Malware RSA-2048 Virus

harveybham · Oct 18, 2015

Hi

I have a home server with 4 Drives in there.

The Drives with Files on there such as Pictures, Movies and Documents have all been infected.

If I go to these drives there is a text file in each infected folder which says "HOWTO_RESTORE_FILES_lubof"

Of Course when you open it they want you to pay for the decryption.

The C Drive on the machine has not been affected and I have since reformatted this drive.

I have run lots of spyware, malware and virus programs to try and see if there is anything there but it seems there is not. My Drives are still all locked and I can not view the files. They all have a extension of .CCC.

Has anybody any idea how I can recover these files?

Thanks

trevortron · Oct 19, 2015

Ouch! Doesn't sound nice. Sorry I can't help with recovering your files, but do you have any idea how they became infected in the first place?

Rumpelstiltskin. · Oct 19, 2015

Remove RSA-2048 Encryption Virus and Restore Encrypted Files

nihilistic · Oct 20, 2015

Try looking in Application Data > Application Data > Microsoft > Crypto > RSA folder of your PC for the private key. ( make sure "hidden folders are viewable ).

harveybham · Oct 20, 2015

hi

the drive that got this problem has no OS on there it is pure data drive

i am not sure how the malware came on this machine but it is a bad malware from all the google searches i have done

zappaz · Oct 31, 2015

Don't sound good...I had a client who was hit with cryptolocker and all doc,exel,jpg,pdf files were locked.There was no way to recover files either pay the ransome or loose the data!
Luckily he kept the encrypted files and a year later there was a decryption tool available.
I managed to decrypt all of the files...great job.

Malware RSA-2048 Virus

harveybham

Inactive User

trevortron

VIP Member

Rumpelstiltskin.

VIP Member

nihilistic

Inactive User

harveybham

Inactive User

zappaz

Inactive User

Similar threads

We value your privacy