More information is needed to determine specifically what infection you are dealing with since there are many variants of crypto malware (file encrypting ransomware).
Are there any obvious file extensions appended
to or with your encrypted data files? If so, what is the extension and is it the same for each encrypted file or is it different?
Did you find any ransom notes
and if so, what is the actual name of the note?
Did the cyber-criminals provide an email address
to send payment to? If so, what is the email address?
Did you submit (upload) any samples of encrypted files, ransom notes and any contact email addresses or hyperlinks provided by the cyber-criminals to ID Ransomware
for assistance with identification
? Uploading both
encrypted files and ransom notes together provides a more positive match and helps to avoid false detections.