pteradon

Member
  • Content Count

    4
  • Joined

  • Last visited

Community Reputation

0 Neutral

About pteradon

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Here's the FRST result files Another interesting thing about this ransomware, that it apparently cannot encrypt non-Unicode named files. We had some files named both in Latvian and russian and none of them were crypted Addition.txt FRST.txt
  2. Used EMK and checked the system Found baidu installer, 2 Trojan Toolbars, some adware crossriders, but nothing that looks like Encryptor Will try to see, maybe this thing has some traces in Autorun, but i doubt that i'll find anything
  3. Here's the files. It looks like i was misleaded by screenshots. Looks like it uses .rencrypted extension Also tried id-ransmoware detection - got nothing. Here's the case SHA1: c049310d147b5358b45bb00a4f05826de65d3d06 Ransomware.rar SU1HXzQ3OTQuanBn.rencrypted
  4. Hello, my mother's computer was infected with .vir ransomware. Looks like it uses AES-256 encoding. Text message name is "READ_TO_DECRYPT.html" I looked through all the available databases, but it looks like new (though READ_TO_DECRYPT message was used in few occasions) Sadly, right now i cannot provide file examples (only a few screenshots), but will do tomorrow if it is needed. Hope for your help.