ransomeware virus



My server has been infected with ramsomeware virus.  The person whi did this is  asking huge amount to encrypty the file. Any suggestions would be of great help


  • Ben
    Ben Posts: 2,641 F-Secure Product Expert

    Hello mfb1,


    Here is the page on ransomwares.

    It contains instructions and further technical details.

  • etomcat
    etomcat Posts: 1,319 Superuser



    What are the exact file names of the encrypted files? (It could be similar to "[email protected]__.crypt" for example.)


    Do you have a file pair where there are two identical files, one readable and one encrypted? (For example a photo, which is preserved on memory card, but its copy stored on the hard disk got encrypted. Or a database file that has a readable backup.)


    [Rationale: a lot of current malware and manual encrypting attacks done via remote access vulnerabilites still use an older Gomasom framework with known faulty crypto. In that case, there is a utility which can recover the key in a few hours, via brute force comparison of an encrypted / readable pair of otherwise identical files. It saved two customers here in the past week.]


    Best regards: Tamas Feher, 2F 2000 Kft., Hungary.

This discussion has been closed.