All Activity

This stream auto-updates     

  1. Past hour
  2. We need your ID as well. Did STOPDecrypter not list one?
  3. Today
  4. My computer was hacked with ransomware this year 2019. I had the same thing. Docm. My files look like a white paper. My story is long but I'll keep it short. I had people saying don't pay and people saying pay. I took my chance and paid I was not sure what would happen but they sent me the decryptor. I got my files back but some programs aren't running correctly. So I'll have to reinstall Windows. Don't know if the decryptor will work Universally on the Docm ransomware. The good thing is that I have my files. The bad part is that I'm out of $$$$$$. Also I had to pay them in bitcoin. That was crazy because I never had a bitcoin account before. I'm just glad the hacker was honorable and it turned out ok for me. And I was able to talk them down on the price a little. Any questions just post. On my way to work have a great day.
  5. Frank H

    NEW Beta 9250

    Hi stapp, As soon as windows informs EAM that it is inappropriate to show notifications. Full screen apps or fullscreen youtube movies are one of the triggers. No, as you probably are used to the darkmode. UI changes have no relation with dark or bright mode, as the difference between these two are colors only. although i heard some rumors that we added a new white RAL color: StappWhite
  6. Frank H

    NEW Beta 9250

    Hi Martin, Accessibility is supported and tested for NVDA on Windows10 only.
  7. Hi my whole computer files also encrypted with .DOCM and along with Restore-My-Files created. I have requested them to decrypted one file and they done and sent me and attached here. (untitled-1.png, untitled-1.png.DOCM) Please help me! Please help me! Untitled-1.png.DOCM
  8. so that should solve the Ryuk Encrypted Files ? it's look like 12 language Ⓗ Hybrid analysis >> Ⓗ Hybrid dropper file analysis >> 𝚺 VirusTotal analysis >> VT >> VT >> VT >> VT >> 𝚺 Virus Total analysis of the dropper file >> 🐞 I ntezer analysis >> Ⓥ VirusBay sample >> ⴵ VMRay analysis >> VMR >> VMR >> ᕒ ANY.RUN analysis >> 👽 AlienVault analysis >> 🔃 CAPE Sandbox analysis >> ⨇ MalShare analysis >> ⟲ JOE Sandbox Analysis >> so if there is any tool to Encrypted Files
  9. Description Ryuk and Ryuk 2.0 Ransomware >>
  10. Hi Frank, what programs are used for accessibility testing (Jaws, NVDA)? Thank you.
  11. stapp

    NEW Beta 9250

    Is it connected to this?
  12. I also just got the update. Trying dark mode, bright didn't s eem brighter to me. Win 7 Pro x64 here Pete
  13. stapp

    NEW Beta 9250

    Win 10 1903 When exactly is Auto-Silent mode triggered? On my machine just now it was enabled/disable by me going into full screen (and then trying to get it back again!!!) I usually use Dark Mode but as you said some UI changes had been made, and I couldn't see any in dark mode I switched to Bright. I almost fell off my chair..that is really bright, have you changed that bit?
  14. We’ve just released Emsisoft Anti-Malware 2019.6.0.9520 beta. You will have to enable beta updates to get this version. Improved user interface for visually impaired users. Improved support for third-party remote management. Stability improvements in Commandline Scanner. Several minor tweaks and fixes.
  15. I get what you say but that's not what I meant. I mean will it be possible to get a online decrypter?
  16. I was also hit however I DO have a few files that I have an encrypted copy and a safe copy if this helps anyone. ALSO, I wanted to see if they would actually do what they say and decrypt a file. They did, but will ot negotiate their $800 to $1600 price in any way. We need to stay on this and pool resources. We cant let these feckless pricks win! Contact ANYONE you know that is in a Hacking/Cracking group and ask for help, or contact anyone who has a handle on encryption/decryption. I will gladly donate files and time/money to beat these turds!!! Feel free to contact me at '''email address removed to avoid spamming''' if yo have ideas.
  17. It is recommended to upload a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with: https://id-ransomware.malwarehunterteam.com/ You can paste a link to the results into a reply.
  18. all my files is locked or crypted with .RYk Abdel Moneim (Diaa)10002.jpg.RYK
  19. hai 

      my file attacked ransomware virus,

    please help me to decrypt my file

    extension is .neras

    Request.docx.neras

    1. Show previous comments  4 more
    2. klima89
    3. GEORGEDANI

      GEORGEDANI

      hai   that site is lot of decrypt soft can u help me which one for .nears decrypt software

       

    4. klima89

      klima89

      sorry but i dont know much about ransom talk to some forum specialist, I'm sure they'll help you. I don't have that kind of knowledge.

  20. Hello, I'm just after cleaning a system that's infected with backdoors. I don't see anything suspicious but I'll be calmer if a specialist takes a look at it. Addition.txtFRST.txtscan_190626-062141.txt
  21. [+] Loaded 46 offline keys Please archive the following info in case of future decryption: [*] MACs: A8:1E:84:45:52:CE, E4:42:A6:82:45:E3, E4:42:A6:82:45:E2, E4:42:A6:82:45:E6 This info has also been logged to STOPDecrypter-log.txt
  22. Not the way you're thinking of. I don't know if it will help, but here's an analogy that might explain what Demonslay335 is trying to tell you. Let's say you have a safe with something important in it, and you forget the combination, so you put the first safe inside another safe and lock it up. Will that help you recover the combination for the first safe, even if you remember the combination for the second safe? Likewise, if you run the malware again, it isn't going to decrypt your files just to encrypt them using the offline key. The malware has no clue how to do that. All it's going to do is apply a second layer of encryption (just like a putting a safe inside another safe). It doesn't matter whether or not you can decrypt that second layer of encryption, because that first layer of encryption will still be there. Right now there's nothing you can do to recover your files. Give us time, and we'll do what we can to help you. If you panic and try random "solutions" to recover your files, you'll either waste your time, or make things worse for yourself. There's also the possibility that you may do something that makes decrypting your files impossible later on.
  23. There's no way to know when a decrypter will be available for GlobeImposter 2.0. It will more than likely require security software companies working in conjunction with law enforcement to gain access to the command and control servers operated by the criminals so that they can liberate the database of private keys, which can take time. As for how much time, that depends on how difficult it is to gain access to the servers operated by the criminals.
  24. Yesterday
  25. This is the result of the STOP Ransomware attack. I have been tracking the malicious work of this program since December 2017. The malware variant of STOP ransomware, which has been encrypted files and added the .truke extension to them, was active in November-December 2018.Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. @Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files. A positive result and a lucky chance are not always possible. Download STOP Decrypter >>> First try to decrypt a small group of files, only make copies of them before this. If STOPDecrypter won't be able to recover your files yet, it can still be used to get information that may be able to help the creator of STOPDecrypter figure out your decryption key. Here's a link to instructions on how to get this information with STOPDecrypter: https://kb.gt500.org/stopdecrypter --- A important message about the need to check the PC so that the malware does not encryption new files or not recoded the encrypted files. --- While most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers, which infect and will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check PC and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forum😞 https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/
  26. After such an operation, some files (PDF among them) may open if partial encryption was done there. If you compare the original files with them, then you can find the differences. But among the many variants Ransomware we have seen cases: - when files could partially open after such an operation; - when files were not encrypted at all; - when files were damaged due to encryption error.
  1. Load more activity
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up