I tried the ransom ID, and downloaded a bunch of decryptors with no luck.
Here's what I Know:
1. Files are renamed LOCKED_237.filelock (i.e. LOCKED_**.filelock)
2. Windows IDs it as "Filelock file"
3. It creates a folder on the desktop for Tor browser
4. It creates another folder on the desktop called "Unlock files"
5. The file called "README UNLOCK" says this:
**Note I put (space) in between parts of the link to the ransomware
"Your Files have been encrypted and Locked. The only way to decrypt and unlock the files is to purchase the unlock code.
Running antivirus software might remove the locker but your files will still be encrypted/locked. If the locker was removed you can download it. You will need to download it through the tor browser(You can download the tor browser bundle online if you dont have it).
Download: http:// (space) yiy4ksveqrax675y. (space) onion (space) /files/bb5a1884a135358498def983e289e197 (spaces) .zip
You may have to disable your antivirus software before you download from the link above because antivirus may interfere with the locker(or even remove it) which is needed to decrypt and get the original files back."
Thanks for any help in advance