Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About TheFallenAngel

  • Rank
    New Member
  1. The server is now rebuilt and I can not do this any longer. BUT I do have all those files originally attached to my Original post above. On another note - do you know how would that ransomeware get on my server 2012 R2 considering it is not a domain server, no one opens emails or runs things directly on it.. I read somewhere that someone got in trough RDP but I hope that's not the case since I use non-standard port and pretty secure password.. SO how does that ransomeware get onto the machine (what ways there are)? Cheers, Alex
  2. Kevin, THANK YOU - the ApocalypseVM decrypter WORKED! You could add in the write up the file names: How to restore files.hta and the email: [email protected] so others could find it
  3. Hi Kevin, Thank you for the suggestion! Unfortunately both decrypters were unsuccessful The updated version of the Trend Micor's Decryptor did not work either, so must be some new ransomeware version.. Based on the extension I am not even sure if it's a Globe.. Any help will be greatly appreciated! (all required information and files are attached to the OP)
  4. Hi there, My Server 2012 R2 got infected today by a Ransomware. No one ever opens files on it so it is strange how it happened but this is what comes up: ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Your files are encrypted! Your personal ID: 0843433264243074682840281565584700831418820996605791238238132539112592116173439056440815989187839906583082283938015715468462508303330944485487863324476408220513228410419234171686654713765644388264
  • Create New...