Sign in to follow this  
dereklai8

My PC is infected. Please Help!

Recommended Posts

Please help! My file modified by Ransomware!

I wanna decryption my file, what should i do?

if you need more information, i can attached the document or some file for your action.

Please help!!! 

Share this post


Link to post
Share on other sites

It is recommended to upload a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:
https://id-ransomware.malwarehunterteam.com/

You can paste a link to the results into a reply if you would like  one of our experts to review them.

Share this post


Link to post
Share on other sites

I have tried, but it seem not work. Any other method? Or i just only can wait for the update?

Below is the message after i upload the file.

"This ransomware has no known way of decrypting data at this time."

 

Share this post


Link to post
Share on other sites
7 hours ago, dereklai8 said:

Below is the message after i upload the file.

"This ransomware has no known way of decrypting data at this time."

Then that's more than likely the same answer you'd get from us, or any other legitimate computer security company. Without knowing the name of the ransomware it identified it as, I can't know any more than that. I can make guesses, however the file extensions appear to be random, which could mean GandCrab, and if it's GrandCrab v5.2 then you'll have to wait until BitDefender gets their hands on the private keys for that version and updates their decrypter to support it (it currently supports up to v5.1).

Share this post


Link to post
Share on other sites

That mean i can try "GandCrab" to decrypt my files first?

If yes , would you please share more details of "GandCrab"? Such as "Where i can download and what should i do?"

Share this post


Link to post
Share on other sites

Did ID Ransomware say it was GandCrab? Like I said, all I can do from the extension is make guesses.

If you can attach a copy of the ransom note and an encrypted file to a reply, I can take a look at them and see if it really is GandCrab.

Share this post


Link to post
Share on other sites

Unfortunately the error code is meaningless to anyone other than Invision Power Services (it allows them to find where in the code the error occurred, and thus they do not have a list of what error codes mean). Did the error message say anything else?

As for the ransomware, I was able to find your uploads in the ID Ransomware logs, and it looks like it was identified as Magniber. There are decrypters for some variants of this ransomware, however not for all of them, and the extension your files have doesn't match any on the list of decryptable variants. There is more information at the following link:
https://www.bleepingcomputer.com/news/security/decrypters-for-some-versions-of-magniber-ransomware-released/

Share this post


Link to post
Share on other sites
8 hours ago, dereklai8 said:

As said, is mean no any method to decrypt my files at this moment?

To my knowledge, there's no known way to decrypt the files without first obtaining the private key from the criminals who made the ransomware.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.