I need help with a ransomware. A few days ago I downloaded something and my PC got infected with a ransomware. The ransomware encryped all my files and renamed them with a .gangbang file extension (for example:- Jeiu8+KLzM.gangbang).
Over 100,000 of my files got encrypted. I remember seeing something related to 7zip in the "Processes" tab in the task manager even though I don't have 7zip installed. I believe that's how the ransomware encrypted my files. It had also effected my regsvr32.exe file in "System 32" folder but I removed it from Windows Recovery Options and a new clean file was created instead. The infected regsvr32.exe file pointed to aa dll file "UnNetwork.dll" file during startup so I deleted that file too and removed the startup entry from Msconfig.
There were a lot of other files called "Read me please.exe" which I deleted (I think I can recover them if needed) near to the encrypted files. When I opened these files, it showed me a message saying that my media files had been infected and that I need to make a payment for the decrypter.
I'm willing to do anything, send any files, logs, anything, etc but please help me recover my files. I am a game, software and movie collector so it hurt me a lot when I lost everything. Please help.
Edited by AmalM, 01 January 2017 - 05:25 AM.