All Activity

This stream auto-updates     

  1. Past hour
  2. I have done a scaning process with several antiviruses and I am sure it is free of malware. I have also run stopdecripter v2.1.0.5, but the results remain the same. [!] No keys were found for the following IDs:[*] ID: iE5qxqT7ffEzQqdUb0LtnCPwfn0YDkpVZumwVgt1 (.bufas )[*] ID: iE5qxqT7ffEzQqdUb0LtnCPwfn0YDkpVZumwVgt1 (.rar )[*] ID: iE5qxqT7ffEzQqdUb0LtnCPwfn0YDkpVZumwVgt1 (.exe )[*] ID: iE5qxqT7ffEzQqdUb0LtnCPwfn0YDkpVZumwVgt1 (.xlsx )[*] ID: iE5qxqT7ffEzQqdUb0LtnCPwfn0YDkpVZumwVgt1 (.docx )[*] ID: iE5qxqT7ffEzQqdUb0LtnCPwfn0YDkpVZumwVgt1 (.jpg )Please archive these IDs and the following MAC addresses in case of future decryption:[*] MACs: D0:50:99:4B:9B:84 please help me...
  3. Today
  4. After checking the PC and folders with encrypted files, you can use the free tool to decrypt files - STOPDecrypter (link) This process should be approached with caution. Read the attached text file. Due to the nature of encryption, only files that are encrypted with offline keys can be decrypted. We recommend that you make a test decryption of a small number of encrypted files and make copies of them in advance.
  5. If your files are encrypted and now have an .fordan extension, then this is the result of an attack from the STOP Ransomware. STOP Ransomware encrypts files of users in many countries due to the fact that they download and run hacked software (MS Windows, MS Office, other repacked or patched programs), from which someone removed the activation, making them free and dangerous at the same time due of this malicious code. Before you decrypt the files, you need to make sure that there is neither this infection nor any other infection on the PC. We have seen cases when those who suffered from previous versions STOP Ransomware successfully decrypted files, but then they were attacked by the same encryptor, which encrypted files with a different extension, and used an encryption key that cannot be calculated. In punishment for haste and complacency, the user lost his files a second time and, possibly, forever. As experience shows, very often after encryption on a PC, this or another infection remains, which you could get together with the encryptor.Malicious programs often work in groups: trojans of a different type, password hijackers, backdoors, dormant malware, dangerous browser plugins. If you need help checking your PC for malware, you can make a request in the next section.
  6. Did you read the text file that was in the archive with the STOPDecrypter? Did you open the links 'Support Topic' and 'FAQ'? At these links is all the necessary information. Your now need to copy the information from the STOPDecrypter window and paste it here or on the Support Topic. Then Demonslay335 - the developer STOP Decrypter will see your information.
  7. sir my pc infect fordan malware (ransomeware) please solve my problem
  8. I used stopdecrypted but it doent decrypt my files it showing error
  9. After checking the PC and folders with encrypted files, you can use the free tool to decrypt files - STOPDecrypter (link) This process should be approached with caution. Read the attached text file. Due to the nature of encryption, only files that are encrypted with offline keys can be decrypted. We recommend that you make a test decryption of a small number of encrypted files and make copies of them in advance.
  10. After checking the PC (or only folders with encrypted files), you can use the free tool to decrypt files - STOPDecrypter (link) This process should be approached with caution. Read the attached text file. Due to the nature of encryption, only files that are encrypted with offline keys can be decrypted. We recommend that you make a test decryption of a small number of encrypted files and make copies of them in advance.
  11. After checking the PC and folders with encrypted files, you can use the free tool to decrypt files - STOPDecrypter (link) This process should be approached with caution. Read the attached text file. Due to the nature of encryption, only files that are encrypted with offline keys can be decrypted. We recommend that you make a test decryption of a small number of encrypted files and make copies of them in advance.
  12. amroaref If your files are encrypted and now have an .berost extension, then this is the result of an attack from the STOP Ransomware. STOP Ransomware encrypts files of users in many countries due to the fact that they download and run hacked software (MS Windows, MS Office, other repacked or patched programs), from which someone removed the activation, making them free and dangerous at the same time due of this malicious code. Before you decrypt the files, you need to make sure that there is neither this infection nor any other infection on the PC. We have seen cases when those who suffered from previous versions STOP Ransomware successfully decrypted files, but then they were attacked by the same encryptor, which encrypted files with a different extension, and used an encryption key that cannot be calculated. In punishment for haste and complacency, the user lost his files a second time and, possibly, forever. As experience shows, very often after encryption on a PC, this or another infection remains, which you could get together with the encryptor.Malicious programs often work in groups: trojans of a different type, password hijackers, backdoors, dormant malware, dangerous browser plugins. If you need help checking your PC for malware, you can make a request in the next section.
  13. If your files are encrypted and now have an .norvas extension, then this is the result of an attack from the STOP Ransomware. STOP Ransomware encrypts files of users in many countries due to the fact that they download and run hacked software (MS Windows, MS Office, other repacked or patched programs), from which someone removed the activation, making them free and dangerous at the same time due of this malicious code. Before you decrypt the files, you need to make sure that there is neither this infection nor any other infection on the PC. We have seen cases when those who suffered from previous versions STOP Ransomware successfully decrypted files, but then they were attacked by the same encryptor, which encrypted files with a different extension, and used an encryption key that cannot be calculated. In punishment for haste and complacency, the user lost his files a second time and, possibly, forever. As experience shows, very often after encryption on a PC, this or another infection remains, which you could get together with the encryptor.Malicious programs often work in groups: trojans of a different type, password hijackers, backdoors, dormant malware, dangerous browser plugins. If you need help checking your PC for malware, you can make a request in the next section.
  14. As experience shows, very often after encryption on a PC, this or another infection remains, which you could get together with the encryptor.Malicious programs often work in groups: trojans of a different type, password hijackers, backdoors, dormant malware, dangerous browser plugins.Therefore, I advise you to check your PC for active and dormant malware. This can be done here in the forum in the next section. This must be done in any case. STOP Ransomware encrypts files of users in many countries due to the fact that they download and run hacked software (MS Windows, MS Office, other repacked or patched programs), from which someone removed the activation, making them free and dangerous at the same time due of this malicious code.
  15. More precisely, you have collected all your encrypted files and reinstalled the OS Windows 7. Have you checked the saved files with an antivirus program, so as not to suffer again from a hidden infection? Have you installed anti-virus protection for 30 days or more? I hope this is not Free Antivirus, because none of the Free Antivirus will protect against encryptors.
  16. More precisely, now you have all the files encrypted and have the extension .codnat STOP Ransomware encrypted your files. Before you decrypt the files, you need to make sure that there is neither this infection nor any other infection on the PC. We have seen cases when those who suffered from previous versions STOP Ransomware successfully decrypted files, but then they were attacked by the same encryptor, which encrypted files with a different extension, and used an encryption key that cannot be calculated. In punishment for haste and complacency, the user lost his files a second time and, possibly, forever.
  17. My laptop files encrypt with norvas ransom virus i tried many tools to decrypt but no effect take place after that i instal window 7 in my laptop my files still encrypted help me to decrpyt my files MACs: 50:7B:9D:42:68:F0, B6:6D:83:E0:81:FC, B6:6D:83:E0:81:FD, B4:6D:83:E0:81:FC No key for ID: TZJSkeJ4DTCXUnXpdCiXXExPiC8ea2s5LF4UOYOZ (.norvas ) _readme.txt 2016-09-23-09-20-53.jpg.norvas.fcciwooo.norvas
  18. Yesterday
  19. Please help me Encryption Type codnat
  20. Ok. It IS true that no user is obliged to continue being a user. But you offer no straightforward way to renew a licence without the auto-renewal being turned on. You don't tell people that's what is happening until you ask them to agree it in the purchasing process (and one has to agree or the purchase doesn't go forward - that's not a choice). Your website does say at the foot of the page that the auto thing can be undone, but neither of the statements describing how are accurate. Perhaps you should THINK about how you'd feel if a company you deal with with forced this on you? All we're trying to get across to you is that you should give people an up-front choice of whether or not they want to be subscribed.
  21. I renewed my licence on 17/10/2018 and payment was taken via Cleverbridge - there was no mention of it being a subscription so I assume my licences will not auto-renew. It appears that you're now using 2checkout to process payments instead of cleverbridge, and that any orders placed via them will be auto-renew ? I imagine many more may articulate the same view when they are suddenly auto-renewed later this year without them knowing about this in advance - the fact is that you've changed your licensing model and don't appear to have communicated this to the user base, which, in my view, is poor. A more cynical user might feel that this has been introduced without fanfare in the hope that the majority of users won't notice.
  22. Hello Marco, the auto renewal is not part of our licensing terms. No user is obliged to auto-renew their license. Since October 2018, users that renew their existing license or purchase a new one through our website are shown in the shopping cart that they are purchasing a subscription. The subscription can be cancelled at any time including until 30 days after its renewal resulting in a refund if so desired. I can understand that this practice is not everyone's preferred practice, I can also tell you that you are not alone in this but from hundreds of thousands of users, only a few articulated that view and the few dozen or so that since asked us to have their subscription cancelled, we cancel it without issue. In summary: Do I understand your point? - Yes. Is it a problem for our typical user? - Nothing suggests it is. It is not that are we not listening, we put our focus where we believe it is demanded. I hope that makes sense even if you personally would prefer a different approach.
  23. I confirm that all purchases, whether renewals or new licenses, are automatically made subscriptions (has been this way since around October 2018).
  24. Since there was not given answer from the victim, it is important in any case not to leave the topic hanging on mid of word. Yes, according to such scant information that the victim provided and disappeared in an unknown direction, we can determine relatively precisely that the files were encrypted with one of the variants of GlobeImposter-2 Ransomware ...and even I can show the sample of the malware that did this bad deed. Extension: .restorefiles666 Ransom note: how_to_back_files.html Email: [email protected], [email protected] Analysis result: VT The date of the appearance of the variant with .restorefiles666 extension is April 1-2, 2019. But earlier there were the same variants, but with a different extension. Extortionists often change external signs of Ransomware, but do not change the real version of their program As can be seen in the analysis results, Emsisoft Anti-Virus correctly identified this malicious file. So, if the victim's PC was under the protection of one of the antivirus solutions of Emsisoft, then the files would remain intact and were not encrypted.
  25. For previous versions, there is GandCrab v5.1 Decryptor. Your files may have been encrypted an early or latest version that is not yet decrypted. But before you hurry to do decrypt the files, you need to make sure that there is neither this infection nor any other infection on the PC. We have seen cases when those who suffered from previous versions successfully decrypted files, but then they were attacked by the same encryptor, which encrypted files with a different extension, and used an encryption key that cannot be calculated. In punishment for haste and complacency, the user lost his files a second time and, possibly, forever. As experience shows, very often after encryption on a PC, this or another infection remains, which you could get together with the encryptor. Malicious programs often work in groups: trojans of a different type, password hijackers, backdoors, dormant malware, dangerous browser plugins. Therefore, I advise you to check your PC for active and dormant malware. This can be done here in the forum in the next section.
  26. melatr Yes. STOP Ransomware encrypted your files. Before you decrypt the files, you need to make sure that there is neither this infection nor any other infection on the PC. We have seen cases when those who suffered from previous versions STOP Ransomware successfully decrypted files, but then they were attacked by the same encryptor, which encrypted files with a different extension, and used an encryption key that cannot be calculated. In punishment for haste and complacency, the user lost his files a second time and, possibly, forever. As experience shows, very often after encryption on a PC, this or another infection remains, which you could get together with the encryptor. Malicious programs often work in groups: trojans of a different type, password hijackers, backdoors, dormant malware, dangerous browser plugins. Therefore, I advise you to check your PC for active and dormant malware. This can be done here in the forum in the next section.
  27. Arman Before you decrypt the files, you need to make sure that there is neither this infection nor any other infection on the PC. We have seen cases when those who suffered from previous versions STOP Ransomware successfully decrypted files, but then they were attacked by the same encryptor, which encrypted files with a different extension, and used an encryption key that cannot be calculated. In punishment for haste and complacency, the user lost his files a second time and, possibly, forever. As experience shows, very often after encryption on a PC, this or another infection remains, which you could get together with the encryptor. Malicious programs often work in groups: trojans of a different type, password hijackers, backdoors, dormant malware, dangerous browser plugins. Therefore, I advise you to check your PC for active and dormant malware. This can be done here in the forum in the next section.
  1. Load more activity
  • Newsletter

    Want to keep up to date with all our latest news and information?

    Sign Up