubleshoot this without having to pay the 'ransomer', on the off chance that they may release the encryption codes (I wouldn't like to test this)?

Someone suggest data recover through a data recovery agent, but that doesn't sound right - that data's there and the file sizes look about right, they're just encrypted.

Look forward to hearing your thoughts on a way forward.
0
Servant-Leggie
Asked:
Servant-Leggie
1 Solution
 
Skyler KincaidNetwork/Systems EngineerCommented:
We have had a few computers come in like this and your only option is restoring from backups. The virus uses 2048bit encryption with a unique key that is generated from some punks server.

Paying the ransomer may allow you to restore the files but typically even that option is limited by a deadline.

We have all our clients setup with SOS backup. We have been formatting the machines, restoring the files, installing the Cryptoblocker tool, installing a better antivirus and sending it back out. Here is the link to the prevention tool but we haven't done any testing with it:

http://www.foolishit.com/vb6-projects/cryptoprevent/
0
 
Servant-LeggieAuthor Commented:
Thanks, xKincaidx, your solution was pretty much what I was thinking, only I didn't know it was 2048bit encryption (although I did know that it was apparently 'uncrackable' and is apparently the use of impressive and legitimate encryption algorithms for illegitimate purposes).
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now