ransomeware virus

Scholar

ransomeware virus

Hello,

 

My server has been infected with ramsomeware virus.  The person whi did this is  asking huge amount to encrypty the file. Any suggestions would be of great help

2 REPLIES 2
F-Secure Product Expert
F-Secure Product Expert

Re: ransomeware virus

Hello mfb1,

 

Here is the page on ransomwares.

It contains instructions and further technical details.



Best Regards

-Ben

_________________________________

Has somebody helped you? Say thanks by giving likes. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
Superuser

Re: ransomeware virus

Hello,

 

What are the exact file names of the encrypted files? (It could be similar to "Something.GDB!___filehelpers3181@gmail.com__.crypt" for example.)

 

Do you have a file pair where there are two identical files, one readable and one encrypted? (For example a photo, which is preserved on memory card, but its copy stored on the hard disk got encrypted. Or a database file that has a readable backup.)

 

[Rationale: a lot of current malware and manual encrypting attacks done via remote access vulnerabilites still use an older Gomasom framework with known faulty crypto. In that case, there is a utility which can recover the key in a few hours, via brute force comparison of an encrypted / readable pair of otherwise identical files. It saved two customers here in the past week.]

 

Best regards: Tamas Feher, 2F 2000 Kft., Hungary.