All Activity

This stream auto-updates     

  1. Today
  2. if i move my encrypted data to new hard drive and formate my whole laptop and instal new window in it then also i can decrrypt my data
  3. sir pls help me, my pc all fia.txt.fordanles fordan extension and encrypted pls solve my problem
  4. I don't know the source of the infection MR, By the why the contents quarantina has ben delete by the avast boots scan. Here I'm attach the log from EEK, i don't know whether this can help. sory my bad english...
  5. [!] No keys were found for the following IDs: [*] ID: 3yJSDu5l4JvViyu408oZ0z2JDewnlpR6dttPgZt1 (.radman ) Please archive these IDs and the following MAC addresses in case of future decryption: [*] MACs: 10:78:D2:31:55:87 This info has also been logged to STOPDecrypter-log.txt
  6. Most components of Emsisoft Anti-Malware don't run in Safe Mode, however if the systems boots and our disk filter driver isn't running then it will BSoD on startup. I haven't heard any other reports of issues since this update was released. It's possible that there's a third factor on the system beyond just Emsisoft Anti-Malware and the Windows Update in question. Let's try getting a log from FRST, and see if it shows anything relevant. You can find instructions for downloading and running FRST at the following link: https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: When FRST checks the Windows Firewall settings, Emsisoft Anti-Malware's Behavior Blocker will quarantine it automatically. This can be avoided by clicking "Wait, I think this is safe" in the notification that is displayed while FRST is scanning.
  7. Would you happen to know where the infection came from? If you can send us a copy of the source for the infection, we can take a look at it. If we can get our hands on this variant of the ransomware and forward it to the guy who makes STOPDecrypter, then he'd be able to take a look at it as well. If I'm right about your ID being an offline ID, then your files would be decryptable.
  8. Hello, I am been using Emsisoft Anti Malware for a number of years............ No major hiccups........till this problem. I am referring to Windows 7 Update: KB4493472 https://support.microsoft.com/en-my/help/4493472/windows-7-update-kb4493472 https://www.ghacks.net/2019/04/11/oh-look-another-broken-windows-update-kb4493472-and-kb4493446-causing-issues/ Has anyone experiencing isssue with this update? My problem is after doing this update, my PC will have blue screen, which normally indicates Hardware driver issues, I spent days and nights, trying to find the root cause, but no avail, till I uninstalled Emsisoft Anti Malware. Once Emsisoft Anti Malware was not in the system, reboot and install the KB4493472, Windows 7 will work as per normal. Except booting up in Windows 7 desktop was rather slow. POST -> Windows 7 logo-> Blank screen(black, can only see the mouse cursor only, 2-3 minutes wait) ->Windows 7 desktop loads up. If EAM is not removed, and I applied the updates while EAM still installed, this will happen after you have to restart PC (when updates finish updating): POST=>Windows 7 logo=> Blue screen appears for few seconds => system reboot and the process will recycle endlessly. Press F8 to go into Safe Mode is fruitless......... POST=> Safe Mode for a few seconds => System will auto reboot Appreciated if someone can advise a solution. Thank you. Kind regards, Marcus
  9. As Amigo-A said, that is more than likely a variant of the STOP ransomware. ID Ransomware can confirm that, and can let you know if STOPDecrypter can recover your files. Here's a link to ID Ransomware: https://id-ransomware.malwarehunterteam.com/ If STOPDecrypter can't recover your files, then note that it can still be used to get information that may be able to help the creator of STOPDecrypter figure out your decryption key. Here's a link to instructions on how to get this information with STOPDecrypter: https://kb.gt500.org/stopdecrypter Also, while most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers they infect that will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums): https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: If anything that appears suspicious is found in your logs, then your post will be split into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it.
  10. We'll need the ID from one of the ransom notes as well. They should have a name like _readme (or something similar to this).
  11. While most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers they infect that will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums): https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: If anything that appears suspicious is found in your logs, then your post will be split into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it.
  12. The screen name he uses here is Demonslay335, and he'll more than likely contact you directly if he's able to figure out your decryption key.
  13. Nothing at the moment. The creator of STOPDecrypter is hard at work trying to help people get keys to decrypt their files. We just need to give him enough time to work out solutions for everyone.
  14. We don't have an ETA on this. Hopefully it'll be soon, however it's not possible for us to know for certain yet.
  15. That log shows that it is safe to use Emsiclean to remove Emsisoft Anti-Malware. Please run Emsiclean again, making sure to select everything in the list, and then click the button to remove selected items. Please be sure to allow your computer to be restarted after doing this. Note that since Emsisoft Anti-Malware could not be uninstalled normally before running Emsiclean, that it may not be able to completely remove everything on the first attempt. After your computer restarts, be sure to run Emsiclean again and if it finds anything that wasn't removed then allow it to remove them and restart your computer again. Do this as many times as necessary, until Emsiclean reports that no traces have been found. After your computer has restarted, you may download and reinstall Emsisoft Anti-Malware from the link below: https://www.emsisoft.com/en/software/antimalware/download/
  16. Yesterday
  17. Surya dinata When using the tool Emsisoft Emergency Kit, detected threats can be quarantined or deleted. Emsisoft recommends quarantining threats. In this case, the threat will not be active and will not cause harm, but will be useful for recovery, if it is a false detection, or for research, as in your case. But if you chose to delete, the files were safely deleted without the possibility of recovery.
  18. I have use Emsisoft Emergency Kit program, and has removed detected malware. Now I want to restore my files are decrypted by this bufas. Please.... help me Mr...
  19. Many victims managed to find and download malicious files for Demonslay335. This is possible even in spite of the fact that the STOP Ransomware does a wipe of its files. You can carefully and safely collect malware files from temporary directories and (only do not run anything!) and put into a common archive with a password. Probably, experts Emsisoft could make instructions for manual collection or expand the functionality of the Emsisoft Emergency Kit program for collecting such files in hot pursuit from temporary directories, to put them in a special archive, and not in Quarantine. Something like Temp Files Collector..
  20. After checking the PC (or only folders with encrypted files), you can use the free tool to decrypt files - STOPDecrypter (link) This process should be approached with caution. Read the attached text file. Due to the nature of encryption, only files that are encrypted with offline keys can be decrypted. We recommend that you make a test decryption of a small number of encrypted files and make copies of them in advance. --- If STOPDecrypter can't recover your files, then note that it can still be used to get information that may be able to help the creator of STOPDecrypter figure out your decryption key. Here's a link to instructions on how to get this information with STOPDecrypter:https://kb.gt500.org/stopdecrypter Received information you need insert into your new message. I hope that you still get lucky return your files.
  21. Hello, Hirudineaxxx Hello, cesar_dotmap We are pity this happened. I can say that probably STOP Ransomware encrypted your files. Extension .ferosas and .dotmap is his new variants. Special service ID Ransomware can confirm this fact, and can let you know if STOPDecrypter can recover your files. --- Before you decrypt the files, you need to make sure that there is neither this infection nor any other infection on the PC. We have seen cases when those who suffered from previous versions STOP Ransomware successfully decrypted files, but then they were attacked by the same encryptor, which encrypted files with a different extension, and used an encryption key that cannot be calculated. In punishment for haste and complacency, the user lost his files a second time and, possibly, forever. As experience shows, very often after encryption on a PC, this or another infection remains, which you could get together with the encryptor. Malicious programs often work in groups: trojans of a different type, password hijackers, backdoors, dormant malware, dangerous browser plugins. Therefore, I advise you to check your PC for active and dormant malware. This can be done here in the forum in the next section. You can also download the free tool Emsisoft Emergency Kit yourself and check the computer.
  22. Hello there my files are encrypted with kiratos ! Connection Name Network Adapter Physical Address Transport Name =============== =============== =================== ========================================================== Local Area Conn Qualcomm Athero 08-62-66-4F-FD-08 \Device\Tcpip_{E3E745AA-927B-4A3E-9C2A-99C2650A7272} Local Area Conn Kaspersky Secur 00-FF-1F-FD-95-9F Media disconnected
  23. help new ransomware virus dotmap, decrypted files infected
  24. I think a ransomware infected my files which is encrypted and I think the name of this ransomware is Ferosas, I've researched through the net thoroughly but hard luck of finding a decrypter for this new ransomware. If anyone has experienced the same way I did and recovered all your encrypted files, please do so offer some strategies or some help. I really need my files back though.
  1. Load more activity
  • Who's Online   0 Members, 0 Anonymous, 60 Guests (See full list)

    There are no registered users currently online

  • Newsletter

    Want to keep up to date with all our latest news and information?

    Sign Up