Mitigation tool 'CryptoSearch' finds files encrypted by Ransomware, moves them to new location

[Parsh]

The mentioned Windows app that has been developed by security researcher Michael Gillespie is not any kind of a decryptor tool. Rather, it provides solace by lending more time to the victim to decrypt his files, by automatically moving/copying them to a safe location.
This can be particularly useful in case of timer-based Ransomware infections and other dangerous Randomware families.

The tool identifies files encrypted by several types of ransomware families and provides the user with the option to copy or move the files to a new location, in hopes that a decrypter that can recover the locked files will be released in the future.

Gillespie developed the app as a recovery and cleaning utility for computers that have been infected by undecryptable ransomware strains.

In these cases, it is impossible for PC owners to recover locked files, so the best course of action is to move all the encrypted data to a backup drive and wait until security researchers find a way to break the ransomware's encryption.

Find the link to the entire article here.