Thread: [Solved] FileError_22001 - New virus??
View Single Post
 
Old 01-20-2009, 02:09 AM
bob.g bob.g is offline Windows XP Office 2003
Novice
  
Join Date: Dec 2008
Posts: 14
bob.g is on a distinguished road
Default
i've finished the initial version of decryption utility for testing.
now it should be able to find both encryption keys and decrypt all encrypted files.

download deFE22001.exe:
https://sourceforge.net/project/plat...platform=12963
save it a folder and execute. it will create "recover" folder with decrypted files keeping original directory structure.

1. if HKLM\Software\Fcd registry entry is absent - it won't be able to decrypt
2. make sure you have enough space to hold decrypted files on a disk which you run utility from
3. encrypted files should be in <app_data>/CDD and /FLR folders - exactly as the virus left the encrypted there

any comments/questions/feedback are welcomed.
Reply With Quote