Decrypt .crypted Files Encrypted by Nemucod Ransomware - How to, Technology and PC Security Forum | SensorsTechForum.com
THREAT REMOVAL

Decrypt .crypted Files Encrypted by Nemucod Ransomware

NEMUCOD-RANSOMWARE-MAIN-DECRYPT-SENSORSTECHFORUMRansomware virus known as Nemucod was reported during April to infect multiple machines and stop defensive processes of Windows and security software on them to remain active on the infected computer. The virus also encrypts files with a very strong encryption algorithm demanding 200$ from users affected by it.

Fortunately, a free decrypter has been released and in this article, we aim to show you how to work with it to decode your files.

Nemucod Ransomware – More Information

When it was released, Nemucod was reported to take advantage of several methods to infect users. One of the methods reported was spammed e-mails containing attachments or malicious URLs. Another method of distributing this malware may be via social media spammed messages which include files or malicious links as well.

Nemucod was often confused with the legitimate program, dubbed Nemucod. This virus also uses remote locations to which it connects, allowing it to be controlled from there.

The program also may create multiple files in the %AppData% folder along with its main executable that conducts the encryption process.

It has been reported to possibly attack the following types of files and encipher them, making them no longer openable by any type of software:

→ docm, .docx, .dotm, .dotx, .gzip, .html, .index, .java, .jfif, .jpeg, .json, .litcofee, .pages, .php3, .php4, .php5, .7zip, .aspx, .bash, .bookmarks, .class, .config, .csproj, .phps, .phpt, .phtml, .potm, .potx, .ppam, .ppsm, .ppsx, .pptm, .pptx, .prproj, .psm1, .resx, .scpt, .shtml, .sitx, .sldm, .sldx, .splus, .sqlite, .sqlite3, .swift, .tar.gz, .thmx, .tiff, .vcxproj, .xcodeproj, .xhtm, .xhtml, .xlsx, .zipx Source: Infected users

Nemucod Removal Instructions

Fortunately for us, Nemucod is easily decryptable. The only prerequisite for this is to have Nemucod removed from your computer. To do this, follow our removal instructions below:

Avatar

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Follow Me:
Twitter

1 Comment

  1. AvatarAntonio Ramos Arroyo

    Problemas con ramsonware .crypted
    Por mas que he intentado descifrar no hay manera, siempre me dice que los archivos son diferentes, he probado con mas de 20 archivos y estoy desesperado, necesito abrir una base de datos unicamente, el resto del disco duro me da igual

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...