Locked Ransomware S.O.S

Blackfoxer2017 · Aug 5, 2021

A few days ago, a friend of mine was infected with a ransomware threat with a file extension 0xxx

So Can Anyone Help Please , How Can we get our files again ?

amir_tariq · Aug 5, 2021

I think there is no way to recover files from 0xxx ransomware. Clean your HDD completely or it can attack again on your data as some threats reinstall themselves if you don't delete their core files.

Mr. Zsky · Aug 5, 2021

you may try these -
https://www.youtube.com/watch?v=ZddDO5V3dOg
https://pcsafetygeek.com/0xxx-file-virus-removal/
https://www.nomoreransom.org/en/decryption-tools.html

try searching more on google, if you were lucky enough you may get your files back..!!

MniawY · Aug 5, 2021

These files are very important as they belong to a commercial activity We talk about more than 13 GB of PDFs, Excel Sheets, etc
I Kindly Ask Sir @Cyler If he Can Help us Or point us to any tip we may be far from thinking about
Even if paid solutions, we want to know all the possible ways to recover these files
Also Are there any data recovery Method With Data Recovery Tools Can Help in such case !

ZeLimB · Aug 5, 2021

have you tried malwarebyte de malekal

SiteWizard · Aug 5, 2021

ok simple it is ransomware ...
1 beter solution = format that C:\\ drive
and install New OS ...
and then tell you'r Friend that he STOP to visit NON trusted websites ...

something else i will NOT type here hos to clean this ransomware you need to use google for that because it is to long on how to get rid from this thing ....

So i'm closing this one now see as solved completed ....

Mr. Spacely · Aug 5, 2021

SiteWizard said:
ok simple it is ransomware ...
1 beter solution = format that C:\\ drive
and install New OS ...
and then tell you'r Friend that he STOP to visit NON trusted websites ...

something else i will NOT type here hos to clean this ransomware you need to use google for that because it is to long on how to get rid from this thing ....

So i'm closing this one now see as solved completed ....

Why locked when posted just today? Wth?. Just leave it. What's the hurry?

Richard_dn · Aug 5, 2021

MniawY said:
These files are very important as they belong to a commercial activity We talk about more than 13 GB of PDFs, Excel Sheets, etc
I Kindly Ask Sir @Cyler If he Can Help us Or point us to any tip we may be far from thinking about
Even if paid solutions, we want to know all the possible ways to recover these files
Also Are there any data recovery Method With Data Recovery Tools Can Help in such case !

If files are important protect them, Multiple Weekly offline externals Backups are a Must!!! i'm sorry this happened to you but data loss is not a new thing.

kafika · Aug 5, 2021

You can get the files back, try shadow copies

SiteWizard · Aug 5, 2021

kafika said:
You can get the files back, try shadow copies

Copies Shadow will NOT work

because off this ransom

Well when they are here a few STAFF that Know ‎better‎ let them solve this thing then

Uncle Mac · Aug 5, 2021

There is never a hurry to close threads here. AT least let author respond and if after a week or so he doesnt then close.

Also dont come here with empty chit chat. HAVE real solutions or stay away.. Dont be monkeys. BE helpful.. THANKS

Cyler · Aug 6, 2021

Sorry for the late answer, real life has its ways of keeping us busy sometimes. I did a bit of research but there is no good answer. Sadly the 0xxx hasn't been decrypted yet and assuming the user had internet access during the infection, it's safe to say that the 0xxx got a unique encryption key that will make it impossible to decrypt with the current tools. Furthermore, the ransomware removes both volume shadow copies and system restore but it never hurts to double-check.

Talking with a friend that is working in Emsisoft there might be a new tool that will be released soon and can decrypt a lot of the new Djvu variants. For the time they will keep a low profile about it as they don't want the ransomware makers to get knowledge ahead of time and it's only been tested under strict NDAs.

So what you can do is
a. Keep a backup of those files in their encrypted form and hope for the best.
b. Format the PC and make sure you remove the source that the ransomware broke into your PC.
c. As always keep both offline and online backup of files. With the current prices of online storage, there is no excuse not to have important files backed up.

Wish I had better news for you.

Blackfoxer2017 · Aug 6, 2021

Thank you very much everyone for your help and kind participation
i want to inform you :
1-Partition C ( OS partition ) doesn't touched from ransomware and only 2 folder affected work folder that contains 13gb of excel files that and pic folder
2-We Will take backup from encrypted files With Acorns

Uncle Mac · Aug 6, 2021

Blackfoxer2017 said:
Thank you very much everyone for your help and kind participation
i want to inform you :
1-Partition C ( OS partition ) doesn't touched from ransomware and only 2 folder affected work folder that contains 13gb of excel files that and pic folder
2-We Will take backup from encrypted files With Acorns

So then this needs to go no further... Thanks for showing up.. Is it safe to say were finished here... Good Luck

agouraki · Aug 10, 2021

in my experience those companies get hit by ransomware throught their company e-mail,they renting domain name-email services by cheap companies that dont protect you enought or at all.

Locked Ransomware S.O.S

Blackfoxer2017

amir_tariq

Software Uploader

Mr. Zsky

MniawY

Former STAFF 🌟

ZeLimB

SiteWizard

Mr. Spacely

Richard_dn

kafika

SiteWizard

Uncle Mac

Cyler

Blackfoxer2017

Uncle Mac

agouraki