Leaderboard


Popular Content

Showing content with the highest reputation since 07/10/19 in all areas

  1. 1 point
    I'll pass this on to the maker of STOPDecrypter, but note that we need to have the MAC addresses of every network adapter on the computer (even if it isn't a normal ethernet adapter). Hopefully the information you provided will be enough to be able to find your decryption key quickly, however please note that we can't make any promises. That is more than likely a variant of the STOP/Djvu ransomware. You may verify that using ID Ransomware if you'd like to: https://id-ransomware.malwarehunterteam.com/ While STOPDecrypter probably won't be able to recover your files yet, it can still be used to get information that may be able to help the creator of STOPDecrypter figure out your decryption key. Here's a link to instructions on how to get this information with STOPDecrypter: https://kb.gt500.org/stopdecrypter Important: STOP/Djvu now installs the Azorult trojan as well, which allows it to steal passwords. It is imperative that you change all passwords (for your computer and for online services you use) once your computer is clean. While most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers they infect that will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums): https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Note: If anything that appears suspicious is found in your logs, then your post will be moved into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it.
  2. 1 point
    It's not abnormal for different companies to give different names to the same malware.
  3. 1 point
    This is GlobeImposter. Simply, analysts form KasperskyLab, who research of the samples, like to joke and give the unformal names.
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up