Hello Alex and welcome to Bleeping Computer.
There are several different variants of CryptXXX Ransomware with different file extensions appended to the end of encrypted filenames.
Any files that are encrypted with earlier versions of CryptXXX Ransomware will have the .crypt extension appended to the end of the encrypted data filename. CryptXXX 2.x encrypted files are 260 bytes larger than the original files.
Any files that are encrypted with CryptXXX 3.x will have the .cryp1, .crypz or a random 5 hexadecimal character extension (i.e. .ACoD4, .DA3D1, .73E61, .EF538) appended to the end of the encrypted data filename as explained here. The Microsoft Decryptor variant of CryptXXX 3.x does not append an obvious extension to the end of encrypted filenames.
Any files that are encrypted with CryptXXX 4.x/5.x will have a <32 hexadecimal characters>(MD5 Hash).<random 5 hexadecimal characters> pattern (i.e. 0412C29576C708CF0155E8DE242169B1.6B3FE) appended to the end of the encrypted data filename.
The original CryptXXX will leave files (ransom notes) named de_crypt_readme.txt, de_crypt_readme.html, de_crypt_readme.bmp, de_crypt_readme.png. CryptXXX 2.x/3.x variants will leave unique Personal ID files using random 12 hexadecimal characters named ![victim_id].html, ![victim_id].txt, [victim_id].html, [victim_id].txt, [victim_id].bmp, @[victim_id].txt, @[victim_id].bmp, @[victim_id].html (i.e. S45CC72F3463.txt, !4AD604B8AE89.txt), !Recovery_[victim_id].html, !Recovery_[victim_id].txt, !Recovery_[victim_id].bmp (i.e. !Recovery_4582C8FAEB15.txt). Newer versions of CryptXXX will have generic ransom notes named !README.HTML, !README.BMP, README.HTML, README.TXT...see Post #1115)
Kaspersky Lab released a free decryptor tool for victims of CryptXXX v1, v2 and v3 (.crypt, .cryp1, crypz files)
Trend Micro released a Ransomware File Decryptor for victims of CryptXXX v1/v2/v3/v4/v5 but advises files encrypted by CryptXXX V3 cannot be fully recovered to 100% (partial recovery)...read the section titled "Important Note about Decrypting CryptXXX V3".
Kaspersky and Trend Micro's tools cannot decrypt CryptXXX 4.x/5.x which uses a random <32 hexadecimal characters>.<5 hexadecimal characters> pattern (i.e. 0412C29576C708CF0155E8DE242169B1.6B3FE).
There is an ongoing discussion in this topic where you can post comments, ask questions and seek further assistance. Other victims have been directed there to share information, experiences and suggestions.
Rather than have everyone with individual topics, it would be best (and more manageable for staff) if you posted any more questions, comments or requests for assistance in the above support topic discussion...it includes experiences by experts, a variety of IT consultants, end users and company reps who have been affected by ransomware infections. To avoid unnecessary confusion, this topic is closed.
The BC Staff