Last year (august), I was infected by the TorrentLocker ransomware (it seems). Today, I made a new review on advances and found the TorrentUnlocker De-Ransomware tool. Ran it and I applied it on image files. This is what happens:
a) If the encrypted file is used as the test file after key retrieval, it does work with that file and can see the image.
If I apply that key to another encrypted file, it does work but just for half the file. From the middle to the top the image is corrupted (in JPEG it is not read, it does work for tiff files so I assume this is a header problem).
My question is... any clues on what is going on?. At least half of the file is unencrypted, so something is working there...
Thanks in advance