Once Again, Thank you Fabian for releasing the decrypter .777
Both my servers are up and running and fully functional.....
I just have an issue with another server also that got Ransom-ware, on the same day 16.05.2016. this one adds an .xtbl extention, I have tried the Kaspersky removal tools for this one but it doesn't work. so I don't know of it is a different variant of ransom-ware, can you kindly assist in a decrypter for that one, I have the .exe file and decrypted and encrypted files ransom note and ransom jpeg file also.
all 3 my servers I think was compromised by RDP. as there was no other mail systems on these servers and no other Computers on these networks were compromised.
Please let me know if you need those files please, and if you can assist.
Keep up the good work!