Jump to content

.rme ransomware decryption tools


Recommended Posts

Hi, @Sam_Mason    :welcome:

Sorry to read this.  Please know that Malwarebytes has no decrypter.

Please look on your Documents folder & or Desktop for some file with named like "Readme"   and attach a copy.

Tell me, did this pc have installed before this happened, the Premium Malwarebytes for Windows ?

Link to post
Share on other sites

Note:  Some of the "ransom note" files can have names similar to

  • README.txt
  • HOW TO DECRYPT YOUR DATA.txt
  • Readme to restore your files.txt
  • Decryption instructions.txt
  • FILES ENCRYPTED.txt
  • Files encrypted!!.txt

 

Look for similar names on Desktop & under Documents

On first thoughts, this here seems to be a new variant of Cysis / Dharma ransomware

Link to post
Share on other sites

Please be sure to read this technical article on Malwabytes Blog about "ransom.crysis"
https://blog.malwarebytes.com/detections/ransom-crysis/

As noted before, we cannot recover any of your encrypted files.  We have no magical tool.  Malwarebytes has no decrypter.
You could recover your damaged files from a offline backup ( that you had made from before this ransomware incident). Offline backup is your friend.
Do you have a old offline backup of your machine?

Is Malwarebytes for Windows installed on this machine ?

Please download, install, update and do a Threat Scan with Malwarebytes and post back the log

Link to post
Share on other sites

  • 2 weeks later...

Hello.  I hope you are doing well.

Nomoreransomware has good general information about ransomware
https://www.nomoreransom.org/en/index.html
That site also has a CryptoSherrif section where you can upload one of your files for analysis to ID the ransomware family
https://www.nomoreransom.org/crypto-sheriff.php

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.