Jump to content

Search the Community

Showing results for tags 'ransomeware'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. okay so idk what happened i was sleeping and when i woke up i saw a zip file open with the virus located in the attached zip file. i immediately shutdown my pc and tried using couple of my usbs to try fix windows without logging in. ps: it didnt work i was able to get into windows and for some reason my firewall was disabled too. i tried going to Kaspersky website to download the dycryptors but they didnt work. (I have Premium) Malwarebytes didnt do a good job at stopping that ransomewhere and some of my files are encrypted with .BTC extension Links: https://www.virustotal.com/gui/file/28a336f7782290cfbe6f91b1a93a99c25c1fe77e78c47311232a7e6ef25913b1 https://app.any.run/tasks/b017b922-f20f-4e41-b490-2af1fd1b0c9f https://opentip.kaspersky.com/28A336F7782290CFBE6F91B1A93A99C25C1FE77E78C47311232A7E6EF25913B1/ https://www.hybrid-analysis.com/sample/28a336f7782290cfbe6f91b1a93a99c25c1fe77e78c47311232a7e6ef25913b1 https://analyze.intezer.com/analyses/1acd7d34-4c42-4d6f-86d4-3d946d73cec3/genetic-analysis scan report.txt
  2. Greetings all. Because I've been struck by ransomeware before, I'd like to take the non-boot disk drives offline. I'm seeking a simple program or batch file to rapidly take the other disks (say, Disk 2 and Disk 3) offline. And, then, following some random execution of suspect program and being safe, to rapidly put the disks back online. Any guidance greatly appreciated. Nicholas Kormanik
  3. my desktop pc is attached by ransomware last week. all my files are encrypted in the extension of .IPM attached screenshors is more details about the ransomewre. i found few files files left over in my pc. i believe it belongs to the hacker. if anyone needs the files to find the decryption tool. i will sent it over to you. i need a big help from you all. thanks alot...
  4. clintont


    Julia is not malware/ransomware/anything bad. source: https://julialang.org/ https://en.wikipedia.org/wiki/Julia_(programming_language) Log: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/27/19 Protection Event Time: 2:26 PM Log File: f1fb065a-1164-11ea-996f-380025ace9a4.json -Software Information- Version: Components Version: 1.0.764 Update Package Version: 1.0.15482 License: Premium -System Information- OS: Windows 10 (Build 18362.476) CPU: x64 File System: NTFS User: System -Ransomware Details- File: 3 Malware.Ransom.Agent.Generic, C:\USERS\CLINTON\APPDATA\LOCAL\Julia-1.3.0\julia.lnk, Quarantined, 0, 392685, Malware.Ransom.Agent.Generic, C:\USERS\CLINTON\Desktop\julia.lnk, Quarantined, 0, 392685, Malware.Ransom.Agent.Generic, C:\Users\Clinton\AppData\Local\Julia-1.3.0\bin\julia.exe, Quarantined, 0, 392685, 0.0.0 (end)
  5. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 9/15/19 Scan Time: 9:08 AM Log File: 0c400db0-d7d3-11e9-987a-04d4c458abc6.json -Software Information- Version: Components Version: 1.0.625 Update Package Version: 1.0.12487 License: Premium -System Information- OS: Windows 10 (Build 18362.356) CPU: x64 File System: NTFS User: System -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Scheduler Result: Completed Objects Scanned: 278773 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 2 min, 19 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  6. Recently been attacked, all my files have now changed to ,pptx type, no matter what type of file is on my system audio video exe all are changed to powerpoint file type i have tried almost every tool for decryption but no use, also identification methods online cant identify it as well i need help cuz all my data is very important to me and cant access it any news for the same attack or any progress in decrypting it will a help hope this gets over soon here is the message present in every folder in a text document: Your files are Encrypted! For data recovery needs decryptor. How to buy decryptor: 1. Download "Tor Browser" from https://www.torproject.org/ and install it. 2. Open this link In the "Tor Browser" http://huhighwfn4jihtlz.onion/sdlsgdewwbhr Note! This link is available via "Tor Browser" only. ------------------------------------------------------------ Free decryption as guarantee. Before paying you can send us 2 file for free decryption. ------------------------------------------------------------ You unique ID so n so ( a very long id)
  7. Hi I have the same problem with my desktop computer. All my files were changed to .PPTX. I need someone willing to help please. All the encrypted file are too important. I can't just delete them. Here's the same note they left. Your files are Encrypted! For data recovery needs decryptor. How to buy decryptor: 1. Download "Tor Browser" from https://www.torproject.org/ and install it. 2. Open this link In the "Tor Browser" http://huhighwfn4jihtlz.onion/sdlsgdewwbhr Note! This link is available via "Tor Browser" only. ------------------------------------------------------------ Free decryption as guarantee. Before paying you can send us 2 file for free decryption. ------------------------------------------------------------ You unique ID 6C 6D 88 01 C4 55 06 B2 F8 17 13 E4 BC 98 AA FB 02 11 FD 90 2D EE 08 6E AF 32 E5 20 3C 52 16 F8 B6 9B 0B 12 35 53 14 DF FF 71 F4 BF B9 6B A9 90 7B 4B 3E B8 84 C8 B5 D0 3C 93 24 FE 27 EB 93 49 7D A1 CE 39 28 57 34 B4 CB 5D F3 EB 39 80 FB 31 9E FA CD 54 0A 43 D9 05 0C B5 01 0E 50 84 6F 6A 10 51 2D 47 06 D5 C7 F2 EC 8F AD D8 06 FC FE 8D BE 5A BF 25 36 94 22 F7 45 9F 8C 9B F3 CC 0D 89 99 D3 94 14 4D AA F2 23 53 9E 6F A3 15 E6 89 2D C6 84 E0 95 2E D2 7E 05 56 06 08 93 C7 6B A1 FC 99 ED D7 45 8F 3F DC F9 B7 61 9D F9 D2 01 B8 E5 74 39 2E 86 00 AE C7 9A 3A 83 40 33 6F 80 20 2C 8A 69 8C 9C 06 57 A2 CB 1B 02 A1 65 8F 1E CD 5C C5 1F 0A E8 EE 8B 85 6A AB 15 C4 16 AE 68 AD 18 FA 13 7A B8 4A 4B 3D CA 28 EA 5E D7 91 93 FE 80 5D 8F 35 50 EE CE C5 B7 AE 63 34 6E EF 8F 7F A8
  8. Please help me. I have this problem too, all my files changed to .pptx. Here to find the alternatives. Thanks.
  9. Hello! I have the following problem: I am using MBAM Premium 3.5.1, and when i open a Website in Google Chrome it freezes and Crashes within Minutes! If i disable MBAM, everything works fine, without troubles!! Sorry for my Bad English, but I hope everyone knows what I mean I already have Downloaded the MBAM Clean 3 Tool, and reinstalled MBAM 3.5.1 After re install the Problem is back again Best Regards Xenon
  10. Hello, I was forced to shutdown my Computer after I found out that parts my Harddrive have been encrypted. The were renaimed with a contact Email but I do not remember. Since Bitlocker is used on my Computer and on all three Devices, how do I proceed from here? Thanks for any advice in advance. Phil
  11. Hi, MBAM Premium last night quarantined an old version of Adobe Lightroom 1.4 (that I have used for years) as I was using Lightroom to catalog photos. MBAM identified lightroom.exe and two Win 7 desktop links to lightroom.exe as Malware.Ransom.Agent.Generic. Lightroom is indeed inaccessible now from the Windows Start Button as lightroom.exe is missing from its folder tree under C:\Program Files (x86). Could someone please tell me if ransomeware is capable of imbedding itself into a Windows application executable file (from Adobe)? If not, I will know that I can safely restore the quarantined executable file and chalk off the occurrence as a false positive. If ransomeware IS capable of embedding itself into a Windows application executable, not sure what to do. Please help! And thanks, Bruce
  12. I have been using this dev environment for years. The only change (a month ago) was to ioncube to allow for the latest version. Not sure why, but today, I see that this was stated as ransomware. I really don't believe this is the case. I have noticed a lot of false positives with the app across many devices so this leads me to question every report this gives now. I'm pretty sure this is a false positive so I am posting this here to hope this helps fix more false positives in the future. I do want to make note, the only thing I did lately was install Oculus rift on my computer. Not sure if that could cause any issues here... Thanks report.txt LOGS.zip php.zip
  13. web protection & ransomware are off, wont turn on. Version 3.2.2 Up to Date Protection disabled. Help?
  14. Same problem, to an extent. Also Version 3.2.2. While my ransomware is On, my Web protection stubbornly stays Off. If I try to turn it On, it says "Starting," but then just dies and reverts back to Off.
  15. I just got the same. Ransomware protection stuck on starting. I solved it for now by restarting the Malwarebytes Service and restarting the MB application.
  16. Ransomeware switch. I never turned it off. Yet it is off. Has been starting now for over 50 minutes. How do I get it back on??
  17. For reasons I won't go into, primarily that sometimes I am an idiot, I had to restore my desktop to factory settings last night. This morning, I reinstalled Malwarebytes Premium v 3.0.5. I got a message that some real time protection features were turned off. I was able to turn on everything but Ransomware Protection. When I tried to turn that on, it says Starting... by the button and just hangs. It's been like that for a good 15 minutes now. Help? My computer is a Dell XPS 8910 and I'm running Windows 10 Home. Thanks in advance for any help.
  18. My Photoshop.exe file was just quarantined. Here is the report. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 6/5/17 Protection Event Time: 2:23 PM Logfile: Administrator: Yes -Software Information- Version: Components Version: 1.0.103 Update Package Version: 1.0.2090 License: Premium -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: System -Ransomware Details- File: 1 Malware.Ransom.Agent.Generic, C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe, Quarantined, [0], [-1],0.0.0 (end)
  19. Hi, Here is ransomeware Cryptolocker I can not see my data - Pics mainly which are more dear to me than any other data.. I have attached the file. It looks like that on my desktop. Kindly suggest solution. Regards, Kudoscurd
  20. I have somehow the same problem. I have backup, but still not the latest version. If it would help i can provide clean nonencrypted version of the file and encrypted version.
  21. As a photographer the last thing I ever thought would happen would be my copy of Malwarebytes 3.0 misidentify and remove a copy of Photoshop.exe from my computer thinking it was ransomware.. I have not rebooted hoping that there is a way to get the file back and working. Can anyone help me?
  22. I keep getting notices of outbound detections as well as some inbound from skype. I accidently opened a suspicious file from skype that is a known ransomware. However, i have not been held ransom yet but I do suspect a virus is on my computer. I own malwarebytes premium as well as webroot (which caught something trying to install when that suspicious file opened). I ran the FRST.txt file as required. Please see attached. Addition.txt FRST.txt
  23. My MB 3.05 on 64-bit W8.1 had the same issue after couple of days of installing MB. The web protection would not start, no matter what I've done. As a last result prior to removing MB, I've logged in as local admin and tried starting the web protection. Low and behold, the web protection activated just fine. I am not certain why the web protection stopped and why the standard (non-admin level) user account wasn't able to start it.
  24. For me, malware realtime protection was off on a perfectly clean windows 10 installation. I enabled it and it was also stuck at starting. I waited a few minutes and restarted my PC. Every since then, it is set as "on" and everything seems to be working fine. Looks more like a visual glitch where the button does not move from "starting" to "on"
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.