|Hi All. I've had the exact same attack! |
I've tried to rename and open the files but I can't open them – the files are really encrypted. I managed to stop the process of encryption, using Task Manager to stop a suspicious process, so "only" about half my files are encrypted. The attack started 9:49PM yesterday and I noticed and stopped the process 10:38PM. The process deletes the original files and replaces them with encrypted files.
I use XP, SP 3. - Suspect that XP is a reason for the attack (old system). I suppose that a system restore don't help since the virus-program has changed my files - system restore only restores the system as I recall.
They've added a key that they want me to send to an email address (firstname.lastname@example.org), plus money to a bank account, claiming that they will then send a decryption key and instructions. - I'm off course not going to do that, I just thought it might help with a little info on the attack.
If someone can help it’s much appreciated, but I guess the only thing is to reinstall everything on the computer.