Cheesetoast

Office PC and Network Shares encrypted. Asking for your assitance

Recommended Posts

Good afternoon,

One of our office PCs was infected by a ransomware of sorts.  All standard files on this PC, as well as those on connected network shares, now have a .FKVGM extension and are indeed encrypted.  Attached are the FRST and EEK logs.  There are also text files left in every infected directory stating an email address to contact (see "Restore_FKVGM_Files.txt). 

cathypc_Addition.txt cathypc_FRST.txt cathypc_scan_190318-135415.txt Restore_FKVGM_Files.txt

Edited by Cheesetoast
added attachments

Share this post


Link to post
Share on other sites

I recommend uploading a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with:
https://id-ransomware.malwarehunterteam.com/

You can paste a link to the results into a reply if you would like for me to review them.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.