Greetings,
I'm new here, reporting something which i think it's a serious problem.
Dirty Decrypt, possibly a new breed of virus, most articles about it start with the 28th of April 2013
Even tho I have no knowledge on how its infecting systems,this virus takes over a host computer, blocks its access and can be removed through a series of methods, all found through Google in articles related to it.
The big problem is the damage left behind. In the background the virus modifies XLS, DOC, PDF, JPG, PNG and possibly more files.
The modified files can not be opened. Instead, a strange message claiming you need to run the virus to decrypt your files, comes up. This falls under ransom-ware, and the poor victim can loose family pictures, important documents and sadly, so far to my knowledge no one created a tool to restore the affected files.
I don't believe the files are encrypted as per say, but modified, more like hijacked the exif file header is modified and some junk data is written at the end of the file, I managed to restore jpg files, but doing this manually takes ages, especially for images bigger than 3 MB. The core of the file is there, its original header data is missing.
Just do an ANSI file content compare from a virused file and itself, unaffected, you'll see what i mean.
I'm opening this topic in the hope that a security company will develop a tool for mass restoration of affected data. There are many people hit by this problem but not all are so tech inclined to know how to approach a solution.