We were hit with Ransomware. We think it happened sometime over the weekend, but we didn't notice anything wrong until 10/23 (Monday). We were not running anti virus at the time of the infection. The computer that was hit is our server running MS Server 2007 R2 ( I believe this is what it is running but I don't want to turn it on to confirm.
All of the folders on the server contain a file named - _HELP_INSTRUCTION - Notepad and they have the following :
All your files are already encrypted due to a vulnerability in the system!
For decoding it is necessary to pay ransom by bitcoins. Bitcoins can be bought here - localbitcoins.com in many ways. Write to us at mail firstname.lastname@example.org and tell us your unique ID in the subject line. DECRYPT-ID-be9abbeb-d90e-436a-85d1-7dfc3ac9d3b1 number
We would really like to get our files decrypted, if possible.
Any help is greatly appreciated.
Thanks in advance,