BennTech 0 Report post Posted December 28, 2016 I have a client who got infected with the Al-Namrood 2.0 ransomware just before the Christmas holidays. It had the whole break to encrypt everything on the network, including ALL BACKUPS, which were on a NAS also visible on the network. At this point, my client basically has complete data loss and is looking at the company going under. Thus, my client is considering paying the criminals, knowing full well that they would be contributing to this criminal enterprise, and also knowing that the chances are slim that paying will recover the data. However, those odds are better than doing nothing, because nothing results in guaranteed business failure. Thus, depending on the avenue pursued, the questions are: Has anyone ever paid and actually gotten their data decrypted? Is anyone working on breaking the Al-Namrood 2.0 ransomware? How likely is a fix? And how soon would said fix likely be complete? Days? Weeks? Months? Per forum directions, attached are the requested files. I could not find the Al-Namrood 2.0 program on the server, but the program obviously had admin access to the server based on the affected files. Addition_28-12-2016 14.14.51.txt FRST_28-12-2016 14.14.52.txt scan_161228-141432.txt Share this post Link to post Share on other sites
Kevin Zoll 309 Report post Posted December 29, 2016 Unfortunately, Al-Namrood 2.0 encrypted files cannot be decrypted without paying the ransom, and then there is a good probability that they will leave your client with encrypted files after paying the ransom. Share this post Link to post Share on other sites
Kevin Zoll 309 Report post Posted January 3, 2017 Thread Closed Reason: Lack of Response PM either Kevin, Elise, or Arthur to have this thread reopened. All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE if you don't we are just going to send you back to this thread. Share this post Link to post Share on other sites
