We have been called in to assist with an infection for a new contact. During our visit it was found that he server did not have virus protection, did not have ANY known backups and all of their shared files (such as Excel and Word documents) are now in .EZZ format. I have searched online, but have not been able to find a way to decrypt the files.
We retrieved the server and brought it back to our place where it is on a separate network. We have run full virus and malware scans which found and removed multiple items. The problem now is that the files are encrypted. I tried manually changing the extension, however besides changing the document icon to something recognizable, it fails to open the file.
This problem started with a user's workstation who had the shared files mapped as a networked drive. Any suggestions would be greatly appreciated.