You are welcome to discuss various security topics with our professional team and other users like you!
Read our Registration Agreement and create your FREE account here!

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - bvitorio

Pages: [1]
1
@EXECUTE
Thank you very much for the answer.
I had already read the material indicated, I used Spyhunter 5 to clean my server.
The biggest problem besides having infected the BKP, was that I did not put it in the cloud.

I am using a data recovery programs to try to grab some file before it happened.
I am using GETDATABACK FOR NTFS and another is STELLA PHEONIX WINDOWS DATA RECOVERY
I do not know if it will work, but it's a hope.
If it does not work, I'll leave for a company to try to solve.

Thank you so much for your help one more time. I'm really grateful.

2
Hello friends
Sunday this happened to my company.
All shared data files on a Windows Server 2008 R2 server have been encrypted.
All were left with the extension: .fastrecovery @ xmpp.jp
an example below:
y+=iziiCEMAz5hAKZwYt9qviAMwLZx8DqmlY93psEKIWN6smZKlZHWo7AjQpAUT=ApSoqDLKREes+lsaK15hIco3tp3J8i7LUJ995GJ2ACjIZoIgC9mn567FhlAjNGvwJnEyWA.fastrecovery@xmpp.jp

The rescue .txt file is this:
      
      The file is encrypted with the RSA-2048 algorithm, only we can decrypt the file.

====================================================================================================
            To decrypt files, please contact us by jabber:

               fastrecovery@xmpp.jp

====================================================================================================
               
      If you do not have a jabber. To write to us to register: https://www.xmpp.jp

====================================================================================================
Your files are encrypted!
Your personal identifier:
+4IAAAAAAAC9wDrhJZLBE0QkCAN=AaEExNzY=2Y2aT4EJF60=rJHn7jjpVqeZ6sJrvnX0=Jacb6zp39ti7arIvhHVROvjiBXxWpi
Cg9XtUdhtv7p1OeqZtURy0ywbXQe0yxWtOnhwqso5wqSku+FOSenX49RT25p88zL=UIZt+Pj9vuh6G0drb260FxMPVFQpGXHazMU
ghyTr5u=SGypy5e=+RBwVOtnzgmZWfYrv7ENgWZ6g90GlTfU1DG7ZeCesAOlqeb2v+Isd1vZL1EB4HRBOv5va1i6AgwbWbtZFyAo
mP0BxQAwN+BBbC4aElSyBf0=Qp4cp+zITRk1sKEG+I1gsZ=ZbHLugYQEBqTrFNgEFYU7OsW60nL1zOQucDtMJxkGwBMjBPdnAIl9
Jh4S9Xtwc6WoWNip5jjAPXJzmpb4lPoA
====================================================================================================

From what I browsed on various sites and forums, there is still no solution to decrypt these my "hijacked" files.
Does anyone here know of any tool that turns my files back to what it was before?
I'm really desperate because even the backup that was done was also infected.
Sorry to bother you, and I really appreciate any help from you.

Pages: [1]