Tried to look for a sticky to know what I'd have to provide here to get most help but couldn't find any.
I've been hit with a ransomware called Damoclis gladius. According to ID Ransomware it's Cry36, but I can't find any information about it other than a separate thread with some guy who just formated his computer as a solution (found here: https://www.bleepingcomputer.com/forums/t/647326/new-ransomware-infected-both-work-and-my-computer-at-home/?hl=%2Bdamoclis). I have no idea where it came from, the computer worked like a charm last night. This evening when I sat down at my computer it had been logged out from Windows and once I logged in I got struck with a HOWTODECRYPTFILES.html in my browser. At first glance it seemed like only pictures and documents were affected. After a reboot more was encryptet, such as exe files and random file types used for certain programs.
Ugh, CryptoSearch found 36258 encrypted folders...
How can I check what malware caused the infection?
Malwarebytes found the following after a scan I did post encryption, which I put in quarantine:
I understand there is no decryption for Cry36. My question is if I could just backup the files I want to save for future decryption, and if that's all I have to do? Will a fresh installation of Windows be suffice to get rid of the ransomware? I have files encrypted on other drives as well.
There's so much information here, technical too, and I find it a bit overwhelming.
Thanks in advance for the help.