Emsisoft Decryptor for Yashma helps decrypt the Yashma ransomware infecting victims under the name "AstraLocker 2.0."

This strain is based on the Chaos ransomware builder, using a combination of AES-128 and RSA-2048 for file encryption. The extension .AstraLocker, or a random 4-character alphanumeric extension, is appended to hostage files.

An example of a ransom note is shown below:



Be sure to quarantine the malware with your preferred antimalware app from your system first, or it may repeatedly lock your system or encrypt files.

By default, Emsisoft Decryptor for Yashma will pre-populate the locations to decrypt with the currently connected drives and network drives. Additional locations can be added via the Add button.

Decrypters typically offer various options depending on the particular malware family. The available options are located in the Options tab and can be enabled or disabled. After adding all the locations, you want to decrypt to the list, click the "Decrypt" button to start the decryption process. The screen will switch to a status view, informing you about your files' current process and decryption status.

Emsisoft Decryptor for Yashma is configured to inform you that the decryption process has been completed. If you require a report for your records, you can save it by clicking the Save Log button. You also have the option to copy it straight to your clipboard for use in emails, forum posts, etc., if needed.

Similar:
Which Anti-Malware App Is Best and Can It Run Alongside My Antivirus
What's the Best Antivirus and Is Windows Defender Good Enough?
Windows Device Performance & Health Explained
How to Tell the Difference Between a Virus and a False Positive
How to Manage Windows Defender Antivirus Found Threats
What to Do When Your Norton or McAfee Antivirus Expire

  Download