Unfortunately, had to pay the ransom for a client who did not have good backups. I received the public and private keys, but upon running the decrypt.exe file, it reports success decrypting files, but the files aren't actually decrypted. Is there another program we can run to do this, particularly since we have the public and private keys (supposedly).
The original infected machine was a Windows 7 Pro machine that was so badly damaged it would no longer boot reliably. I took an image of the OS and reformatted so the client could get back to work. I have a copy of all the encrypted files (over 100GB unfortunately - it got to their server share as well). I'd hate to tell them that after paying the ransom they are still screwed.