Jump to content

SDM

Member
  • Posts

    6
  • Joined

  • Last visited

Reputation

1 Neutral
  1. Thanks a lot for kind help. I have attached fixlog also for your kind review. System is working fine except at startup it is taking bit too long time. I will not be deleting any of the encrypted file (Extension with .lqqw). As and when solution will be available at your end I will try to decrypt, till then I will wait. I have also forwarded the details to cyber crime department in India for their information. I know nothing is in their hand. Fixlog.txt
  2. Please find below logs for your reference and suggest next step. scan_210831-112309.txt Addition_31-08-2021 11.46.09.txt FRST_31-08-2021 11.46.09.txt
  3. Should I Delete below files? C:\windows\System32\Drivers\7b4tV3HOPXa.sys detected: Trojan.GenericKD.46846801 (B) [krnl.xmd] And also below deleted C:\Users\sdmis\AppData\Local\Temp\jamesnew.exe -> (AutoIT Script) -> (unicode) detected: AIT:Trojan.Nymeria.4747 (B) [krnl.xmd] C:\Users\sdmis\AppData\Local\Temp\md3_3kvm.exe detected: Trojan.GenericKD.37499169 (B) [krnl.xmd] C:\Users\sdmis\AppData\Roaming\2821170.exe -> (Embedded 0) detected: Trojan.Stealer.FL (B) [krnl.xmd]
  4. Need help to decrypt file. We have identified "STOP (Djvu)". This ransomware may be decryptable under certain circumstances. Please refer to the appropriate guide for more information. Identified by: ransomnote_filename: _readme.txt ransomnote_email: [email protected] sample_bytes: [0x293C - 0x2962] 0x7B33364136393842392D443637432D344530372D424538322D3045433542313442344446357D Click here for more information about STOP (Djvu). Case number: bf2fa31c000f94097a7c33e5dba0d3da655d230d1630265749
  5. Error: No key for New Variant online ID: rGntBV2vICjI07hAFtUajcF0e5OAsnesrbqwgXZc Notice: this ID appears to be an online ID, decryption is impossible
×
×
  • Create New...