Cryptovirus file retrieval
Posted on 2013-11-07
I've just received a client's PC after they had a cryptovirus removed by another IT service company.
I don't know the name of the cryptovirus, but I'm sure I can find out.
The files are all encrypted but all remain in their original location.
Do you have suggestions of how to troubleshoot this without having to pay the 'ransomer', on the off chance that they may release the encryption codes (I wouldn't like to test this)?
Someone suggest data recover through a data recovery agent, but that doesn't sound right - that data's there and the file sizes look about right, they're just encrypted.
Look forward to hearing your thoughts on a way forward.