We had one workstation that was infected with the cryptolocker Trojan. we got the virus out but a bunch of files are now encrypted. is there a way to unencrypt these files?
there is a screenshot and description of the virus here: http://www.fixspywarenow.com/how-to-remove-cryptolocker-your-personal-files-are-encrypted-virus-a-guide-to-remove-cryptolocker-your-personal-files-are-encrypted-virus-from-your-pc/
so far I tried this tool: http://www.pandasecurity.com/homeusers/support/card?id=1675&IdIdioma=1
it asks for an original file and the encrypted version of it to generate the encryption key. I provided that for the program and a key was generated, but the tool cant actually use this key yo decrypt the files. I get this in the log:
2013-09-09 15:36:02: [i] ### Using key <C:\Users\xxxx\AppData\Local\Temp\PRDecrypt\key.bin> ###
2013-09-09 15:36:02: [i] Searching crypted files.
2013-09-09 15:36:02: No files decrypted.
2013-09-09 15:36:02: Done.
PS: I'm not a new member, i just can't remember which username or email i used for this website before.
Edited by solomonshv, 09 September 2013 - 02:57 PM.