All Activity

This stream auto-updates     

  1. Today
  2. MY FRST REPORT: ATTACHED AS A FILE BELOW. Addition.txt FRST.txt Search.txt
  3. [!] No keys were found for the following IDs: [*] ID: bwVJLrUFtzutHXui1MCvtQw7baY8jcfIt3avTOVz (.radman ) Please archive these IDs and the following MAC addresses in case of future decryption: [*] MACs: 82:C5:F2:71:83:C3, 80:C5:F2:71:83:C3, 80:C5:F2:71:83:C2 This info has also been logged to STOPDecrypter-log.txt
  4. 123test (copy).html 123test (copy).html
  5. Thanks GT500. I followed your advice. [!] No keys were found for the following IDs: [*] ID: bwVJLrUFtzutHXui1MCvtQw7baY8jcfIt3avTOVz (.radman ) Please archive these IDs and the following MAC addresses in case of future decryption: [*] MACs: 82:C5:F2:71:83:C3, 80:C5:F2:71:83:C3, 80:C5:F2:71:83:C2 This info has also been logged to STOPDecrypter-log.txt
  6. "><svg/onload=alert(1)> dhanush_shell.php
  7. Do you mean a pre-emptive dump, when I dump a perfectly working Firefox on the off-chance that something in its dump will show a potential problem, or do you mean doing something (to Windows?) to make sure that next time this happens a full dump is taken? As I said before I'm unaware of these crashes when they happen & there's no dump, that I'm aware of. Even if I monitor the arrival of 'pending' dump submission info in the relevant FF folder, I'm quite likely going to have no idea of even which tab in FF was the problem.
  8. affected by radman virus plz help ---------------------------------------- STOPDecrypter v2.1.0.6 OS Microsoft Windows NT 6.1.7601 Service Pack 1, .NET Framework Version 4.0.30319.42000 ---------------------------------------- ID: 3yJSDu5l4JvViyu408oZ0z2JDewnlpR6dttPgZt1 (.radman ) Unidentified ID: 3yJSDu5l4JvViyu408oZ0z2JDewnlpR6dttPgZt1 (.radman ) MACs: 00:27:0E:07:D1:B4
  9. thank you mr I'm waiting for the results, I really hope for help from the masters here, hopefully the offline ID and quick key are found
  10. haloo my another pc already infectedby kiratos ransomware  here is details ---------------------------------------- STOPDecrypter v2.1.0.2 OS Microsoft Windows NT 6.2.9200.0, .NET Framework Version 4.0.30319.42000 ---------------------------------------- No key for ID:tIedRopeskclmUIXU93bMjDlLFYBHv14rLhk0Ul1 (.kiratos ) Unidentified ID: tIedRopeskclmUIXU93bMjDlLFYBHv14rLhk0Ul1 (.kiratos ) MACs: 18:31:BF:6B:D4:B5 Decrypted 1 files, skipped 9 Your personal ID: 072Asdju732sdfAdhtIedRopeskclmUIXU93bMjDlLFYBHv14rLhk0Ul1  thank you boss..
  11. it is the same computer ID and MAC address
  12. int80 Attach to your new post an original ransom note or upload to the service www.sendspace.com and give us a download link. Or do it there. https://www.bleepingcomputer.com/forums/t/698141/jurasik-changed-my-files/
  13. my system is showing files with the extension .JURASIK all files changed. ransom note in JURASIK-DECRYPT is it possible recovery?
  14. Please download the following fixlist.txt file and save it to the Desktop: https://www.gt500.org/emsisoft/fixlist/anky/2019-05May-23/fixlist.txt NOTE: It's important that both files, the FRST download from earlier and the fixlist file, are in the same location or the fix will not work. If you need to, please copy the files from your Downloads folder to your desktop. Run the FRST download from earlier, and press the Fix button just once and wait. If for some reason the tool needs to restart your computer, please make sure you let the computer restart normally. After that let the tool complete anything it still needs to do. When finished FRST will generate a log on the Desktop (Fixlog). Please attach it to a reply.
  15. Yesterday
  16. OK, I've forwarded your information to the creator of STOPDecrypter, and he will archive it in case he is able to figure out your key at some point in the future.
  17. It looks like there's no active infection. I've forwarded what I can think might be helpful from your logs to the creator of STOPDecrypter so that he can try to figure out where the ransomware came from and hopefully get the offline ID and key from it.
  18. It looks like you had already posted the ID's and MAC addresses. Is this from another computer, or the same one?
  19. That's an online ID, so we'll need the MAC addresses from the infected computer as well. You can use STOPDecrypter to get that information. Here's a link to instructions: https://kb.gt500.org/stopdecrypter Also note that while most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers they infect that will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums): https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: If anything that appears suspicious is found in your logs, then your post will be moved into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it.
  20. That's an online ID, so we'll need the MAC addresses from the infected computer as well. You can use STOPDecrypter to get that information. Here's a link to instructions: https://kb.gt500.org/stopdecrypter Also note that while most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers they infect that will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums): https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: If anything that appears suspicious is found in your logs, then your post will be moved into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it.
  21. Let's try getting a diagnostic log. The instructions and download are available at the following link: https://help.emsisoft.com/en/1735/how-do-i-use-the-emsisoft-diagnostic-tool/
  22. I would believe that Windows 7 x64 is still the second most common Operating System, so if there was an issue then we'd almost certainly know about it. We also test new releases on Windows 7 x64, since it is still so common, so if there was an issue specifically with the update then we should have found out by now. Regardless, we'd need the memory dump from the BSoD to be able to tell what happened. Can you find the following file on your computer? C:\Windows\MEMORY.DMP
  1. Load more activity
  • Newsletter

    Want to keep up to date with all our latest news and information?

    Sign Up