Closed JackRegan closed 5 years ago
Can you diff the two files and provide the results here?
Between 19th and todays file :
!!!instruction_rnsmw!!!.txt
!instructi0ns!.txt
!qh24_info!.rtf
*. robbinhood
*.+jabber-theone@safetyjabber.com
*.4k
*.666decrypt666
*.[bitcharity@protonmail.com].com
*.[blellockr@godzym.me].bkc
*.[costelloh@aol.com].phoenix
*.[crypt1style@aol.com].mers
*.[donovantudor@aol.com].bat
*.[enigma1crypt@aol.com].eth
*.[epta.mcold@gmail.com],
*.[id-xxxxxxxxx][remarkpaul77@cock.li].jsworm>ransom
*.[sssdkvnsdfitd]
*.[sssdkvnsdfitd]>ransom
*.[starcrypt@tutanota.com].omerta
*.[w_unblock24@qq.com].ws
*.[zoro4747@gmx.de].zoro
*.aa1
*.aes128ctr
*.berost
*.bkc
*.bmn63
*.bmn63!ransom
*.bufas
*.carcn
*.cheetah
*.codnat
*.codnat!ransom
*.codnat1
*.codnet
*.codnet1
*.condat
*.ddos
*.docm
*.docm!demonstration
*.docm!ransom
*.dotmap
*.drweb
*.dutan
*.enc_robbinhood
*.ezdz
*.fedasot
*.ferosas
*.forasom
*.fordan
*.fordan!ransom
*.fredd
*.ge010gic
*.ge0l0gic
*.ge0l0gic!
*.ge0l0gic_readme.txt
*.ggghjmngfd
*.grovat
*.guesswho!ransom
*.hceem
*.hceem!ransom
*.hofos
*.hrosas
*.hrosas!ransom
*.id-.[enigma1crypt@aol.com].eth.
*.id-92ddb5dc.[enigma1crypt@aol.com].eth.
*.id-[********].[donovantudor@aol.com].bat
*.id-xxxxxxx.[crypt1style@aol.com].mers>ransom
*.id-xxxxxxxx.[bitcharity@protonmail.com].com!ransom
*.id[xxxxxxxx-0001].[costelloh@aol.com].phoenix!ransom
*.igami!ransom
*.jack
*.jzphmsfs
*.ke3q
*.kes$
*.kiratos
*.lockhelp@qq.gate
*.major.ransom
*.mamba
*.mars
*.mers
*.mira
*.ms13
*.n7ys81w
*.navi
*.nhcr
*.non
*.non!ransom
*.onyc
*.oookjyhctvdf
*.open_readme.txt.ke3q
*.pig4444
*.pig4444!ransom
*.plut
*.prodecryptor
*.prodecryptor!ransom
*.qbix
*.qbtex
*.qh24
*.radman
*.recry1
*.refols
*.robinhood!ransom
*.roldat
*.sarut
*.sarut!ransom
*.todarius
*.todarius!ransom
*.vally
*.wal
*.xxxxx!ransom
*.yg
*.yum
*.zoro
*.ztsysjz
*.{killback@protonmail.com}kbk
*.{killback@protonmail.com}kbk!ransom
*[remarkpaul77@cock.li].jsworm
*decryptoroperator@qq.com
*ymayka-email@yahoo.com.cryptotes
.codnat
.codnat1
.eth
.jack
.nampohyu
.non
.plut
[+]
[lockhelp@qq.com].gate
_crypted_readme.html
decrypt-files.html
decryptyourdata@qq.com
howtobackfiles.txt
instructions with your files.txt
locked.*
not
note
note:
ransom
read_me.mars
readme-prodecryptor@gmail.com.txt
restore_hceem_data.txt
инструкция по расшифровке.txt
I'm going to start working through and see which is the issue. I assume no-one else is having import issues ..
it's this entry causing the error
note:
Which looks to be coming from a file merge process in the script. So not a source problem.
Appologies
@JackRegan No problem - I just wanted to make sure we weren't actually sending bad data out. Thanks for clarifying!
Looks like something changed in the download file 20/21 May.
Have started to get 0x80070057, The parameter is incorrect. on the Set-FsrmFileGroup command.
I keep all the historical files. The file from 19th May works with no errors.
Data still inputs so looks like something odd in the txt download.
Anyone else got this? ..