Ransomeware!

Neemobeer

Windows Forum Team
Staff member
#3
I'm very skeptical these will work. For one, lots of these ransomware malware generate the private key on a server, so you never see it on the wire. When I say "on the wire" I mean some ransomware will generate the private cert client side and transmit it and if your network has network monitoring you can extract the key to decrypt. The only case these descriptors would work is if the authorities had seized the bad guys servers and have access to the private keys.
 


RichM

Active Member
#4
Don't be. On a Linkedin Forum I'm on, an alert shop owner used a new Eset program aimed at
Crypto Locker captured files and effortlessly removed the encryption.
 


Neemobeer

Windows Forum Team
Staff member
#5
It probably doesn't remove the encryption then, it more likely has a file system filter driver that intercepts the encryption process and reverts the file back then. That would be do able.
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.