pk24

Member
  • Content Count

    4
  • Joined

  • Last visited

Community Reputation

0 Neutral

About pk24

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hi GT500 tried to attach the culprit files as requested but get error -200 so below is a link to download them if needed they are password zipped inside a pasworded zip https://www.sendspace.com/file/soevi9 pass same as before - screwthehackers thanks again pk24
  2. Hi GT500 This has been identified as WDM (DCRTR-WDM) Ransomware on a diff forum bleepingcomputer Below is post I posted there about my situation as stated in the post I have both suspicious files from 1 of my infected computer password zipped if needed to analyse this affected 3 of my PCs , my CCTV computer , My Main PC and my handheld GPD , sort of sums up my year lost my mum / my dog / partner in car crash which wrote of the car and now this and we are only 4 months in I already scan cleaned and removed this from 1 computer and my handheld before reading to leave in quarantine so managed to save the files in quarantine on last computer One of these seem to be the culprit file c:\users\user\appdata\local\temp\plugins\setup.exe c:\users\user\appdata\roaming\host process for windows services\svchost.exe I have both password zipped incase needed all my encrypted files have had the extension .colorit added the following link has several encrypted files and the ransom note and hta file all these are from the computer I still have the virus file from www.sendspace.com/file/d11739 password is - screwthehackers thanks in advance for any help / support
  3. attached files incase helps port.ini port.ini.COLORIT HOW TO DECRYPT FILES.txt HOW TO DECRYPT FILES.hta
  4. hi my pc has been encrypted via ransomware , id ransomware detects as xorist but the decryter tool fails to find a key and keeps asking me to drag the files the files all have extension .colorit thanks in advance for any help / support pk24