Hit by ransomware?

We're here to fix that.

Use our free ransomware decryption tools to unlock your files without paying the ransom

Please note that these free tools are provided as-is and without warranty of any kind. The tools may only work with specific ransomware versions, and may not work with versions that were released after a tool was created. Technical support for the tools is available only to customers using a paid Emsisoft product.

[Mar, 22, 2016] - Version:

Nemucod decryptor

Nemucod is a JavaScript downloader malware that used to be used by TeslaCrypt for distributing TeslaCrypt binaries. Recent Nemucod versions dropped the TeslaCrypt payload in favour of its own ransomware implementation. The Nemucod ransomware encrypts the first 2048 bytes of a file using a 255 bytes XOR key. 

To use the decrypter you will require an encrypted file of at least 4096 bytes in size as well as its unencrypted version. To start the decrypter select both the encrypted and unencrypted file and drag and drop them onto the decrypter executable.