Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
In short, my father-in-law's PC was infected, and despite attempts last year, he was unable to recover the files - i'd specifically told him not to pay the ransom, and as such the PC was wiped, but not before we copied his data from it. I have these files, and that's all.
They dont seem to have the extensions changes, (as reported by various sites i have looked at), but clearly when you open one of the files, its encrypted by the looks of things. There are lots of README files in various formats including BMP, HTML and TXT. They all say the following:
You'll need to upload a ransom note and encrypted file to ID Ransomware in order to confirm what ransomware it was. From the wording in the note, I am suspecting it was CrypMic, which is not decryptable; ID Ransomware will be able to detect a certain hex pattern to confirm if it is indeed CrypMic.
There is an ongoing discussion in this topic where victims can post comments, ask questions and seek further assistance. Other victims have been directed there to share information, experiences and suggestions.
When or if a solution is found, that information will be provided in the above support topic and you will receive notification if subscribed to it. In addition, a news article most likely will be posted on the BleepingComputer front page.
Rather than have everyone with individual topics, it would be best (and more manageable for staff) if you posted any more questions, comments or requests for assistance in the above support topic discussion...it includes experiences by experts, a variety of IT consultants, end users and company reps who have been affected by ransomware infections. To avoid unnecessary confusion, this topic is closed.
Thanks The BC Staff
. . Windows Insider MVP 2017-2018 Microsoft MVP Reconnect 2016 Microsoft MVP Consumer Security 2007-2015 Member ofUNITE, Unified Network of Instructors and Trusted Eliminators
If I have been helpful & you'd like to consider a donation, click