Jump to content
Posted 02 July 2018 - 04:30 AM
Posted 02 July 2018 - 06:57 AM
If ID Ransomware cannot identify the infection, you can post the case SHA1 it gives you in your next reply for Demonslay335 to manually inspect the files.
... I try to check files by ID Ransomware site but here its nothing helpful to solve problem. Anyone have problem too with nozelesn and know any program to take my files back?
Posted 02 July 2018 - 09:10 AM
Posted 02 July 2018 - 04:32 PM
I have no idea how my laptop became infected. It's my "second" laptop, using from time to time. Last was I have in my dowload history is word press exe file plus some invoices (downloaded from satellic.be), so I'm 99% sure that's not the reason.
Is there any way to find the ransomware executable any suggestion how to start or sth like it?
No all files on my hard driver are encrypted,
Edited by Wisnia, 02 July 2018 - 04:50 PM.
Posted 02 July 2018 - 04:53 PM
You say you have a "wordpress.exe"? Can you upload that to this link please? http://www.bleepingcomputer.com/submit-malware.php?channel=168
WordPress is a PHP software, which is why having a Windows executable for it is very suspicious. WordPress never distributes executables (or anything with .exe extension), so it's definitely going to be a Trojan of some sort at the least.
If I have helped you and you wish to support my ransomware fighting, you may support me here.
Posted 03 July 2018 - 04:00 PM
Got one here in FL. Spread through network share. Shadow copies disabled. I have some of the same files clean and infected if it helps.
Posted 03 July 2018 - 05:02 PM
Just got a call from a business in California. They are being asked for .5 bitcon. Trying a revert from Shadow copies from this morning - already started it before I thought about copying any files out.
The source is unknown from their network, but it seems to have gone through two mapped network drives. It doesn't seem to have impacted shared folders that were not mapped (that I have seen yet).
0 members, 2 guests, 0 anonymous users