I sent to Dr Web some files located iin hiden folders n c:\Programdata who named numbres and letters, and trere is a exe (svchots.exe).
This is the link https://support.drweb.com/process/?ticket=WW8Q-99BQ
they said me is not posible to decrypt thr files.
Do you know another method?
I think about a zip or rar password extractor, I try whith spme of these, but dont recognize the format.
I find in the web that this virus is like a the virus called "anti porn child spam", of 2013.
I think that somebody found a solutions in this time...
I´m waiting for your reply.