How Does It Work?

We’ve developed a streamlined ransomware recovery process to bring your company back in business as soon as possible.


  • STEP 1: Free Assessment

You submit the encrypted files and the ransom note for review. Then we will prepare a risk analysis, determine the exact type of ransomware, and examine the possible recovery options. Every ransomware infection is unique, and we have to check it to make a suitable offer. This process usually takes max. 24 hours. Click here to submit a new case.

  • STEP 2: Quote

You will receive an individual fixed-price offer for removing the ransomware and decrypting your data. You are always protected by our “No Data, No Charge” guarantee. If we cannot recover the data, you will get your money back.

  • STEP 3: Acceptance of the Quote

After acceptance of the offer, we will send you an invoice including VAT, which you can pay by PayPal, direct debit, wire transfer or credit card. We also offers you secure payment processing via an escrow service. As soon as we receive the payment, we will start the ransomware recovery process immediately.

We also fill a data processing agreement (DPA) to achieve GDPR compliance. During and after the ransomware recovery process we’re handling your company data strictly confidential. As a german company we’re underlying the german and european laws, which are internationally known for their high data protection standards. Read more

  • STEP 4: Preparing for Recovery

You must first install our remote maintenance software on the affected computer system. We install a next-generation antivirus solution with ransomware protection. This installation protects your data from further damage and helps prevent another ransomware reoccurrence. We also remove the ransomware and backup the encrypted files. Additionally, we perform a quick analysis to determine which security vulnerability caused this issue.

  • STEP 5: Actual Recovery

Now that the computer system is cleansed of the ransomware trojan and a re-infection is prevented, we start with the ransomware data recovery. To decrypt your data, we use different methods, such as reverse-engineering the ransomware, restoring from system backups, and best-known decryption methods.

If this approach doesn’t work, we also consider the negotiation and payment of the ransom to get your business back up as fast as possible. Even though we advise you not to pay the ransom, there is sometimes no other way to restore the business operation. We take the FULL RISK for you, and you don’t have to worry since you’re still be covered by our “No Data, No Charge” guarantee.

  • STEP 6: Prevention & Reporting

In order to permanently improve your IT security, you will receive a detailed guide from us. Also, your ransomware recovery expert will give you direct tips to improve your IT security.

Cyber-insurance policies usually cover the costs of using a professional ransomware recovery service. You will receive a detailed attack report within five days after completion of the work, which you can use  to  submit the claim to your insurance.

Ransomware Recovery Data

Your Benefits Using Our Ransomware Recovery Service

  1. Reduce Downtime Significant If the access to the IT systems and data is down, it’s a very costly unplanned break. Do our streamlined ransomware recovery process, we get your business back to operational, as fast as possible.
  2. No Data – No Charge Guarantee: If we can not recover your data, you will get your money back.
  3. Easy Insurance Reporting: You receive a detailed reporting and a sample letter, to easily submit this case to your cyber-insurance. Cyber-insurance policies usually cover the costs of using a professional ransomware recovery service.
  4. Guard Data & Prevent Attacks. In every case we use best-practice methods to backup your encrypted data first, remove the ransomware trojan, before we start with the ransomware data decryption. This standardized process ensures that your data won’t get damaged further and the ransomware no longer spreads on your network.

Frequently Asked Questions

After a first free assessment, you will receive a comprehensive offering for your custom needs. It highly depends on the complexity of the ransomware attack, the number of encrypted computers, and your local environment (e.g., performance of computers, servers, operating systems).

  1. We can reduce your downtime from ransomware significantly. We’re dealing with over a hundred cases every year. We know what to do, to keep the downtime for your company to an absolute minimum. You can benefit from our expert knowledge and don’t need to do time-intensive researches by yourself.

  2. Don’t deal with criminals directly. Most companies don’t feel comfortable dealing with cyber-criminals. It can add a layer of stress in this company-wide emergency. We handle the whole communication with the criminals for you, providing all the necessary information upfront, to restore your data as fast as possible.

  3. Instant Ransomware Payment. We don’t recommend that you pay the ransom. But sometimes there’s no other way if backups and normal recovery methods fail. If you try to buy Bitcoins yourself, you run through an intensive Know-your-customer process, which usually takes2-6 days, if you try to buy higher amounts of Bitcoins. For this case, we always have Bitcoins in stock and can do an instant-payment for you.

  4. We don’t damage your data. In every case, we use best-practice methods to back-up your encrypted data first, remove the Ransomware trojan and then restore your data with normal recovery methods or decrypt the data with the official software. This standardized process ensures that your data won’t get damaged and that the ransomware no longer spreads on your network.

  5. Easy Insurance Reporting: You receive a detailed report and a sample letter, to easily submit this case to your cyber-insurance. Cyber-insurance usually covers a huge part of the costs involved with ransomware incidents.
  1. Backup, Backup, Backup! Use a separated backup destination like a secure cloud storage provider or a local backup medium, which gets physically disconnected after a successful backup run.
  2. Install a Next-Gen-Antivirus. It combines a classic signature-based antivirus with powerful exploit protection, ransomware protection and endpoint detection and response (EDR).
  3. Install a Next-Gen-Firewall. A Next-Gen-Firewall is also called Unified threat management (UTM) firewall. It adds a layer of security at every entry and exit point of your company data communication. It combines classic network security with intrusion detection, intrusion prevention, gateway antivirus, email filtering and many more.

Yes, we provide services around the globe. Our customer service is available 24/7 to assist you with ransomware recovery in over 20 languages.

In emergency cases, we can start with the ransomware data recovery immediately. Since our support team is operating 24/7, we can reduce your downtime to a minimum through our streamlined and focused process.

Load More