All Activity

This stream auto-updates     

  1. Past hour
  2. thank you mr I'm waiting for the results, I really hope for help from the masters here, hopefully the offline ID and quick key are found
  3. haloo my another pc already infectedby kiratos ransomware  here is details ---------------------------------------- STOPDecrypter v2.1.0.2 OS Microsoft Windows NT 6.2.9200.0, .NET Framework Version 4.0.30319.42000 ---------------------------------------- No key for ID:tIedRopeskclmUIXU93bMjDlLFYBHv14rLhk0Ul1 (.kiratos ) Unidentified ID: tIedRopeskclmUIXU93bMjDlLFYBHv14rLhk0Ul1 (.kiratos ) MACs: 18:31:BF:6B:D4:B5 Decrypted 1 files, skipped 9 Your personal ID: 072Asdju732sdfAdhtIedRopeskclmUIXU93bMjDlLFYBHv14rLhk0Ul1  thank you boss..
  4. it is the same computer ID and MAC address
  5. Today
  6. int80 Attach to your new post an original ransom note or upload to the service www.sendspace.com and give us a download link. Or do it there. https://www.bleepingcomputer.com/forums/t/698141/jurasik-changed-my-files/
  7. my system is showing files with the extension .JURASIK all files changed. ransom note in JURASIK-DECRYPT is it possible recovery?
  8. Please download the following fixlist.txt file and save it to the Desktop: https://www.gt500.org/emsisoft/fixlist/anky/2019-05May-23/fixlist.txt NOTE: It's important that both files, the FRST download from earlier and the fixlist file, are in the same location or the fix will not work. If you need to, please copy the files from your Downloads folder to your desktop. Run the FRST download from earlier, and press the Fix button just once and wait. If for some reason the tool needs to restart your computer, please make sure you let the computer restart normally. After that let the tool complete anything it still needs to do. When finished FRST will generate a log on the Desktop (Fixlog). Please attach it to a reply.
  9. Yesterday
  10. OK, I've forwarded your information to the creator of STOPDecrypter, and he will archive it in case he is able to figure out your key at some point in the future.
  11. It looks like there's no active infection. I've forwarded what I can think might be helpful from your logs to the creator of STOPDecrypter so that he can try to figure out where the ransomware came from and hopefully get the offline ID and key from it.
  12. It looks like you had already posted the ID's and MAC addresses. Is this from another computer, or the same one?
  13. That's an online ID, so we'll need the MAC addresses from the infected computer as well. You can use STOPDecrypter to get that information. Here's a link to instructions: https://kb.gt500.org/stopdecrypter Also note that while most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers they infect that will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums): https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: If anything that appears suspicious is found in your logs, then your post will be moved into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it.
  14. That's an online ID, so we'll need the MAC addresses from the infected computer as well. You can use STOPDecrypter to get that information. Here's a link to instructions: https://kb.gt500.org/stopdecrypter Also note that while most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers they infect that will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums): https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: If anything that appears suspicious is found in your logs, then your post will be moved into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it.
  15. Let's try getting a diagnostic log. The instructions and download are available at the following link: https://help.emsisoft.com/en/1735/how-do-i-use-the-emsisoft-diagnostic-tool/
  16. I would believe that Windows 7 x64 is still the second most common Operating System, so if there was an issue then we'd almost certainly know about it. We also test new releases on Windows 7 x64, since it is still so common, so if there was an issue specifically with the update then we should have found out by now. Regardless, we'd need the memory dump from the BSoD to be able to tell what happened. Can you find the following file on your computer? C:\Windows\MEMORY.DMP
  17. Thread Closed Reason: Lack of Response PM either Kevin, Elise, or Arthur to have this thread reopened. The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on a system, other than the one they were written for, could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist. All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE if you don't we are just going to send you back to this thread
  18. It's probably a function that exists only in the Firefox source code, although I'm not sure where that source code would be stored that Google wouldn't be able to index it (unless it's restricted in their robots.txt). As for the crash itself, the only way that we can determine what's going on is with a dump of the crashing process. Granted since it's a browser there could be some sensitive data in the dump, so it's up to you whether you want to send it or not.
  19. Vielen Dank! ...hat problemlos geklappt! Wie ich sehe ist das jetzt ein Abonnement! Kluge Entscheidung! Dann habe ich die Action nicht jedes Jahr! Viele Grüße olynt
  20. Anky I see several malicious files here. Do not do anything yet. Wait for a response from a support service specialist.
  21. Hung Hello. This is also the result of the STOP Ransomware attack. See my posts above and post GT500 - in the same order. This also applies to your case. On the advice of the support service, a new recommendation was made for the case, like yours. This is here. It's best to check and make sure that no malware components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums): https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: If anything that appears suspicious is found in your logs, then your post will be moved into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it. Let us know about the results.
  22. It's been over a day that my subscription of EAM has been unable to receive updates and is stuck on 'Initializing'. One customer support agent has been in contact with me through email but none of his solutions have worked yet. He suggested that my ISP is blocking the Emsisoft CDN (content delivery network) through which updates are delivered and indeed, I was able to receive updates when I connected my computer to cellular data. I have spent a chunk of time today manually updating the software with the help of a VPN but this cannot continue since it is time consuming and nearly impossible because the software used to receive hourly updates without any user intervention. The last mail from the customer support agent was over 12 hours ago after which I have received no correspondence. I need help to resolve this issue ASAP.
  23. Hi GT500, I have Zone Alarm Free firewall + Emsisoft Anti Malware installed on my PC for a long long time(at least more than 3 years), both were running fine after every windows 7 updates. Except this time........... Zone Alarm Free Firewall version: 15.3.060.17669 is installed on my Windows 7 Pro PC. I have no idea, why Zone Alarm Free Firewall bundled up with Check Point SandBlast Agent. During the installation of ZA free firewall.........the installer did not show it will install SandBlast Agent. But this Sandblast Agent is confirmed installed and I don't know why nor what its function. I guess mostly of forum users have already migrated to Windows 10, and no one has experienced such conflicting hardware/software issue to be noticed in the community. Currently, my windows 7 Pro PC does not have EAM installed (previously it was uninstalled) and ZA free was running fine, while I went ahead and installed windows update.
  24. after installing FRST, again 1 setup file is instaling showing in shutdown process,i looks like previous malware attack.
  25. after this software instal my web broweser opening automatically again n agin and new tab in tab browser FRST.txt Addition.txt
  1. Load more activity
  • Newsletter

    Want to keep up to date with all our latest news and information?

    Sign Up