All Activity

This stream auto-updates     

  1. Past hour
  2. My apologies for jumping aboard, but this happened to me too 2019-06-19 on both my computers. Later Firefox updates went OK, but today (2019-07-22) it happened again, when updating FF from 68 to 68.0.1 This time I had debug logging activated. Events were as follows: Turned on debug logging EAM updated itself (hadn't used the computer for several days) Restarted 13:03 Started Firefox but did nothing with it (home page is a local html file) 13:08 Got the update offer pop-up. Clicked “Download Update” 13:10 Restarted Firefox: it does the actual update on restarting Got the EAM BB warning . The ”Will quarantine in xx seconds” text seemed to stay at “in 6 seconds” Clicked “Wait, I think this is safe” and Firefox started 13:11 Closed Firefox and turned off EAM debugging 13:13 Restarted the computer. Computer is an old HP EliteBook 8440p running under Windows 7 Pro, 32-bit Debug logs sent as described above, referring to this post.
  3. Today
  4. hi , my pc was effected with darus virus i cleaned the pc but i cant able to open the files guys please help me in this can i get my data restored
  5. https://www.virustotal.com/gui/file/4b007073586ededba08b535b724703e0ac59806fae66bbfdb5a098e4d8cc5d29/detection https://www.hybrid-analysis.com/sample/4b007073586ededba08b535b724703e0ac59806fae66bbfdb5a098e4d8cc5d29
  6. This is the result of the STOP Ransomware attack. I have been tracking the malicious work of this program since December 2017. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. You need to attach a ransom note _readme.txt to the message, or farther act by himself. @Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files. A positive result and a lucky chance are not always possible. The .madek extension is added to encrypted files. If this is a variant has not been added to the decryptor two days ago, but in some cases offline-keys may coincide. Download STOP Decrypter now >>> I recommend to you start decrypt with a small group of files, but first you need to make copies of these files. If STOPDecrypter won't be able to recover your files yet, it can still be used to get information that may be able to help the creator of STOPDecrypter figure out your decryption key. Here's a link to instructions on how to get this information with STOPDecrypter: https://kb.gt500.org/stopdecrypter
  7. This is the result of the STOP Ransomware attack. I have been tracking the malicious work of this program since December 2017. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. You need to attach a ransom note _readme.txt to the message, or farther act by himself. @Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files. A positive result and a lucky chance are not always possible. The .berosuce extension is added to encrypted files. If this is a variant has not been added to the decryptor two days ago, but in some cases offline-keys may coincide. Download STOP Decrypter now >>> I recommend to you start decrypt with a small group of files, but first you need to make copies of these files. If STOPDecrypter won't be able to recover your files yet, it can still be used to get information that may be able to help the creator of STOPDecrypter figure out your decryption key. Here's a link to instructions on how to get this information with STOPDecrypter: https://kb.gt500.org/stopdecrypter
  8. This is reported by extortionists in the reply letter. Addresses are in the note. It will be expensive.
  9. What would be the cost for the decryptor?
  10. No free decryptor for Dharma. Only extortioners have a paid decryptor.
  11. Sorry, my bad. I may have pretended the name from the extension. So what's the possible solution of this issue?
  12. Hello @Ethel You did not answer about the name. Why did you decide that this is called the Planetarium Ransomware? The format of the encrypted file and a ransom note indicates that this is a variant of Dharma Ransomware. This extension appeared in the Dharma arsenal in May 2019 with another email. I have no doubt in this case. But for the doubters, we can always use the service "ID Ransomware" and check the files. Result >>
  13. Hello, Here's the sample 2 encrypted files and the original ransom note. Kindly take a look and let me know you feedback. Regards Ethel customer support survey.xlsx.id-0A9A33E1.[[email protected]].PLUT written test question-customer support executive.doc.id-0A9A33E1.[[email protected]].PLUT RETURN FILES.txt
  14. Yesterday
  15. Hi my compter was attacked with .madek. Does anyone has a solution?
  16. Attach a ransom note _readme.txt to your message. Do not change anything. This should be the original.
  17. Attach a ransom note _readme.txt to your message. Do not change anything. This should be the original.
  18. please help me as sone as possible
  19. Hello @Dheeraj This is the result of the STOP Ransomware attack. I have been tracking the malicious work of this program since December 2017. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. You need to attach a ransom note _readme.txt to the message, or farther act by himself. @Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files. A positive result and a lucky chance are not always possible. The .gusau extension is added to encrypted files. If this is a variant has not been added to the decryptor two days ago, but in some cases offline-keys may coincide. Download STOP Decrypter now >>> I recommend to you start decrypt with a small group of files, but first you need to make copies of these files. If STOPDecrypter won't be able to recover your files yet, it can still be used to get information that may be able to help the creator of STOPDecrypter figure out your decryption key. Here's a link to instructions on how to get this information with STOPDecrypter: https://kb.gt500.org/stopdecrypter
  20. Hello @Dheeraj This is the result of the STOP Ransomware attack. I have been tracking the malicious work of this program since December 2017. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. You need to attach a ransom note _readme.txt to the message, or farther act by himself. @Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files. A positive result and a lucky chance are not always possible. The .gusau extension is added to encrypted files. If this is a variant has not been added to the decryptor two days ago, but in some cases offline-keys may coincide. Download STOP Decrypter now >>> I recommend to you start decrypt with a small group of files, but first you need to make copies of these files. If STOPDecrypter won't be able to recover your files yet, it can still be used to get information that may be able to help the creator of STOPDecrypter figure out your decryption key. Here's a link to instructions on how to get this information with STOPDecrypter: https://kb.gt500.org/stopdecrypter
  21. Hello, Today my PC infected with ransomware and the file got encrypted with extension .gusua. Please help me with files how do i access my files.Please help... Thank you.
  22. GUSAU Ransomware decoder **malware link removed this website is heaving it
  23. Hello @Marilie This is the result of the STOP Ransomware attack. I have been tracking the malicious work of this program since December 2017. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. I do not see here a ransom note _readme.txt with your ID here that I can say something. You need to attach a ransom note _readme.txt to the message, or farther act by himself. @Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files. A positive result and a lucky chance are not always possible. Download STOP Decrypter now >>> I recommend to you start decrypt with a small group of files, but first you need to make copies of these files. If STOPDecrypter won't be able to recover your files yet, it can still be used to get information that may be able to help the creator of STOPDecrypter figure out your decryption key. Here's a link to instructions on how to get this information with STOPDecrypter: https://kb.gt500.org/stopdecrypter
  24. Was, wenn mir das EmsiDiagTool keine Datei auf dem Desktop anlegt? 2x durchlaufen lassen, keine Datei auf dem Desktop angelegt. Was, wenn es im Installationsverezichnis keine logs.db3 gibt?
  25. This is the result of the STOP Ransomware attack. I have been tracking the malicious work of this program since December 2017. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. I do not see here a ransom note _readme.txt with your ID here that I can say something. You need to attach a ransom note to the message, or farther act by himself. @Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files. A positive result and a lucky chance are not always possible. Download STOP Decrypter again >>> I recommend to you start decrypt with a small group of files, but first you need to make copies of these files. If STOPDecrypter won't be able to recover your files yet, it can still be used to get information that may be able to help the creator of STOPDecrypter figure out your decryption key. Here's a link to instructions on how to get this information with STOPDecrypter: https://kb.gt500.org/stopdecrypter
  26. More precisely: .No_More_Ransom I almost certainly know what ransomware of file encrypted your files, but not all of its variants can be decrypted. Upload a ransom note and/or sample encrypted file to identify the ransomware that has encrypted your data and get an info about the available decryption or its absence. https://id-ransomware.malwarehunterteam.com/
  1. Load more activity
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up