Jump to content

Amigo-A

Visiting Expert
  • Posts

    2305
  • Joined

  • Last visited

  • Days Won

    56

Everything posted by Amigo-A

  1. @Din @Yassine @Luwie New variant STOPDecrypter supports your ID https://download.bleepingcomputer.com/demonslay335/STOPDecrypter.zip
  2. You will need the help of a support professional to clean your PC. I do not have the authority to cure PC. There are some malicious elements in the logs that can cause harm again. There are also PUP and unwanted extensions in the browser Google Chrome. You can yourself reset the settings to default.
  3. New version of STOP Decrypter releasedhttps://download.bleepingcomputer.com/demonslay335/STOPDecrypter.zip
  4. New version of STOP Decrypter released https://download.bleepingcomputer.com/demonslay335/STOPDecrypter.zip
  5. Yassine New variant STOPDecrypter supports your ID https://download.bleepingcomputer.com/demonslay335/STOPDecrypter.zip
  6. You say you removed the malicious program, but it can leave behind itself hidden copies that attack the PC in the same way. While most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers, that will encrypt any new files saved and will encrypt any files you manage to decrypt. We recommended to check PC before trying to decrypt the files and make sure that no such components have been left behind, so following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious now on your computer/ https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Please attach the log files FRST saves to a reply to this topic. It is recommended to send the log files FRST as soon as possible.
  7. This is the result of the STOP Ransomware attack. I have been tracking the malicious work of this program since December 2017. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. This is possible only in case where the files were encrypted with offline keys and an instance of the malware was detected. Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files. A positive result and a lucky chance are not always possible.
  8. What is a potentially unwanted program (PUP)? https://blog.emsisoft.com/en/31451/how-to-perform-manual-pup-removal/ Antivirus, Anti-Malware, Anti-PUP? What is Emsisoft really? https://blog.emsisoft.com/en/14175/antivirus-anti-malware-anti-pup-what-is-emsisoft-really/
  9. Yes. Only leave all ransom notes in folders with files, in which they were at the time of encryption. Files can be encrypted with different keys. Transfer it all to free disk space or external drive and reinstall Windows. You should know that this is not a simple infection that is easy to delete and unlock files with one click of the mouse. This is the result of the STOP Ransomware attack. I have been tracking the malicious work of this program since December 2017. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. This is possible only in case where the files were encrypted with offline keys and an instance of the malware was detected. Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files. A positive result and a lucky chance are not always possible.
  10. Of course. Leave all ransom notes in folders with files. Send to free disk space or external drive and reinstall Windows.
  11. Surya dinata We wait and hope together with you.
  12. depe look PM We hope together with you.
  13. @Din From logs you can see that your browser Google Chrome has turned into something terrible. Several dangerous extensions that can not only show ads and redirect you to a bad sites, but also keep track of your preferences and steal your personal information. I recommend that you remove all (!!!) browser extensions manually and later reset the browser settings to their defaults. Then you can reinstall AdBlock from the official page. https://chrome.google.com/webstore/detail/adblock/gighmmpiobklfepjocnamgkkbiglidom?hl=en Other extensions are unreliable or dangerous.
  14. Yassine You should know that this is not a simple infection that is easy to delete and unlock files with one click of the mouse. This is the result of the STOP Ransomware attack. I have been tracking the malicious work of this program since December 2017, this is earlier than many antivirus programs. Some of them announced the discovery of one of the variants of this Ransomware only in August 2018, when there was a massive attack on residents of many countries. Unfortunately, this attack continues. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. This is possible only in case where the files were encrypted with offline keys and an instance of the malware was detected. Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files. A positive result and a lucky chance are not always possible.
  15. @Din No. This site offers to use the SpyHunter tool that does not decrypt files. There are a lot of such sites on the Internet that advertise SpyHunter, which will not do anything to decrypt. We have provided all the necessary information above. See the 2st and 3st post of topic.
  16. Luwie There is nothing in the logs indicating absolute malware, but there are several PUP and some dangerous downloads that you may suffer from. \Downloads\DirectX_11_Setup_2083197489.exe \Downloads\Recuva v1.53 setup + crack If you have already installed this software, then remove it and delete the installation files.
  17. You say you removed the malicious program, but it can leave behind itself hidden copies that attack the PC in the same way. We recommended to check PC before trying to decrypt the files and make sure that no such components have been left behind, so following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious now on your computer/ https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Please attach the log files FRST saves to a reply to this topic. It is recommended to send the log files FRST as soon as possible.
  18. Hello This is the result of an attack a new variant of STOP Ransomware. I have been tracking the malicious work of this program since December 2017, this is earlier than many antivirus programs. Some of them announced the discovery of one of the variants of this Ransomware only in August 2018, when there was a massive attack on residents of many countries. Unfortunately, this attack continues. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. This is possible only in case where the files were encrypted with offline keys and an instance of the malware was detected. --- ID Ransomware can confirm that, and can let you know if STOPDecrypter can recover your files. Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files.
  19. You should know that this is not a simple infection that is easy to delete and unlock files with one click of the mouse. I have been tracking the malicious work of this program since December 2017, this is earlier than many antivirus programs. Some of them announced the discovery of one of the variants of this Ransomware only in August 2018, when there was a massive attack on residents of many countries. Unfortunately, this attack continues. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. This is possible only in case where the files were encrypted with offline keys and an instance of the malware was detected. Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files.
  20. amro genidy You should know that this is not a simple infection that is easy to delete and unlock files with one click of the mouse. This is the result of the STOP Ransomware attack. I have been tracking the malicious work of this program since December 2017, this is earlier than many antivirus programs. Some of them announced the discovery of one of the variants of this Ransomware only in August 2018, when there was a massive attack on residents of many countries. Unfortunately, this attack continues. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. This is possible only in case where the files were encrypted with offline keys and an instance of the malware was detected. Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files.
  21. Hello This is the result of an attack of a new variant of STOP Ransomware. ID Ransomware can confirm that, and can let you know if STOPDecrypter can recover your files. You need to wait until the new version of the decryptor is released, which will support this variant with muslat extension. While most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers, that will encrypt any new files saved and will encrypt any files you manage to decrypt. We recommended to check PC and make sure that no such components have been left behind, so following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious now on your computer/ https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/ Please attach the log files FRST saves to a reply to this topic. It is recommended to send the log files FRST as soon as possible.
  22. Attach 2 encrypted files and a file _readme.txt to the message.
  23. This is a variant of STOP Ransomware has been encrypt your files. You can use the service ID Ransomware to confirm identification of this Ransomware. You should know that this is not a simple infection that is easy to delete and unlock files with one click of the mouse. I have been tracking the malicious work of this program since December 2017, this is earlier than many antivirus programs. Some of them announced the discovery of one of the variants of this Ransomware only in August 2018, when there was a massive attack on residents of many countries. Unfortunately, this attack continues. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. This is possible only in case where the files were encrypted with offline keys and an instance of the malware was detected. Demonslay335 (the developer of the decoder) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files.
  24. This is a new variant of STOP Ransomware has been encrypt your files. You should know that this is not a simple infection that is easy to delete and unlock files with one click of the mouse. I have been tracking the malicious work of this program since December 2017, this is earlier than many antivirus programs. Some of them announced the discovery of one of the variants of this Ransomware only in August 2018, when there was a massive attack on residents of many countries. Unfortunately, this attack continues. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. This is possible only in case where the files were encrypted with offline keys and an instance of the malware was detected. Demonslay335 (the developer of the decoder) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files. At the moment, it not been added to ID Ransomware (not been message), but it will soon be added.
  25. This is a new variant of STOP Ransomware has been encrypt your files. At the moment, it not been added to ID Ransomware (not been message), but it will soon be added. --- You should know that this is not a simple infection that is easy to delete and unlock files with one click of the mouse. This is the result of the STOP Ransomware attack. I have been tracking the malicious work of this program since December 2017, this is earlier than many antivirus programs. Some of them announced the discovery of one of the variants of this Ransomware only in August 2018, when there was a massive attack on residents of many countries. Unfortunately, this attack continues. Now on the forum a lot of victims from different variants of this Ransomware. In some cases, the files can be decrypted. This is possible only in case where the files were encrypted with offline keys and an instance of the malware was detected. Demonslay335 (the developer of the STOPDecrypter) collects information from the victims, writes data and tries to update the STOP Decrypter. After that, victims can try to decrypt the files.
×
×
  • Create New...