« Last post by Execute on September 10, 2018, 05:40:24 pm »
My server also was encrypted and all files got encrypted. They now have '.combo' extension (Filename.ppsx.id-********.[[email protected]].combo). After long search, I found out, that there is no decryptor for it.
With no other choice I wrote to email, and since data on server was important, decided to pay. We dealed on 0.8 btc, and I paid on my own risk.
Guys have send me the decryptor right after transaction approved, and they've seen it.
If your data is important I advice you to pay. Do not use other decryptors - they've destroyed my test files
I don't know who you are but you could be from the cybercriminals trying to get people to pay. Advising others to pay the ransom is questionable to say the least. There is a new ransomware that is encrypting servers and asking 0.8 Bitcoin as a ransom payment in the moment, which is called "Forbidden Rasd". It might be the same cryptovirus or something based on it. For the time being there is no decryptor, but one might be made in the future. I am sad if you were indeed a victim and felt that you had no other choice but to pay the ransom sum.
I hope that less people encounter such trouble, just from knowing about it and how to prevent infection.