Emsisoft Decrypter for GetCrypt is designed for releasing files encrypted by the GetCrypt ransomware, so you do not have to pay the ransom.
GetCrypt is a strain of ransomware spread by the RIG exploit kit; it encrypts a victim's files using Salsa20 and RSA-4096. It appends a random 4-character extension to files that is unique to the targeted victim.
The ransom note is titled # DECRYPT MY FILES #.txt and features the following text.
You will need to remove the malware from your system first; otherwise, it will repeatedly lock your system or encrypt files. By default, Emsisoft Decrypter for GetCrypt will pre-populate the locations to decrypt with the currently connected drives and network drives. Additional locations can be added via the Add button.
Decrypters typically offer various options depending on the particular malware family. The available options are located in the Options tab and can be enabled or disabled there. After you have added all the locations you want to decrypt to the list, click the â€œDecryptâ€ button to start the decryption process. The screen will switch to a status view, informing you about the current process and decryption status of your files.
Emsisoft Decrypter for GetCrypt will inform you that the decryption process is complete. If you require a report for your records, you can save it by clicking the Save log button. You also have the option to copy it straight to your clipboard for use in emails, forum posts, etc., if needed.