Jump to content

Sarah W

Emsisoft Employee
  • Content Count

    226
  • Joined

  • Last visited

  • Days Won

    10

Posts posted by Sarah W

  1. Hi len4bfs,

    Unfortunately, crypt0l0cker is not decryptable for free. Some users have had luck with paying Dr Web to assist them with file decryption. Here is the updated policy from Dr.Web (11/25/15): Free file decryption assistance only for PCs protected by Dr.Web at the moment of infection.

    Quote

    ... free decryption services are only available for owners of active Dr.Web commercial licenses, the only amendment now being that the license must have been purchased before, not after the infection has been caused by encryption ransomware. If you're not a licensed user for a Dr.Web product you will have to pay for their services.

    How to submit a request to Doctor Web's support service

    Submit a request

    Let us know if you have any success.

    A good backup procedure is very important and well worth the investment, especially make sure not to keep the backup attached to the system unless you are backing up (it is best to have two different backups). As a note, Emsisoft Anti-Malware would have prevented your system from being compromised and encrypted in the first place. So if you appreciate our support, why not do yourself and your files a favour and check our product out, and consider buying it.

    Regards,

    Sarah

  2. Hi Howard,

    Sorry, I forgot users could not download from this forum.

    • Click Start.
    • Choose All Programs -> Accessories -> Notepad.
    • Notepad opens.
    • Copy the context below and paste into Notepad:
    Zip: C:\WINDOWS\WinDebug_32.exe
    2017-06-23 06:34 - 2017-06-23 06:34 - 00023915 ____N C:\WINDOWS\WinDebug_32.exe
    IFEO\Magnify.exe: [Debugger] cmd.exe
    IFEO\sethc.exe: [Debugger] cmd.exe
    • Choose File -> Save from the menu bar (Ctrl + S).
    • The Save As dialog box appears.
    • Save your file to the downloads folder.
    • Name your document as fixlist.
    • In the Save as type drop-down box, be sure your document is saved as a text document.
    • Click Save.
    • Then continue with the FRST instructions above.

    Regards,

    Sarah

  3. Hi Howard,

    First of all, please download this security patch as currently your system is vulnerable to pretty much anyone accessing it. You still need to reboot after doing so. If possible, I would disconnect from the internet whilst doing so. Once done continue with the steps below:

    We need to run a fix with FRST:
    • Please download the attached fixlist.txt file and save it to the same location as FRST
      Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
      NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    • fixlist.txt
    • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
    • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
    • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

     

    You will also need to attach a zipped file with the format Date_Time.zip which FRST created on the desktop to your next reply.

    Regards,

    Sarah

  4. Hi COnsu1,

    Currently, Shade ransomware is not decryptable. You can either backup your files and wait for a solution, or pay the criminals (we do not recommend this) currently. 

    A good backup procedure is very important and well worth the investment, especially make sure not to keep the backup attached to the system unless you are backing up (it is best to have two different backups). As a note, Emsisoft Anti-Malware would have prevented your system from being compromised and encrypted in the first place. So if you appreciate our support, why not do yourself and your files a favour and check our product out, and consider buying it. We currently have an offer on with free backup software.

    Regards,

    Sarah

  5. Hi junaid12,

    Glad we could help :)

    A good backup procedure is very important and well worth the investment, especially make sure not to keep the backup attached to the system unless you are backing up (it is best to have two different backups). As a note, Emsisoft Anti-Malware would have prevented your system from being compromised and encrypted in the first place. So if you appreciate our support, why not do yourself and your files a favour and check our product out, and consider buying it.

    Regards,

    Sarah

  6. Hi gsalvador69,

    Currently, Jaff ransomware is not decryptable. You can either backup your files and wait for a solution, or pay the criminals (we do not recommend this) currently. 

    A good backup procedure is very important and well worth the investment, especially make sure not to keep the backup attached to the system unless you are backing up (it is best to have two different backups). As a note, Emsisoft Anti-Malware would have prevented your system from being compromised and encrypted in the first place. So if you appreciate our support, why not do yourself and your files a favour and check our product out, and consider buying it.

    Regards,

    Sarah

×
×
  • Create New...