WNDKK

Workstations are running macOS and the purpose of the server was running a Windows only program needed to be accessed by all employees via intern RDP. By company regulations, users aren't allowed to check emails or browse the web while connected to the server, but that probably is what happened anyhow.

ESET was indeed installed and running. It was ESET File Security 6.0.12035.1

I have encrypted files with the ending [amagnus00@gmx.org].wallet, is this a new version of the Dharma encrypter? Neither the Eset decrypter nor the RakhniDecrypter helped.Attached is a .lnk file from the infected computer.Is there something I can do?Thank you. [amagnus00@gmx.com].wallet.zip