When it is done it will display a ransom note called HOW TO DECRYPT FILES.txt that provides instructions on how to pay and retrieve your decryption password. These instructions by default will be for the victim to send a SMS text message with a special ID to a associated number.
Thankfully, Fabian Wosar of Emsisoft has been able to devise a way to decrypt files encrypted by this family:
You will need an encrypted file as well as its unencrypted version. Just select both the encrypted and original version and drag and drop it onto the decrypter executable. The key finding process may take a while, so please be patient. If you run into any issues, please feel free to post.
As a general rule I don't accept any donations for my work. If you feel thankful and want to throw some money at something, I suggest investing into a proper backup solution. Personally I am using CrashPlan. However, there are a lot of different solutions out there. Pick one that you feel comfortable with. If you are unsure, I am sure the helpful users in this amazing community will love to help you out picking one that fits your needs and requirements. If you want to spend even more money, I am sure the polar bears would appreciate your help. I know one polar bear in particular that would be very thankful.
Edited by xXToffeeXx, 19 May 2016 - 03:36 PM.
Added decrypter info~
Edited by quietman7, 18 September 2016 - 06:23 PM.
Added Xorist in topic title