At the request of a moderator I am starting a new topic.
Several Clients have been infected with cryptolocker malware/ransomware. Key difference in this new infection is that IT DOES WHAT IT SAYS and encrypts (in some form or fashion) all MS Office and wordperfect or JPG and other file formats. Rendering them inaccessible to the user. It does this locally and on any accessible network hard drives.
Is there any hope for decryption without paying or a good backup?
Two of my clients had good backups and one did not (didnt execute implemented backup plan) and doing a restore on the ones we can, and the backupless guy decided to pay (and the decryption is actually taking place as I type).
Any help or hope for detection/prevention and a way to move forward with this new threat?
The malware itself is trivial to remove but it leaves the files "encrypted" and inaccessible to the end user.