Jad

Hey guys, I've wasted a lot of my time on this only to find no solutions. Note that my research was done mostly on image files. My conclusions were: - the virus evolved and there are several versions of it. If given time it would attack / rewrite most common user extensions. Those that spotted it early are lucky. - the file is high-jacked ( header + footer ) not fully encrypted, you can recognize a lot of the old content in the 'encrypted one'. If you open to edit you'll land inside the "cover" instead of the real content, re-saving the file will land you with a 51.7 kB png.

I'm JStormrage, the guy looking into finding a solution, on that blog Thanks anyway.

Thank you for the reply. Its my first rendezvous with such an attack. I'm trying to help one of the victims, a photographer who lost a lot of albums of events. There are a lot of sad people. Any update on this is welcomed.

Greetings, I'm new here, reporting something which i think it's a serious problem. Dirty Decrypt, possibly a new breed of virus, most articles about it start with the 28th of April 2013 Even tho I have no knowledge on how its infecting systems,this virus takes over a host computer, blocks its access and can be removed through a series of methods, all found through Google in articles related to it. The big problem is the damage left behind. In the background the virus modifies XLS, DOC, PDF, JPG, PNG and possibly more files. The modified files can not be opened. Instead, a