• Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About Beaver

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. GT500: I sincerely appreciate your interest in helping resolve my predicament, and in involving your malware analysts. Look forward to what they have to say. Thanks once again and take care.
  2. GT500: I uploaded today Wednesday, July 24, 2019, the encrypted file RFQ2017-1-0008.jse to ID-Ransomware and got the message and got the message: Unable to determine ransomware. Please make sure you are uploading a ransom note and encrypted sample file from the same infection. This can happen if this is a new ransomware, or one that cannot be currently identified automatically. You may post a new topic in the Ransomware Tech Support and Help forums on BleepingComputer for further assistance and analysis. Please reference this case SHA1: 81049b216207070a4bd6c5fdcbf05bde824b4119
  3. GT500: I've attached a couple of infected files. Thanks for your interest and time. 26231.jse 29031.jse 135463.jse 1329467.jse 1835201.jse RFQ2017-1-0001.jse RFQ2017-1-0002.jse RFQ2017-1-0003.jse RFQ2017-1-0004.jse RFQ2017-1-0004-A.jse RFQ2017-1-0005.jse RFQ2017-1-0006.jse RFQ2017-1-0007.jse RFQ2017-1-0008.jse RFQ2017-1-0009.jse RFQ2017-1-0009-A.jse
  4. GT500: I only have files that are encrypted with the .JS extension. We have not noticed any other changes in the computers, screen background the same. Can I just copy the affected file to ID Ransomware? If so, how? No other file or message has been found to copy to ID Ransomware.
  5. Amigo-A, thanks for your insight. I have attached the Frst and Addition as indicated. Addition.txt FRST.txt
  6. We got infected, according to an antivirus vendor it is JS/TrojanDownloader.Nemucod.EGM. Files are encrypted. They all have the .JS as a file type. No ransom note or unusual file detected. Does anyone have experience trying to decrypt these files?