Please reference this case SHA1: 6abec186640c377647e070bc5107a8d036e454fd
Please reference this case SHA1: ff9d0d6ce614bc1b86c6eecb5f4bf4379596a5b4
Please reference this case SHA1: 2f8df89d656c4e95e123ada90422161d0cf96674
I had two emails from FedEx Smartpost from two different people, one saying they were attempting to deliver an item and the other saying it could not be delivered. Each had different files attached for a shipping label I was told to print. When I tried to print it, Avast blocked it and wouldn't open it. Shortly after that, I had the following notepad message pop up on my computer screen:
All your documents, photos, databases and other important personal files
were encrypted using strong RSA-1024 algorithm with a unique key.
To restore your files you have to pay 0.54104 BTC (bitcoins).
Please follow this manual:
1. Create Bitcoin wallet here:
https://blockchain.info/wallet/new]https://blockchain.info/wallet/new2. Buy 0.54104 BTC with cash, using search here:
https://localbitcoins.com/buy_bitcoins]https://localbitcoins.com/buy_bitcoins3. Send 0.54104 BTC to this Bitcoin address:
4. Open one of the following links in your browser to download decryptor:
http://viktoriaschool.ru/counter/?a=1NdqsKX9fSjv6opbBHmWvRZ5Xueeag3DfM5. Run decryptor to restore your files.
- If you do not pay in 3 days YOU LOOSE ALL YOUR FILES.
- Nobody can help you except us.
- It`s useless to reinstall Windows, update antivirus software, etc.
- Your files can be decrypted only after you make payment.
- You can find this manual on your desktop (DECRYPT.txt).
The message was not exactly like the others I saw on here. When I uploaded them to see what kind of ransomware it is, it could not be identified. Is there any hope for getting around it? I know very little about computers, just enough to make a mess of things. My backups have not been executing properly. I just bought a new external hard drive to copy everything over to but ... of course, this happened first. I do have other external hard drives attached to my PC that my files are stored on. I also use Carbonite for backing up my files. Will they be affected by the ransomware too?
Thank you for any help you can offer.
Edited by Al1000, 19 September 2016 - 02:24 AM.