A local business contacted me as their software had stopped working. It turned out they had a ransomware infection (.SLC and the occasional .LOL! extension). Either CryptFile2 or Zeta. None of the Kaspersky tools work. 90GB of data encrypted and no backup.
Around half of the files were recovered to an external drive, using Shadow Explorer. Recuva Pro recovered a handful more.
Their most important files are still encrypted.
So, with no other option, I e-mailed the address given in the .TXT files littered about the folders. They asked for 10 bitcoins - a rather large sum by anyone's standards. I said I could afford only £800 GBP, (1.42 bitcoins at the time of the transfer). This was agreed and the ransom paid.
A few hours have passed and I've just had this message:
We just have received the answer from the Main Server.We are really sorry but You need to add a 4 bitcoins.It`s the best deal for You. We tried to help You.Excuse us again please.Best regards!
The business and I are at a loss for what to do at this point. Not having the data is not an option.
Does anyone have a recommendation for what we should do?
Edited by Simon75, 25 October 2016 - 01:01 PM.