MohammadALotfy 0 Report post Posted July 3, 2019 Hi All, On the 5th of June, my PC had been infected with ransomware. Files where decrypted and renamed with [[email protected]].bkc. I have tried various websites and decryptors but with no use. Can any one help? Quote Share this post Link to post Share on other sites
stapp 148 Report post Posted July 3, 2019 It is recommended to upload a copy of the ransom note along with an encrypted file to ID Ransomware so that it can be verified which ransomware you are dealing with:https://id-ransomware.malwarehunterteam.com/ You can paste a link to the results into a reply. 1 Quote Share this post Link to post Share on other sites
Amigo-A 123 Report post Posted July 3, 2019 @MohammadALotfy In addition, you can attach the same files to your message. We will check by service and independently. Sometimes checking by ID Ransomware leads to several results, because the criminals are trying to deceive him, or points to a completely different version of the same extortionist, which is not decrypted. Quote renamed with [[email protected]].bkc In this case, most likely, there will be such a result, which will point to NonRansomware, which decryptable. Download Image But the first and second variant with the .bkc extension are not decrypted with this same decrypter. In fact: The .bkc extension adds to the files Blitzkrieg Ransomware. This is the first and correct name, which he received when publishing information in the Digest "Crypto-Ransomware" and twittted in the Twitter. After the variant appeared with the .non extension. In really NonRansomware does not exist, this name was coined to the decoder, attracted from the bottom to the head. --- I checked the NonDecrypter again. Decrypter for .non extension cannot decrypt encrypted files which have an .bkc extension 1 Quote Share this post Link to post Share on other sites
MohammadALotfy 0 Report post Posted July 4, 2019 23 hours ago, stapp said: It is recommended to upload a copy of the ransom note along with an encrypted file to ID Ransomware so that it can be verified which ransomware you are dealing with:https://id-ransomware.malwarehunterteam.com/ You can paste a link to the results into a reply. I already did but it cannot identify its type Quote Share this post Link to post Share on other sites
Amigo-A 123 Report post Posted July 4, 2019 4 hours ago, MohammadALotfy said: I already did but it cannot identify its type Ok. Attach a note and an encrypted file to the message, I'll upload it myself and write the developer about it. We hope that can be decrypt the bkc-files, but it does not depend on us. Decryption is a severe process. Quote Share this post Link to post Share on other sites
