What's new
Symbianize Forum

Most of our features and services are available only to members, so we encourage you to login or register a new account. Registration is free, fast and simple. You only need to provide a valid email. Being a member you'll gain access to all member forums and features, post a message to ask question or provide answer, and share or find resources related to mobile phones, tablets, computers, game consoles, and multimedia.

All that and more, so what are you waiting for, click the register button and join us now! Ito ang website na ginawa ng pinoy para sa pinoy!

Ransomed@india Virus infected ang workstation ng namin HELPPPPP!!!!

Allego said:
Re-install then restore from BACKUP (kung meron man). At saka paano ba kayo nainfect?

- - - Updated - - -

Please guys ugaliing magbackup ng files. At saka huwag basta magrely sa mga AV or other Security Soft niyo. Need niyo rin maging alerto at gamitin ang common sense.
Click to expand...

d namin alam pano nakapasok eh... ine explore ko na mga file system... naka scan remove na rin ako... recovery na lng talaga... ang problema eh alang backup point ang PC... bagong user lang kasi ako... naipasa lng sa akin ung tasking sa office... eh general use tong PC na to d namalayan na may na open pala sila or na i download...

Ala na po ba ibang paraan? na basa at nagawa ko na lahat eh... Newer version pa na man ng GandCrab v5.0.3 ang naka dale... eto ung ransom note nya oh...


___________________________________________________________________________________________________________________________
---= GANDCRAB V5.0.3 =---

***********************UNDER NO CIRCUMSTANCES DO NOT DELETE THIS FILE, UNTIL ALL YOUR DATA IS RECOVERED***********************

*****FAILING TO DO SO, WILL RESULT IN YOUR SYSTEM CORRUPTION, IF THERE WILL BE DECRYPTION ERRORS*****

Attention!

All your files, documents, photos, databases and other important files are encrypted and have the extension: .DBWNKRRGC

The only method of recovering files is to purchase an unique private key. Only we can give you this key and only we can recover your files.


The server with your key is in a closed network TOR. You can get there by the following ways:

----------------------------------------------------------------------------------------

| 0. Download Tor browser - https://www.torproject.org/

| 1. Install Tor browser
| 2. Open Tor Browser
| 3. Open link in TOR browser: http://gandcrabmfe6mnef.onion/949a3e4058176fef
| 4. Follow the instructions on this page

----------------------------------------------------------------------------------------


On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.


ATTENTION!

IN ORDER TO PREVENT DATA DAMAGE:

* DO NOT MODIFY ENCRYPTED FILES
* DO NOT CHANGE DATA BELOW

---BEGIN GANDCRAB KEY---
lAQAAEpsrqz7IyGlPNVuR6j/ft/zQW3Y6HfCd3Gu5mMrQ3FvYASJ7T1n9TDOpuUwB2uTeMZEV+uuromdTwqXqV0R4eq72OHFiO9BDS1IaISdkdtZVv5TZ211HEwVfUjwwmEcnXy5O+VjhIKNo4YTS3g2hKUAdVUV6FEPfCvId5VWcdjdoJ06s8RKR6yH6nXzqLuUiWSdNdNSfozarwqkctBAeO8ZLllbnW1qIsLh1AoY9znaKBTAVqrzf2V/W3dwTUesQU+U4fck90v0wetL36IwTw1hwVs6XWGlC1wrGWD44N1HvJaTNepeBR590a26u6qxl5fQihtLjlTQVOSB9fAIWUV9qVBbZbneVCfeBwJzc6bIqD5Wc/CO7vtkH2684RExRm2RzMOOz2hZ8YZuZg8GGL4P2KJXl3tsEoJNaI87pctC3oAkhKE4qREROHTyilQf0d7VZiZC1Tf5PEsQB6faYbHHme3RG+0XrcvGD8CkpLvDCDXraQP1XoxNoSl2tPw6lElx4NdjCWSu+WxI2jP/v2KyVyWhn79RPsgvsnFQQnmM+tivvjjqJ5LgD53kEruP7pMSDdxjwR7i9L6K4R+4J+FXEZ5AAZgZNcNivPwXX9NORgp26usuUXPI9UyHshgTtJvVWTcAONDEqmJR7M5V0C+L6GUh/grRwFyfHwQBqQso86DdEg/SUp2PchsMGAjN0qCEi3y41oN3WxUM4/1TO3teNH/YL2kSV2ujMTlnUX/MKM/Dmrf5XWN6Ynnx5DZTSnE5dXLyn2wEqIxanfj9F7rL028A5/hVjSaA8PgfHVtNn/6Ap1h3DE997sjG81Wt6PlASZtCH8ooOdN3d0i8vgHQF4q8auI6BaFAkejvTsm6tl+9AT2JoAqjD4xCqbTok6w3TKgevHFyOBZrwzg+DlvfZvtwthQg5Tj83t6tQ3OUx/a5lkXlk6faYyjbD3lNGuCT9VhUiR6irsMz8qzzEKQaGdg9R8RYVfgnpi4RcMt7paylV3gzPFDd8iAsog5eLOqRAwZJWHZLUHWD0rIxJWfqVaDfCuxw3mn/Tzo8V/Hi00D8cIXpqbdMBersDlCevgbv2VnT/GBET5ihNYrhKB1OQSeTuUOtTaZShqjqdwd/IB9jttB4PcNU428OckdKZ2Vxw6MDPWQr6ep1itAPF3BipAgDL7viUT5JqkDL5UPPG67oBx0JVqYvdp/IbTqLlNDqxAGrJP7qYWUR2yArlc9OcHVqF1tJVsKbnPeHnCN7Y+6Atmu+Y6yNCjMJPjqSRez+i8qP8XqF/A4FmJcrPp1X8bpJ24XRDdD7khejBK0nWSD1tqzNCFq5h2uJSBnbxsmN+TmoB44+pc9K8v5yrEcsQOZv/tMSJpbCyuqrwg5pnmI/HcwhFZG092W4U+ELV9Z4TZ6q1tFEsiGG9TxvEJfZFvwkYUuPFcu8TwPTM3FhsVOK+5gEl0f0ly8fvOpqxr4SieSSQGSOZsgTs200somO4+QkwGiykIQX4zmYhBNoHaNP0ir9n9g1ctXcE035fcAa/pdJa+HdCyGk+aAP8ALrxBoG8I1DdUdzCzOSoAMWaUX8AvGe+L1w/pID/D5hCJ552bKdNNUfBbKMtPBEw0zB48FWvC7cpxIJ0+6c/2zHL+QZoxETPeqBXokJVCFEH8YRlYtbLNruSAsoRaQVt4ps5UmcClkwTAHIQapP6Q+Qt2BqG+uNFsLoLTqNVkubUHmzO6xqsFwrORlek0ZT9rBV0ojFrDhx04DjJreRTUpCFy3qLPi7UVZ5bJslms7I92wGo8131h69/pZsjzvZLbeSSh8wTXLuTOZTbDvzF5aVGiGZ044jh07gtU+ZmzOWdno8MieDVaItXIXKCgDBbuBxpurZdiL/K8OBkXpwlqSfT0DxB39HIa2jBpUPxEnOjSxP/QJzmVV49sl1KYEOzV7UPgR5oETyV82RJYwp6JO0eWr7EIsqkilAxrRcgbRITmNzeLS/UJL/AaJjnhyplGDyJadomtq8nV3QPep7NYmhtkwI+zvPVmQlTNCWJ8HEt3fncT7kr+GJx9kS/kg7FGkZWCoQ4bCfRxxqu7Kb5g98ArFV46dFU1opoi34aNsxpGfSFFwYYgNIN8uRxhmrabADyzCnBl+I85Rfrb7lD2oVc4zs7KAThdi2qb1V7hX+ccHgTnO8wmEsy51B4XHvF91lTYi1CsIRQBYdfHvjHcexGllTQE+/HK3AAn5Shw18ZVdINV0=
---END GANDCRAB KEY---

---BEGIN PC DATA---
wfKD6iudumBkmpL8IRr4U5WxRlbjOWvtzTxfOqr1yVYkvOOWbx54YfJdrZZHTpRR2HYv7ltWurfyTFOHzx5vBI/z0dMy74D6b0GsDA7iP5Je8+jFFf+JmE+oJZB0LrmjwfxL2RTxNpKZiquhCUSpArwApLZHOOeX7rnTbQ0kb3Q5bcWWnsCdYd9YWqSCxvgpHY4o28uARlLqZEtVpwPEuV3cBCJ72POMIEO0MLQPiopqLFeTBZxYmtsoV3Z+P/c/DvqD1vJziDbxjcZAGXgul4VnUt1wCA4xZw7tDMIr6H19SibFRw+kkb0tbdivqc6nrrrr57JivrEdkRHBtOKp/282FesvGopYb1rWBiPtrRHTEdEboCcV4t+4baa0Y51yf4z72S+ilZQWTRwqZFPJJPsJy5EdwKYoaxPJnKw+Ce5aALqfjmE+g6prIA3hxA5KwA7oZibpCxFE3vbLNOau1w8ZMXQTRlyKfjnN1iXgfn97mTHf8CyHQT1n8rIvlsew7XILVY7pdDf1fBwcdcBlP39NhH9JQ3DC3KZCEuDtLkioBYpMbpHxHpIOeL/GRc8P/YkqV67u57PNzND9e3ZAh5wzhOwRRaltU//bbjrWqOJXXsVecdRo9BthZVKD2rNgl2nELVczhwsHfnH5T2ENiXsEl7JcT+7bGQEhKYj/kTM3dA==
---END PC DATA---

___________________________________________________________________________________________________________________________
 
ryxus said:
d namin alam pano nakapasok eh... ine explore ko na mga file system... naka scan remove na rin ako... recovery na lng talaga... ang problema eh alang backup point ang PC... bagong user lang kasi ako... naipasa lng sa akin ung tasking sa office... eh general use tong PC na to d namalayan na may na open pala sila or na i download...

Ala na po ba ibang paraan? na basa at nagawa ko na lahat eh... Newer version pa na man ng GandCrab v5.0.3 ang naka dale... eto ung ransom note nya oh...


___________________________________________________________________________________________________________________________
---= GANDCRAB V5.0.3 =---

***********************UNDER NO CIRCUMSTANCES DO NOT DELETE THIS FILE, UNTIL ALL YOUR DATA IS RECOVERED***********************

*****FAILING TO DO SO, WILL RESULT IN YOUR SYSTEM CORRUPTION, IF THERE WILL BE DECRYPTION ERRORS*****

Attention!

All your files, documents, photos, databases and other important files are encrypted and have the extension: .DBWNKRRGC

The only method of recovering files is to purchase an unique private key. Only we can give you this key and only we can recover your files.


The server with your key is in a closed network TOR. You can get there by the following ways:

----------------------------------------------------------------------------------------

| 0. Download Tor browser - https://www.torproject.org/

| 1. Install Tor browser
| 2. Open Tor Browser
| 3. Open link in TOR browser: http://gandcrabmfe6mnef.onion/949a3e4058176fef
| 4. Follow the instructions on this page

----------------------------------------------------------------------------------------


On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.


ATTENTION!

IN ORDER TO PREVENT DATA DAMAGE:

* DO NOT MODIFY ENCRYPTED FILES
* DO NOT CHANGE DATA BELOW

---BEGIN GANDCRAB KEY---
lAQAAEpsrqz7IyGlPNVuR6j/ft/zQW3Y6HfCd3Gu5mMrQ3FvYASJ7T1n9TDOpuUwB2uTeMZEV+uuromdTwqXqV0R4eq72OHFiO9BDS1IaISdkdtZVv5TZ211HEwVfUjwwmEcnXy5O+VjhIKNo4YTS3g2hKUAdVUV6FEPfCvId5VWcdjdoJ06s8RKR6yH6nXzqLuUiWSdNdNSfozarwqkctBAeO8ZLllbnW1qIsLh1AoY9znaKBTAVqrzf2V/W3dwTUesQU+U4fck90v0wetL36IwTw1hwVs6XWGlC1wrGWD44N1HvJaTNepeBR590a26u6qxl5fQihtLjlTQVOSB9fAIWUV9qVBbZbneVCfeBwJzc6bIqD5Wc/CO7vtkH2684RExRm2RzMOOz2hZ8YZuZg8GGL4P2KJXl3tsEoJNaI87pctC3oAkhKE4qREROHTyilQf0d7VZiZC1Tf5PEsQB6faYbHHme3RG+0XrcvGD8CkpLvDCDXraQP1XoxNoSl2tPw6lElx4NdjCWSu+WxI2jP/v2KyVyWhn79RPsgvsnFQQnmM+tivvjjqJ5LgD53kEruP7pMSDdxjwR7i9L6K4R+4J+FXEZ5AAZgZNcNivPwXX9NORgp26usuUXPI9UyHshgTtJvVWTcAONDEqmJR7M5V0C+L6GUh/grRwFyfHwQBqQso86DdEg/SUp2PchsMGAjN0qCEi3y41oN3WxUM4/1TO3teNH/YL2kSV2ujMTlnUX/MKM/Dmrf5XWN6Ynnx5DZTSnE5dXLyn2wEqIxanfj9F7rL028A5/hVjSaA8PgfHVtNn/6Ap1h3DE997sjG81Wt6PlASZtCH8ooOdN3d0i8vgHQF4q8auI6BaFAkejvTsm6tl+9AT2JoAqjD4xCqbTok6w3TKgevHFyOBZrwzg+DlvfZvtwthQg5Tj83t6tQ3OUx/a5lkXlk6faYyjbD3lNGuCT9VhUiR6irsMz8qzzEKQaGdg9R8RYVfgnpi4RcMt7paylV3gzPFDd8iAsog5eLOqRAwZJWHZLUHWD0rIxJWfqVaDfCuxw3mn/Tzo8V/Hi00D8cIXpqbdMBersDlCevgbv2VnT/GBET5ihNYrhKB1OQSeTuUOtTaZShqjqdwd/IB9jttB4PcNU428OckdKZ2Vxw6MDPWQr6ep1itAPF3BipAgDL7viUT5JqkDL5UPPG67oBx0JVqYvdp/IbTqLlNDqxAGrJP7qYWUR2yArlc9OcHVqF1tJVsKbnPeHnCN7Y+6Atmu+Y6yNCjMJPjqSRez+i8qP8XqF/A4FmJcrPp1X8bpJ24XRDdD7khejBK0nWSD1tqzNCFq5h2uJSBnbxsmN+TmoB44+pc9K8v5yrEcsQOZv/tMSJpbCyuqrwg5pnmI/HcwhFZG092W4U+ELV9Z4TZ6q1tFEsiGG9TxvEJfZFvwkYUuPFcu8TwPTM3FhsVOK+5gEl0f0ly8fvOpqxr4SieSSQGSOZsgTs200somO4+QkwGiykIQX4zmYhBNoHaNP0ir9n9g1ctXcE035fcAa/pdJa+HdCyGk+aAP8ALrxBoG8I1DdUdzCzOSoAMWaUX8AvGe+L1w/pID/D5hCJ552bKdNNUfBbKMtPBEw0zB48FWvC7cpxIJ0+6c/2zHL+QZoxETPeqBXokJVCFEH8YRlYtbLNruSAsoRaQVt4ps5UmcClkwTAHIQapP6Q+Qt2BqG+uNFsLoLTqNVkubUHmzO6xqsFwrORlek0ZT9rBV0ojFrDhx04DjJreRTUpCFy3qLPi7UVZ5bJslms7I92wGo8131h69/pZsjzvZLbeSSh8wTXLuTOZTbDvzF5aVGiGZ044jh07gtU+ZmzOWdno8MieDVaItXIXKCgDBbuBxpurZdiL/K8OBkXpwlqSfT0DxB39HIa2jBpUPxEnOjSxP/QJzmVV49sl1KYEOzV7UPgR5oETyV82RJYwp6JO0eWr7EIsqkilAxrRcgbRITmNzeLS/UJL/AaJjnhyplGDyJadomtq8nV3QPep7NYmhtkwI+zvPVmQlTNCWJ8HEt3fncT7kr+GJx9kS/kg7FGkZWCoQ4bCfRxxqu7Kb5g98ArFV46dFU1opoi34aNsxpGfSFFwYYgNIN8uRxhmrabADyzCnBl+I85Rfrb7lD2oVc4zs7KAThdi2qb1V7hX+ccHgTnO8wmEsy51B4XHvF91lTYi1CsIRQBYdfHvjHcexGllTQE+/HK3AAn5Shw18ZVdINV0=
---END GANDCRAB KEY---

---BEGIN PC DATA---
wfKD6iudumBkmpL8IRr4U5WxRlbjOWvtzTxfOqr1yVYkvOOWbx54YfJdrZZHTpRR2HYv7ltWurfyTFOHzx5vBI/z0dMy74D6b0GsDA7iP5Je8+jFFf+JmE+oJZB0LrmjwfxL2RTxNpKZiquhCUSpArwApLZHOOeX7rnTbQ0kb3Q5bcWWnsCdYd9YWqSCxvgpHY4o28uARlLqZEtVpwPEuV3cBCJ72POMIEO0MLQPiopqLFeTBZxYmtsoV3Z+P/c/DvqD1vJziDbxjcZAGXgul4VnUt1wCA4xZw7tDMIr6H19SibFRw+kkb0tbdivqc6nrrrr57JivrEdkRHBtOKp/282FesvGopYb1rWBiPtrRHTEdEboCcV4t+4baa0Y51yf4z72S+ilZQWTRwqZFPJJPsJy5EdwKYoaxPJnKw+Ce5aALqfjmE+g6prIA3hxA5KwA7oZibpCxFE3vbLNOau1w8ZMXQTRlyKfjnN1iXgfn97mTHf8CyHQT1n8rIvlsew7XILVY7pdDf1fBwcdcBlP39NhH9JQ3DC3KZCEuDtLkioBYpMbpHxHpIOeL/GRc8P/YkqV67u57PNzND9e3ZAh5wzhOwRRaltU//bbjrWqOJXXsVecdRo9BthZVKD2rNgl2nELVczhwsHfnH5T2ENiXsEl7JcT+7bGQEhKYj/kTM3dA==
---END PC DATA---

___________________________________________________________________________________________________________________________
Click to expand...

wala na talaga pag-asa yan kaya move on na and learn a lesson. Kaya next time mag-backup kayo palagi at saka watch out kung anu-ano inoopen niyo. And remember, kahit na may security software pa kayo like an AV kung tarantado naman yung user, useless din.
 
TS! Try mo maginstall ng antivirus ng Hiren. Most of the Hiren AV is for WinXP and WinXP is hindi kayang maransomware. Maaring madecrypt ng lumang antivirus malwares ang files nyo.
 
ask lang po kung ok ba si deepfreeze pang support kung sakaling
mapasok ni ransomware ?

anyone tia?
 
phoksz said:
TS! Try mo maginstall ng antivirus ng Hiren. Most of the Hiren AV is for WinXP and WinXP is hindi kayang maransomware. Maaring madecrypt ng lumang antivirus malwares ang files nyo.
Click to expand...
Too late to install AV. At saka useless na kasi encrypted na files nila. Hindi naman nagdedecrypt ang mga AV.

soryweaku said:
ask lang po kung ok ba si deepfreeze pang support kung sakaling
mapasok ni ransomware ?

anyone tia?
Click to expand...
Kung naka deep freeze ka tapos napasukan ka ng ransomware, you're probably safe. Remember there's no 100% protection. Meron dyang malware na kaya mabypass ang deep freeze.
 
wala pa pong known decryptor ang grandcrab unfortunately :(
 
ask ko lang mga kaMOBI. :help::help::help:

Pwede ko ba idelete yung file na navirusan ng (.btc) tas irestore ko sya gamit mga data recovery software?

possible bang ang marecover ko eh yung mismong file at ndi yung infected? thanks in advance
 
Mga ka mabilarian ..patulong nman po na ecrypt po ng GANDCRAB 5.0.4...Diko n ma open mga files ko..please any idea po para maayos..big tango sa makakatulong..
 
xaragcl said:
:upset::upset:

Kanina lang po ito, sa printing shop namin, nainfect ng malware yung pc namin na sobrang daming files na mga trabaho namin... lahat ng

.3gp, .7z, .apk, .avi, .bmp, .cdr, .cer, .chm, .conf, .css, .csv, .dat, .db, .dbf, .djvu, .dbx, .docm, doc, .epub, .docx, .fb2, .flv, .gif, .gz, .iso .ibooks, .jpeg, .jpg, .key, .mdb .md2, .mdf, .mobi, .mkv, .mov, .mp3, .mp4, .mpg .mpeg, .pict, .pdf, .pps, .pkg, .png, .ppt .pptx, .rar, .rtf, .scr, .swf, .sav, .tiff, .tif, .tbl, .torrent, .txt, .vsd, .wmv, .xls, .xlsx, .xps, .xml, .zip, .js, .php, .rbw, .rb, .mrg, .dcx, .db3, .sql, .sqlite3, .sqlite, .sqlitedb, .psd, .psp, .pdb.

files na infect at na encrypt... wala tuloy kami matapos... hindi namin pwd basta reformat kasi sobrang hirap din install ng program pang cutter plotter namin nadedetect nya ang multiple installations...

ano ba gagawin aside sa reformat... :upset:
Click to expand...


Just Don't delete/move any ransom notes po kapag nakaopen ng ransomwares gaya ng gandcrab or shutdown agad para mapigilan ang paginfect sa ibang files. Try mo lang itong decryption tool na ito (link below). Gumana sa akin at narecover ko naman lahat ng files ko. Kung madecrypt mo na, copy and save mo nlng yung mga original files mo sa ibang storage. Then install ka nlng antivirus for future protection such as Kaspersky. Sana po kahit papaano makatulong :pray::thumbsup:

https://labs.bitdefender.com/2018/1...iple-versions-of-gandcrab-with-new-decryptor/
 
Last edited:
boss may solution pa sa mga files nyo gamit kayo ng easus data recovery technician 9 medyo matagal nga lang mag scan comporme sa laki ng files nyo
na recover ko ung sakin nasa folder sya ng other recovered files ung iba puro .djvur na pero endi mo lahat ma sasalba pero atleast meron sana maka tulong
 
Try mo Sytem restore kung meron, search mo how to system restore earlier, may case na ako n ganyan, na restore ko nman mga files, kung i scan mo kc sa mga AV yan may mga possibilities n lalo madelete mga files mo, kc na decode na ung mga files na executable. hehe, pa try lng and feedback.or gamit ka ng recovery software and scan ung earlier date na gumagana files mo,and mas advice ko na mag upgrade kayo ng firewall nyo or SSL sa gateway or AV for Server. :), nag oonline payment or money transaction kayo siguro, hehe
 
Last edited:
sanamakita said:
maybe online sir,..pag ransomeware ang umataki....

- - - Updated - - -



anong bang ransomeware ang umatake sayo.....maraming ransomeware na virus na may medicina na..
pag ang ransomeware na natikman mo ay ang crypton ransomeware..iwan ko lang...kung makakakuha
kapa ng medicina..pati ako hanggang ngayon tumutuklas pa rin ..na hanggang ngayon hindi
nawawalan ng pag-asa makakakuha ng tamang medicina na ito...meron man.pero,..
kinunan na ng bisa sa paggaling ng crypton virus sa developer.
swerte lang ang nakakakuha ng unang release nila kasi tamang bisa yon....
Click to expand...


"All files encrypted RSA1024" ano pong klaseng ransomware virus ito sir . thank you

"[email protected]"
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom