dfab

Member
  • Content Count

    1
  • Joined

  • Last visited

Community Reputation

0 Neutral

About dfab

  • Rank
    New Member
  1. Hello. Yesterday my laptop was infected with ransomware. When I realized this it was too late; literally thousands of files had been encrypted with the .grod extension. So far I seem to have removed it; the associated programs have been removed through a combination of Emsisoft, Karspersky, Microsoft and GridinSoft anti-malware. The laptop is working though I've been carrying out system scans for the past 24 hours, barely getting any sleep in. File extensions compromised include... Well, just about every single one. Image (jpg, bmp, png, gif), document (docx, pdf, txt, html), image editing files (for Affinity Photo and Designer, for instance), music (mp3, spf), fonts, executables, etc. I estimate very close to 100% of my content has been rendered useless, and this is particularly damaging because I work remotely and am now locked out of work done for my clients. System restore had done nothing. Ironically, the ransomware attack happened while I was trying to download an antivirus. Investigating what I could, this is a variant of the Djvu/STOP ransomware family, but it's a fairly recent version and supposedly it features an online ID.I am not paying these people in any way. I would like to know however, what are the odds that this will be able to be decrypted in the near future. The Emsisoft STOP Ransomware Decryptor I've download does not seem able to decrypt any file, and I can't use any file through which I can run through the pair file checkup (it keeps telling me the original file is encrypted even when I'm using files before the attack). So far, the information I have is VirusTotal's information. I'm attaching the ransom note ( _readmetxt), which has been duplicated along many folders; and a link to a Filebin folder with several encrypted files of various extensions and sizes (ttf, afphoto, mp3, txt, tga, bmp). _readme.txt