dinh

giai ma vi rut .kvag

Recommended Posts

máy tôi bị nhiễm  vi rút .kvag làm thế nào phục hồi  dữ liệu

Math type 7.2+[serialkey89.xyz].rar.kvag

ke_hoach_minh_chung nhap (1).xls.kvag

Share this post


Link to post
Share on other sites

Dịch.

That is more than likely a variant of the STOP/Djvu ransomware. You may verify that using ID Ransomware if you'd like to:
https://id-ransomware.malwarehunterteam.com/

 

Important: STOP/Djvu now installs the Azorult trojan as well, which allows it to steal passwords. It is imperative that you change all passwords (for your computer and for online services you use) once your computer is clean.

 

Also note:While most ransomwares will automatically delete themselves after they finish encrypting files, some are now leaving behind components on computers they infect that will encrypt any new files saved and will encrypt any files you manage to decrypt. It's best to check and make sure that no such components have been left behind, so I recommend following the instructions at the link below to get us logs from FRST so that one of our experts can make sure there is nothing malicious still on your computer (please attach the log files FRST saves to a reply to this topic on the forums):
https://help.emsisoft.com/en/1738/how-do-i-run-a-scan-with-frst/

Note: If anything that appears suspicious is found in your logs, then your post will be moved into a new topic to facilitate better communication between you and whoever is assisting you. We'll also try to make sure that you are following the new topic so that you receive e-mail notifications when someone replies to it.

Share this post


Link to post
Share on other sites

Hello @dinh

Attach a ransom note, so that we can take a look at your ID and check out yet another way to decrypt the files.

Share this post


Link to post
Share on other sites

my pc was infected my kvag virus 1 week ago. i formatted my internal hard disk and the virus is gone but my external hard disk was also infected any i cant format it because all my important files are in it. please help me to remove this KVAG VIRUS

Share this post


Link to post
Share on other sites
21 hours ago, webbrowsing said:

my pc was infected my kvag virus 1 week ago. i formatted my internal hard disk and the virus is gone but my external hard disk was also infected any i cant format it because all my important files are in it. please help me to remove this KVAG VIRUS

Your files aren't infected. They're encrypted so that you can't open them until you pay the criminals a ransom.

The ransomware in question (STOP/Djvu) does leave behind a component that will continue to encrypt new files, however formatting the drive that Windows was installed on wiped those leftovers out, so you no longer have to worry about them. That being said, formatting in this case was overkill, as the ranosmware is extremely easy to remove.

What you do still need to do is change all of your passwords. For most of 2019 variants of the STOP/Djvu ransomware have been downloading and running the Azorult password stealer, so the odds are pretty good that the passwords for not only your computer, but all online services you've logged in to from your computer have been sent back to the criminals who distribute STOP/Djvu.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.