Infected files FCDZ attached

Status
Not open for further replies.

HUDUMA CYBER

New Member
Thread author
Apr 4, 2021
2
hello, all my files read as FDCZ......HOW DO I RETRIEVE THEM? i have run malwarebytes and emsisoft emergency kit. but still it wont retrieve
 

Attachments

  • malware.png
    malware.png
    201 KB · Views: 14
  • Screenshot (5).png
    Screenshot (5).png
    130.9 KB · Views: 16
  • Like
Reactions: Nevi

struppigel

Moderator
Verified
Staff Member
Well-known
Apr 9, 2020
656
I am Karsten and will gladly help you with any malware-related problems.

Please familiarize yourself with the following ground rules before you start.
  • Read my instructions thoroughly, carry out each step in the given order.
  • Do not make any changes to your system, or run any tools other than those I provided. Do not delete, fix, uninstall, or install anything unless I tell you to.
  • If you are unsure about anything or if you encounter any problems, please stop and inform me about it.
  • Stick with me until I tell you that your computer is clean. Absence of symptoms does not mean that your computer is free of malware.
  • Back up important files before we start.
  • Note: On weekends I might be slow to reply
-------------------------------------------------------------------

The file extension .FDCZ has been used by STOP/DJVU ransomware. STOP/DJVU ransomware variants after August 2019 are only decryptable if an offline key was used. For variants with an online key you cannot decrypt but repair certain file types.

Please upload an encrypted file and a ransom note to id-ransomware to confirm that it is indeed STOP/DVJU ransomware. Tell me the result.
 
  • Like
Reactions: Nevi and upnorth

HUDUMA CYBER

New Member
Thread author
Apr 4, 2021
2
I am Karsten and will gladly help you with any malware-related problems.

Please familiarize yourself with the following ground rules before you start.
  • Read my instructions thoroughly, carry out each step in the given order.
  • Do not make any changes to your system, or run any tools other than those I provided. Do not delete, fix, uninstall, or install anything unless I tell you to.
  • If you are unsure about anything or if you encounter any problems, please stop and inform me about it.
  • Stick with me until I tell you that your computer is clean. Absence of symptoms does not mean that your computer is free of malware.
  • Back up important files before we start.
  • Note: On weekends I might be slow to reply
-------------------------------------------------------------------

The file extension .FDCZ has been used by STOP/DJVU ransomware. STOP/DJVU ransomware variants after August 2019 are only decryptable if an offline key was used. For variants with an online key you cannot decrypt but repair certain file types.

Please upload an encrypted file and a ransom note to id-ransomware to confirm that it is indeed STOP/DVJU ransomware. Tell me the result.
Well....before seeking for help i had run malware-byte and emsisoft anti-malware kit..... it may have removed the file but couldn't decrypt the encrypted files. i soughted to restore system image to previous date but didn't work. ...then i deleted files from documents and downloads but when i searched the whole system for any file named FDCZ.........seems windows files or rather programs have been affected also
so before i install new windows (if it will remove the virus)....do you have any alternatives?...will deleting every item with filed named FDCZ affect the system operations?
sorry your reply came in late.
***still gat some file named FCDZ but couldn't upload. its says 'the extension is not allowed' just screenshots. maybe they are already quarantined and couldn't appear in upload interface.
HOPE to get feedback sooner
 

Attachments

  • Screenshot (3).png
    Screenshot (3).png
    156.7 KB · Views: 9
  • Screenshot (4).png
    Screenshot (4).png
    194.8 KB · Views: 7
  • Screenshot (5).png
    Screenshot (5).png
    130.9 KB · Views: 5
  • Screenshot (6).png
    Screenshot (6).png
    149.9 KB · Views: 5
  • Screenshot (7).png
    Screenshot (7).png
    143.4 KB · Views: 4
  • Screenshot (8).png
    Screenshot (8).png
    161.9 KB · Views: 8
  • Like
Reactions: Nevi

struppigel

Moderator
Verified
Staff Member
Well-known
Apr 9, 2020
656
Hello HUDUMA CYBER,

I think we live in different time zones because your messaging time is for me in the middle of the night. It is not avoidable that replies are delayed for a some hours. Keep in mind that people who help here are volunteers, who are doing this in their free time.

Before I can tell you your recovery options, I need to see what kind of encryption was applied to your files. Chances that ransomware encrypted files can be decrypted are generally slim, though. If you have a backup of your files, reformatting the harddisk drive and reinstalling the OS is the safest option. The reason is that this kind of malware
1. may have damaged parts of your system to some degree.
2. is the last in the infection chain. Your system is likely infected with other malware as well.

Please do the following to ascertain the state of your system:

Farbar Recovery Scan Tool (FRST) Scan
  • Please download Farbar Recovery Scan Tool and save the file to your Desktop. (Note: choose the right version, 64 or 32 bit, for your operating system, only one will run)
  • Double-click FRST64.exe to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Attach both logs in your next reply.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top