One of our Customers was attacked at 2. December. It seemed to be via an RDP Port and used an old Account we had not used for years.
Allmost all files were encryped ( he hit 7 Servers), shadow copys deleted, the backup was deleted manually, we were able to restore many files from the last Server, where the process was not fully completed, and the shadow copy were still there.
But we have still files that are not accessible. The Decryptor from Emsisoft for nmoriea doesn´t work - we tried different files (txt, doc, pdf) with no result.
Will there be a new Version of the decryptor? Thanks for any help :-)