Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

decrypt_mblblock.exe


  • Please log in to reply
4 replies to this topic

#1 jschoef

jschoef

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:17 PM

Posted 19 June 2013 - 06:56 AM

Hello,
I was infected and removed the infection easily enough but I cannot decrypt the files...the latest version of the tool does not seem to work for me.  I uploaded a file to this site already but I am not sure if you will see it.  Please help :)

Edited by Elise, 19 June 2013 - 07:02 AM.
As no logs have been posted, this topic has been moved to the Am I Infected forum.


BC AdBot (Login to Remove)

 


#2 Fabian Wosar

Fabian Wosar

    Authorized Emsisoft Representative


  • Security Developer
  • 744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:17 AM

Posted 19 June 2013 - 07:07 AM

Hi jschoef,

 

The file you uploaded was encrypted by a newer version of the malware. Unfortunately the author changed either the encryption key or the algorithm, so the current decrypter no longer works. Do you happen to have a copy of the malware you removed still in quarantine? Once I get the actual malware I can take a look what was changed and update the decrypter accordingly if possible.


Best regards,

Fabian Wosar [Development]
Emsisoft Team - www.emsisoft.com

#3 jschoef

jschoef
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:17 PM

Posted 19 June 2013 - 07:42 AM

Sorry, I do not have those files.



#4 Fabian Wosar

Fabian Wosar

    Authorized Emsisoft Representative


  • Security Developer
  • 744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:17 AM

Posted 19 June 2013 - 07:55 AM

Maybe you still have the log files of the tools you used to clean up the infection? They may give precious hints that help me with finding the exact malware variant you got infected with (detection names, locations etc.).


Best regards,

Fabian Wosar [Development]
Emsisoft Team - www.emsisoft.com

#5 jschoef

jschoef
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:17 PM

Posted 19 June 2013 - 09:28 AM

I don't have them handy...I will try to get them soon.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users