ID Ransomware is not able to identify my encrypted files
"Please reference this case SHA1: 0c2fd8ed5906b57b3f60d20703758a1bcbe1aeca"
No tool was able to decypt. Only jpeg-preview is shown after decryption.
Th files are in my dropbox
It looks like you were hit by KEYHolder, which does not appear to have been decrypted from what I've seen. Some may have had luck using ShadowExplorer or Recuva, always worth a shot. Looks like a rather old one. I'll add detection for that one soon here (missed my spreadsheet somehow).
You can read more in this topic: http://www.bleepingcomputer.com/forums/t/559463/keyholder-ransomware-support-and-help-topic-how-decryptgifhow-decrypthtml
I read this before, but I only have the crypted files and folders. I was asked to help after the admin has formated all server harddisks.