All Activity

This stream auto-updates     

  1. Past hour
  2. Today
  3. If this happened not the same day, then by the date of the files change you can determine the days of the attack. Analysis of the date of the attack can help identify the weak link (who was working at the PC?) and properly configure the PC protection for the future. If at the PC working you only, then you need to install a complex anti-virus product (e.g. Internet security at 1 month trial) in order to remove the remaining virus files and protect the PC from new attacks. If there is unnamed anti-virus on your PC and no one has been disabled it before the attack, then you need to get rid of it, as soon as possible. AV protection that cannot protect user's files from attacks from outside and even from his wrong actions and from illegitimate programs does not have the right to be on this PC.
  4. Hello. It is a pity that such a thing happened. Instructions with your files.txt - is a note from Paradise Ransomware The extension _c3tfsp_{[email protected]}.sambo added by Paradise Ransomware UQSNORZLPD-MANUAL.txt - is a note from GandCrab 5.2 Ransomware The extension with 10 characters - .uqsnorzlpd - added by GandCrab 5.2 Ransomware Looking at the screenshots I can see that first your files were encrypted by Paradise Ransomware, and then the files were encrypted by GandCrab 5.2 Ransomware
  5. Hello. It is a pity that such a thing happened. I can look at these files, but I cannot download attachments from your message. Send to www.sendspace.com two these ransom notes and give us the download link. And please replace the two non-informative encrypted ini-files to with txt, doc, jpg, png files.
  6. I recommend uploading a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with: https://id-ransomware.malwarehunterteam.com/ You can paste a link to the results into a reply if you would like one of our experts to review them.
  7. I request for your aid in the suggestion of what should I do since my pc has been affected by ransomware that I don't know. Please kindly give me some advice on what should i use to recover my files. They changed all my picture and videos into this format here are some pictures sample
  8. Yesterday
  9. Auch hier fehlen temporär die Datums- und Uhrzeiten. Browser Firefox und Browser Iron (Chrome) sind da identisch. Und es macht keinen Unterschied ob ich angemeldet bin oder nicht.
  10. Ich habe hier einen Treiber, ist das Malware und wenn ja, was richtet der an? https://www.virustotal.com/gui/file/3438c1b80d0ee1e41744efdc048c5b4c21b5fdbd0540a706277c2a59af7437ad/detection
  11. Could I get a quick reply on my two little questions please ☺️🤗 By the way: I have noticed that workspaces cannot be deleted. I assume this feature will be added later? Thanks! Raynor
  12. Last week
  13. attached files incase helps port.ini port.ini.COLORIT HOW TO DECRYPT FILES.txt HOW TO DECRYPT FILES.hta
  14. hi my pc has been encrypted via ransomware , id ransomware detects as xorist but the decryter tool fails to find a key and keeps asking me to drag the files the files all have extension .colorit thanks in advance for any help / support pk24
  15. Waren Sie im Forum angemeldet, als Sie die Profile angesehen haben?
  16. Nachtrag: in den Profilen fehlt auch teilweise der Zeitstempel "Letzter Besuch":
  17. The version of EAM in use of this system is out-of-date, buy a few years. The signature database has never been updated. Making the scan report unreliable and inaccurate. The current version of EAM is 2019.3.1.9367
  18. Ok. I'll look into it, but if it's too complicated, I may just keep dragging the window around when I need to see something that isn't showing. But, thank you for your time and patience with me. I really do appreciate it!
  19. In that case you'll need the Application Compatibility Toolkit from Microsoft. There's a tool that comes with it called "Compatibility Administrator" that will allow you to create compatibility settings for any program you want, however it is a bit complicated to use. There's information at the following link that may help you use it to disable the DPI scaling for a any program you want: https://superuser.com/a/1018284 The information at that link was intended for advanced users, so let me know if you need me to try to write instructions that are easier to follow.
  20. The issue is that the option to disable DPI scaling on a per-application basis doesn't work. From what I'm reading, if you're able to change the setting at all (64-bit Windows 7 doesn't normally allow you to change it for 64-bit applications) then it doesn't actually do anything unless you switch your Desktop theme in your Personalize settings to one that doesn't use Aero (the Windows 7 Basic or Windows Classic themes for instance). There may also be other settings that need to be changed. Out of curiosity, is the option for "Disable display scaling on high DPI settings" grayed out for you in the Compatibility Properties for a2start sort of like it is in the following screenshot?
  21. It is 64 bit. I'm not disputing your word but this program is the only one that does this. Could it still be a Windows problem when it does this with just one program? I don't know. I'm just asking and I hope you don't mind my asking.
  22. To add to what Amigo-A said, your ID doesn't appear to be an offline ID, so the chances of being able to decrypt your files is slim. That being said, if you download STOPDecrypter, run it, and copy and paste the ID and MAC it gives you into a reply then I can forward them to the create of STOPDecrypter in case he is able to figure out your decryption key at some point in the future. Here's a link to instructions on how to do that: https://kb.gt500.org/stopdecrypter
  23. This appears to be an issue with Windows 7. There may be a way around this, but first I need to know whether you have 32-bit Windows 7 or 64-bit Windows 7. Here's how to check: Hold down the Windows key on your keyboard (the one with the Windows logo on it, usually between the Ctrl and Alt keys) and tap R to open the run dialog. Type control system into the field, and click the OK button. Roughly in the middle, below where it says System, look to the right of System type to see if it says 32-bit Operating System or 64-bit Operating System.
  1. Load more activity
  • Newsletter

    Want to keep up to date with all our latest news and information?

    Sign Up