Hannes

Avaddon (*.avdn) multimedia files encrypted

Recommended Posts

I was listening to some music on YouTube when suddenly my PC was very slowly and finaly crashed.
After rebooting almost all my files have the extension *.pvdn behind for example *.jpg.pvdn.
Seems that it is a brand new randsome virus and I have no idea how to decrypt my files. Also databases are infected.

Any help please?

Edited by GT500
Corrected topic title.

Share this post


Link to post
Share on other sites

Avaddon Ransomware uses the .avdn extension. Are you sure you have an .pvdn-extension?

Attach several encrypted files and a note from the ransomware to the message.
Most likely the note will be in html-format (for example, 567432-readme.html), so you need to put for it in the archive and only then attach it to the message.

Otherwise, forum protection will distort this file and I will not find there what needs to be seen. 

Or send files to me using the site https://dropmefiles.com/

  • Thanks 1

Share this post


Link to post
Share on other sites

Hi, I found that HTML file in a total other directory and mailed you some files as requested. I could manage to safe most of my files.
Thank you so much for your support.

  • Like 1

Share this post


Link to post
Share on other sites
21 hours ago, Amigo-A said:

Avaddon Ransomware uses the .avdn extension. Are you sure you have an .pvdn-extension?

Attach several encrypted files and a note from the ransomware to the message.
Most likely the note will be in html-format (for example, 567432-readme.html), so you need to put for it in the archive and only then attach it to the message.

Otherwise, forum protection will distort this file and I will not find there what needs to be seen. 

Or send files to me using the site https://dropmefiles.com/

Hello 

Would You please help me 

All my data and file have been encrypted into (.avdn) extention. How Can I decrypte my files? Because of my exam, I need my files as soon as possible.

Please help me

Share this post


Link to post
Share on other sites

I need at least 3-5 different types of files (png, jpg, rtf, txt, doc) for the test.

  • Thanks 1

Share this post


Link to post
Share on other sites

My computer has been infected by this ransomware too 😭 and bunch of my excel and word document got encrypted.

Is there possible way to recover my files? 

Please help

Share this post


Link to post
Share on other sites

Avaddon Ransomware

One of the victims, at my request, provided encrypted files and a ransom note.
I added to this malware samples, early and newest. This is analyzed by decryption specialists.
If there is a positive result, I will let you know. This will apply to all cases that have been until today.

  • Thanks 1

Share this post


Link to post
Share on other sites

I managed to recover most of my files on a second drive. I was even surprised that I made back-ups (probably in another live or so).
Re-installed Win 10 Pro (I need the Pro version for several reasons).
In over 20 years, using anti-virus from Norton, I never encountered such a nasty virus. As requested, to you, I'll send you some more infected files in a RAR file to you.

I even read that they also attack hospitals!! In Corona times!! These people should be public hanged!
 

Share this post


Link to post
Share on other sites
3 hours ago, Hannes said:

In over 20 years, using anti-virus from Norton, I never encountered such a nasty virus. As requested, to you, I'll send you some more infected files in a RAR file to you.

I already have enough files, I analyzed, there is both a loader and the encryptor itself. Nothing more is needed.
The Windows 10 Pro system has many shortcomings, I would say it has always been a "sieve", and so after the version change to 10.
Norton Security and 360 is a very good security product and very well blocks web attacks at default settings. But if "the system is a sieve, then the water will still leak." If you have Norton Anti-viris installed, then there is no web protection there.
If your PC was attacked when you watched Youtube, then you must block this channel, file a complaint and give a link to this topic. You can also pass the Youtube-link to me, I will check this and transmit the data of the web attack.

Share this post


Link to post
Share on other sites

Well, Windows or Ubuntu, a discussion that will never ends. I grew up with Windows 3.11, sold and repairedPC's. In my eyes, Windows Millenium was the worst.
But this is off topic.

I'm very glad that you are willing to help me and other victms. And yes, I admit, I made a huge mistake by setting Norton offline because even with 16 Gb of RAM, it still uses a lot of memory.
I can't give you the link to YouTube because it wasn't a channel. Just listening to classical music.

Also,I will buy a licence to your software because you are more then helpful.

(Ps: Don't mind the picture, that's my wife, both 39 YOUNG, not old)

 

 

Share this post


Link to post
Share on other sites
2 hours ago, Amigo-A said:

The Windows 10 Pro system has many shortcomings, I would say it has always been a "sieve", and so after the version change to 10.
If your PC was attacked when you watched Youtube, then you must block this channel, file a complaint and give a link to this topic. You can also pass the Youtube-link to me, I will check this and transmit the data of the web attack.

Hi Amigo,
What windows you recommend? Is windows 7 more secure than win 10?
How is possible trough youtube get a such a bad malware? 😮

Share this post


Link to post
Share on other sites

I wouldn't say that that. No longer support or updates for win 7. I also found out that Windows Defender has an option for anti-randsomeware but turned off by default. Why? Good question.

Share this post


Link to post
Share on other sites

I doubt that YouTube has something to do with it. I'm running my own mailserver by Kerio Connect and I guess some user opened a mail not to be opened.
Yes, I already know the following question: Why use YouTube on a server? Well, If you are building a house and just bought an Audi then you have to make choices.
(Off topic)

Share this post


Link to post
Share on other sites
7 hours ago, Hannes said:

I also found out that Windows Defender has an option for anti-randsomeware but turned off by default. Why? Good question.

That option is called Controlled Folder Access, is only available on Windows 10, and doesn't usually work if you have a third-party Anti-Virus software installed. It may also be prone to causing issues by blocking access to certain files (or at least preventing you from saving files in your Documents, Pictures, Videos, etc. folders).

Share this post


Link to post
Share on other sites
16 hours ago, Thomas95 said:

What windows you recommend? Is windows 7 more secure than win 10?
How is possible trough youtube get a such a bad malware? 😮

It's a long story.

All versions of the Windows need comprehensive antiviral/antimalware protection. There is not one Windows that would defend itself without outside help.

  • Thanks 1

Share this post


Link to post
Share on other sites
16 hours ago, Hannes said:

I also found out that Windows Defender has an option for anti-randsomeware but turned off by default. Why? Good question.

You mean protection from ransomware?
This place is disabled because you need to select folders with files that you want to protect. Each user can have their favorite places. In my opinion, the developers from Microsoft did not think over up this option to the end in order to gently and unobtrusively tell the user what needs to be protected first.
1). There are many places in the system where the user can save files from browser. This is a very wide spread - almost throughout the system. There are no hard rules. For example, there is no rigid binding of the download folder, the user can change this place. A hard-coded, isolated, protected 'Downloads' folder would be better protection. This would save many systems from ransomware and encryptors. They could not launch themselves and install from this place.
2). Ten years ago Microsoft was need to purchase a sandbox for safe installation of programs, this would minimize the number of malicious attacks. 
The combination of these two items could save computers around the world.

This is the starting line of defense, along with browser protection. 10 years ago I suggested creating a secure browser. Not created! It was made by Chinese developers, but soon they ruined it, because a secure browser contradicts business and advertising, it does not transmit the data needed for tracking and espionage. Nobody needs him! 

Share this post


Link to post
Share on other sites

Ow, I didn't know about that but good to know!
I also noticed that you aren't a Microsoft fan but I need it for my work. May I ask what OS you use? (My wife uses Mac OS)

Share this post


Link to post
Share on other sites

Windows7-8,1-10. Real and virtual.

It is only necessary to protect better, built-in protection is not enough.

  • Thanks 1

Share this post


Link to post
Share on other sites

But you are talking against your own store. You said yourself that Norton is a good program but you you don't talk about Emisoft.
And no, I'm far from- fighting with you, I'm not like that, however I'm frustrated that our second wedding can't continue because of Covid 19 and now this virus.

Share this post


Link to post
Share on other sites
17 hours ago, Amigo-A said:
On 6/23/2020 at 4:42 PM, Thomas95 said:

What windows you recommend? Is windows 7 more secure than win 10?
How is possible trough youtube get a such a bad malware? 😮

It's a long story.

All versions of the Windows need comprehensive antiviral/antimalware protection. There is not one Windows that would defend itself without outside help.

Just to add to this, Windows 7 is no longer receiving security updates, and will no longer be as safe to use as versions of Windows that are still being updated by Microsoft. Right now it isn't very bad, but as time goes on and more security issues are discovered in Windows 7, it's going to become unsafe to use. If you are still using Windows 7 and have the option to upgrade to a newer Operating System (it can be anything you want as long as it receives security updates) then I would recommend doing so in the near future.

Share this post


Link to post
Share on other sites
11 hours ago, Hannes said:

You said yourself that Norton is a good program but you you don't talk about Emisoft.

@Amigo-A doesn't work for Emsisoft, and we don't necessarily agree that Norton's software is good. We don't usually give opinions about products made by our competitors, as we don't spend time trying them to compare to our own software.

Share this post


Link to post
Share on other sites
14 hours ago, Hannes said:

But you are talking against your own store.

I talked about what you use, that this is a good defense and I do not suggest you switch to another one to drop this one. That would be wrong and incorrect.

You admitted that you yourself disabled part of the Norton functionality and did not use its more stringent protection settings.
There is a topic on the forum where I demonstrated that Emsisoft protection can work together with Norton protection without functional limitations. But it’s hard for me to find her among more than a thousand messages. 

Share this post


Link to post
Share on other sites

I did not have time to add this yesterday.

Avaddon ransomware and its operators do not care about decrypting files after paying the ransom. Most likely, they will receive a day and hide. This has already happened to those who paid the ransom. They received neither a decryptor nor a feedback. The page that should automatically propose this turned out to be inoperative - error 404.
This may be a temporary technical problem, but any such incident means that the extortionist will spit about your files. They need money, money, and again money.

Be careful! Do not let yourself be fooled!

Share this post


Link to post
Share on other sites

Yes, you are right. It's very dumb to pay those criminals, some peope did pay and never got the decryption so called tool. And what did they took? Almost nothing. I plugged out the network cable and manually removed it in safe mode, then to be sure, re-installed the system. My licence to Norton is still valid tot end of September, then I buy the soft of Emi. Still, some files are encrypted and I doubt that a miracle suddenly occurs.

Share this post


Link to post
Share on other sites
18 hours ago, Hannes said:

... some peope did pay and never got the decryption so called tool.

It's unfortunate, but that's always a risk that people take when they decide to pay the ransom.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.