Jump to content
Posted 01 October 2016 - 09:52 PM
Posted 01 October 2016 - 09:56 PM
Posted 01 October 2016 - 09:59 PM
Posted 02 October 2016 - 01:52 AM
That looks like Nemucod. Upload a ransom note and encrypted file to ID Ransomware (link in my signature) to confirm. Nemucod is decryptable using Emsisoft's decrypter.
The reason they appear as ".lnk" files is you have "hide known extensions" on; I highly recommend turning that off.
Furthermore, you need to get off of Server 2003, it is extremely insecure and has not been supported by Microsoft for over a year. You are just asking for malware and breaches by leaving that system online.
If I have helped you and you wish to support my ransomware fighting, you may support me here.
Posted 02 October 2016 - 04:30 PM
0 members, 0 guests, 0 anonymous users