Hi All, thanks for your time
My dad got infected by ransomware virus today.
He got an email from AGL (one of the electricity retailers here in Australia)
despite the number of obvious signs it's fake, his lack of computer knowledge and cyber security and I think he's eagerness to get to the bottom of this "strange" overly expensive "bill" got the better of him.
He clicked on the link inside the email
and downloaded something (this part i'm not 100% sure on, only going by what he said.) he tried to open it but it won't open so he tried even harder.
Then all of his files got owned.... now all files end in .enc
and all folders have the ransom txt file note as well as the html.
By hovering over the link it's obvious it's bull@$&*^
here is the txt file ransom note that's left in each folder where files got owned.
here is the html version
my dad's friend installed Kaspersky Total Security and said he removed the virus
1. is there a way to decode the files and get all files back?
2. is the virus really gone?
3. is his computer safe? no key loggers? he can use online banking? does this randsomware only do ransom? or does more?
Any times to tutorials on how to recover the files would be greatly appriciated.