.DOCM Ransomware [Solved][Closed]

[fekri600]

hello everyone, All my files are encrypted as .DOCM ... thanks for helping me to decrypt and recover my files. attached a sample of the encrypted file, original file, and the readme file message. zip password 159753

[Guest #37]

Hi, In terms of recovering/decrypting the files, this type of virus usually encrypts the files with very high bit keys, and in very rare cases a decryptor can be created, usually due to failure or careless programming of the malware. But in the vast majority it is not possible, at least at the moment. You can check if the ransomware that attacked you currently has the possibility to be decrypted here: https://id-ransomware.malwarehunterteam.com/index.php?lang=en You can find information that can help you here: https://www.nomoreransom.org/en/index.html Also try the utilities offered by Kaspersky: http://support.kaspersky.com/viruses/utility If you are a Kaspersky user with a valid license, open a support ticket in my Kaspersky account, send them a sample of an encrypted file, and if you have the same file unencrypted. Regards

[Flood and Flood's wife]

Hello fekri600, Welcome! If you're using Kaspersky software with a valid license, open a support ticket in your MyKaspersky account, send them a sample of an encrypted file, make sure you mark the .zip "CONTAMINATED RANSOMEWARE", also send the same unencrypted file if you have available.

1. https://www.enigmasoftware.com/docmransomware-removal/ may help.

1. DCOM is not listed: https://id-ransomware.malwarehunterteam.com/index.php?lang=en

1. You may find generic "help" information here: https://www.nomoreransom.org/en/index.html

1. Kaspersky offers utilities (not for .DCOM): http://support.kaspersky.com/viruses/utility

1. STOPDecrypter decryption tool does not offer support for .DCOM

Alternatively, if you have a system image and backups that precede the contamination, restore your system & files. Regards!