All Activity

This stream auto-updates     

  1. Today
  2. Thank you mr.. Hope It's not long..
  3. scan_190525-055127.txtFRST.txtAddition.txt
  4. I don't see any leftovers from the STOP/Djvu ransomware, however I do some some files related to pirated software that I highly recommend getting rid of.
  5. I've forwarded your ID and MAC addresses to the creator of STOPDecrypter so that he can archive them in case he is able to figure out your decryption key at some point in the future. I've forwarded your ID and MAC addresses to the creator of STOPDecrypter so that he can archive them in case he is able to figure out your decryption key at some point in the future.
  6. Hopefully it won't be much longer before he's able to find the offline ID and key for this variant of STOP/Djvu.
  7. Yesterday
  8. I've forwarded your ID and MAC addresses to the creator of STOPDecrypter so that he can archive them in case he is able to figure out your decryption key at some point in the future.
  9. You may have already seen this, but Demonslay335 on the BleepingComputer forums said that this is JSWorm 2.0, and that our decrypter for it has been updated: https://www.bleepingcomputer.com/forums/t/698141/jsworm-ransomware-jsworm-jurasik;-jsworm-decrypttxt-support/#entry4792780 You can find the decrypter here: https://www.emsisoft.com/decrypter/jsworm-20
  10. A lot of the things I saw in the log were missing when the fix was run. There are two likely explanations. Either another tool removed them before the fix was run, or there are infections on the system that keep changing their file names and load points in order to make removal more difficult. For now, run a Malware Scan with Emsisoft Emergency Kit (EEK) and quarantine anything it finds (do not click "Delete"), and be sure to save the report (you can view it after the scan and then save it from there) when it's done and attach it to a reply. You can download it at the following link: https://www.emsisoft.com/en/home/emergencykit/download/ After running the scan with EEK, please run another scan with FRST and post the new logs in a reply so that I can make sure that everything was taken care of. Note that if EEK wants to restart your computer after scanning that you should do so before running FRST again.
  11. The dump needs to be saved when the crash happens. If it needs to be caught automatically, then this is the easiest way: https://help.emsisoft.com/en/1772/how-do-i-configure-automatic-crash-dumps-in-case-of-application-failures/
  12. Hello, We are unable to provide assistance with compromised Web Sites. Contact your hosting provider and update your CMS and plugins.
  13. MY FRST REPORT: ATTACHED AS A FILE BELOW. Addition.txt FRST.txt Search.txt
  14. [!] No keys were found for the following IDs: [*] ID: bwVJLrUFtzutHXui1MCvtQw7baY8jcfIt3avTOVz (.radman ) Please archive these IDs and the following MAC addresses in case of future decryption: [*] MACs: 82:C5:F2:71:83:C3, 80:C5:F2:71:83:C3, 80:C5:F2:71:83:C2 This info has also been logged to STOPDecrypter-log.txt
  15. 123test (copy).html 123test (copy).html
  16. Thanks GT500. I followed your advice. [!] No keys were found for the following IDs: [*] ID: bwVJLrUFtzutHXui1MCvtQw7baY8jcfIt3avTOVz (.radman ) Please archive these IDs and the following MAC addresses in case of future decryption: [*] MACs: 82:C5:F2:71:83:C3, 80:C5:F2:71:83:C3, 80:C5:F2:71:83:C2 This info has also been logged to STOPDecrypter-log.txt
  17. Do you mean a pre-emptive dump, when I dump a perfectly working Firefox on the off-chance that something in its dump will show a potential problem, or do you mean doing something (to Windows?) to make sure that next time this happens a full dump is taken? As I said before I'm unaware of these crashes when they happen & there's no dump, that I'm aware of. Even if I monitor the arrival of 'pending' dump submission info in the relevant FF folder, I'm quite likely going to have no idea of even which tab in FF was the problem.
  18. affected by radman virus plz help ---------------------------------------- STOPDecrypter v2.1.0.6 OS Microsoft Windows NT 6.1.7601 Service Pack 1, .NET Framework Version 4.0.30319.42000 ---------------------------------------- ID: 3yJSDu5l4JvViyu408oZ0z2JDewnlpR6dttPgZt1 (.radman ) Unidentified ID: 3yJSDu5l4JvViyu408oZ0z2JDewnlpR6dttPgZt1 (.radman ) MACs: 00:27:0E:07:D1:B4
  19. thank you mr I'm waiting for the results, I really hope for help from the masters here, hopefully the offline ID and quick key are found
  20. haloo my another pc already infectedby kiratos ransomware  here is details ---------------------------------------- STOPDecrypter v2.1.0.2 OS Microsoft Windows NT 6.2.9200.0, .NET Framework Version 4.0.30319.42000 ---------------------------------------- No key for ID:tIedRopeskclmUIXU93bMjDlLFYBHv14rLhk0Ul1 (.kiratos ) Unidentified ID: tIedRopeskclmUIXU93bMjDlLFYBHv14rLhk0Ul1 (.kiratos ) MACs: 18:31:BF:6B:D4:B5 Decrypted 1 files, skipped 9 Your personal ID: 072Asdju732sdfAdhtIedRopeskclmUIXU93bMjDlLFYBHv14rLhk0Ul1  thank you boss..
  21. it is the same computer ID and MAC address
  22. int80 Attach to your new post an original ransom note JURASIK-DECRYPT or upload to the service www.sendspace.com and give us a download link. Or do it there. https://www.bleepingcomputer.com/forums/t/698141/jurasik-changed-my-files/
  23. my system is showing files with the extension .JURASIK all files changed. ransom note in JURASIK-DECRYPT is it possible recovery?
  1. Load more activity
  • Newsletter

    Want to keep up to date with all our latest news and information?

    Sign Up