MadHawk

Member
  • Content Count

    8
  • Joined

  • Last visited

Posts posted by MadHawk


  1. 9 hours ago, GT500 said:

    Resetting Google Chrome to default settings:
    https://support.google.com/chrome/answer/3296214

    Resetting Firefox to default settings:
    https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings

    Note: Doing this should delete all of your extensions. However, from what I saw in your FRST log, this will be a good thing. Keep in mind that you should only install extensions that you really need. A lot of extensions aren't safe, and neither Google nor Mozilla have the manpower to properly check all of them. Your basic adblock/content blocker extensions are OK (uBlock Origin, Adguard, Adblock Plus, and Adblock), however keep in mind that you only want one of them.

    I deleted most extensions  and now only have adblock and grammarly.


  2. On 6/12/2019 at 4:06 AM, GT500 said:

    That is a variant of the STOP/Djvu ransomware.

    STOPDecrypter can't recover your files yet, however it can still be used to get information that may be able to help the creator of STOPDecrypter figure out your decryption key. Here's a link to instructions on how to get this information with STOPDecrypter:
    https://kb.gt500.org/stopdecrypter

     

    While most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers they infect that will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums):
    https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/

    Note: If anything that appears suspicious is found in your logs, then your post will be moved into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it.

    okay i did all the steps. The stopdecrpter is showing this-

    [+] Loaded 43 offline keys
    Please archive the following info in case of future decryption:
    [*] ID: JVA5cC4uyeRWfgWlNCYNWypgIU9MQA2IvURCi81p
    [*] ID: PpzYa3nBba2MZq4MUGgxoZcZ7cbXBKtzNcipyRt1
    [*] MACs: 00:E0:4C:1C:17:29
    This info has also been logged to STOPDecrypter-log.txt
     

    Attached the 2 files

    I am really getting desperate when will my problem be solved??

    please tell

     

    Addition.txt FRST.txt


  3. 9 hours ago, GT500 said:

    @EricN, @MadHawk, @Abichandra if you could follow the instructions at the link below and post the information they direct you to get in a reply for us, then I can forward it to the creator of STOPDecrypter:
    https://kb.gt500.org/stopdecrypter

    It doesnt give me the "extract" option and directly shows the faq dialog box.An error from Microsoft.net framework comes though but when I stil continue it just shows [+] loaded 43 offline keys

    EDIT: my net framework was of prevous version and updated it which made it work. Uploaded all the information in another answer