Jump to content

Recommended Posts

This looks like it could be Fabiansomware https://decrypter.emsisoft.com/fabiansomware

Copy the below code to Notepad; Save As fixlist.txt to your Desktop.

	HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [LegalNoticeCaption] Attention!
HKLM\...\Winlogon: [LegalNoticeText] All your files were encrypted with strong algorithm AES256 and unique key.
Do not worry, all your files in the safety, but are unavailable at the moment.
To recover the files you need to get special decryption software and your personal key.
	You can contact us via Email:
[email protected]
	Your Personal ID: 17AD78ECSA
	Please use public mail service like gmail or yahoo to contact us, because your messages can be not delivered.
	For fast communication, you can write us in Jabber: [email protected]
How to register a jabber account: http://www.wikihow.com/Create-a-Jabber-Account
	You have 3 working days to contact us, otherwise recovering may be harder for you.
HKU\S-1-5-21-2078620211-2564939822-85446184-500\...\Run: [Decryption Instructions] => C:\Windows\system32\notepad.exe [193536 2015-07-09] (Microsoft Corporation)
IFEO\netsh.exe: [Debugger] C:\\WINDOWS\\system32\\svchost.exe
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

Close Notepad.

Link to post
Share on other sites

Thread Closed

Reason: Lack of Response

PM either Kevin, Elise, or Arthur to have this thread reopened.

All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE if you don't we are just going to send you back to this thread.

Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...