by searching on some keywords in it. By examining one of the files, it does look like it was encrypted with WINRAR V3.x. Also there was an empty RAR directory left on the hard drive with the creation date the same as the encrypted files. I tried the unencrypt information in the ACCFFISA post but it did not work. I can upload encrypted and unencrypted versions of some files, he did have a partial backup, but of course his important business files are too out of date to use the backup versions. I'm looking for the decrypt key.
Here is the text that follows each file's name:
filename.xxx(!! to decrypt email id 825678606 to email@example.com !!).exe
The file below is the file that appears when you click on any encrypted file. It was the only file in a directory called - "kpugprxo" (Without the quotes)
Edited by m0le, 16 July 2012 - 07:51 PM.
removed file download