Hello guys, i want to give more details how i got this ransom virus maybe will help.
i got one activator from a site ( i can provide the site) I install it , and "party started", in first phase i was bombed with pop-up ads from browser, my processor was in full load, task manager was disabled, second phase was, when a window opened fakeing a windows update... in that moment i knew I'm burned.. my pc freezed and i restarted pc and unplugged ethernet cable...but was too late all my files was converted in kvag(no problem i have back-up).
this is infected file
https://www.virustotal.com/gui/file/2af0a8befa92057b9d0499a88fe1ba377c016806cd9da5a346150985f62b1183/detection
in C partition was created a _readme.txt and a folder SystemID with a PersonalID.txt inside.
the weird thing is in read me.txt i have a personal id.... and in personalID.txt i have a diferent one.
Anyway maybe will help someone. If you have more questions hit me with a msg.
have a nice day
Addition.txt
FRST.txt
_readme.txt
PersonalID.txt