Jump to content


  • Content Count

  • Joined

  • Last visited

About JoshRoss

  • Rank

Recent Profile Visitors

2,264 profile views
  1. Oh yeah, I had this problem wor a while. This intruder hijacked every browser I tried to use. I have read a few articles like this one https://www.2-spyware.com/remove-weknow-ac.html or this https://macsecurity.net/view/193-remove-weknow-ac-virus-from-mac and I know now that every new version coming out is slightly changed so it becomes persistent and difficult to remove with common methods. Sneaky developers make our lives difficult. Of course, it is our fault to download things without paying attention.. I tried various methods on various browsers, sometimes a few times until it surely worked. https://productforums.google.com/forum/#!topic/chrome/Vr0sf_NYNuE this discussion was helpful for me. Of course, scanning system with anti-malware is helpful too. Good luck.
  2. This is KeyPass ransomware. It is not that fun because it has a feature of manual control and can do some significant damage. The first thing you should do is read more about the malware. More info in these articles about the activity of this virus. It appears more active than everyone thought: https://www.bleepingcomputer.com/news/security/new-keypass-ransomware-campaign-underway/ https://threatpost.com/new-variant-of-keypass-ransomware-discovered/135018/ Most important thing is DO NOT PAY or contact these criminals. You may get into more trouble this way. They are not trustworthy and this test decryption is fake. They probably just backed your files up so they can fake the decryption. If you want to remove this safely and surely you can follow a guide below this article: https://www.2-spyware.com/remove-keypass-ransomware.html The thing you can do right now when you have it already is getting rid of it ASAP. I hope you have backed your files because decryption is not available. Data recovery tools also are not capable of recovering files on the system that is infected, any backups can be encrypted too, the minute you plug and USB in. So the first thing is to try rebooting your system in Safe Mode with Networking. This way you can see what is happening. Also, employ some anti-malware for full removal since this is a silent infection it may have added a lot of other intruders. Remember that.
  3. You are dealing with ransomware. The best solution is to recover files from a backup, but Data Recovery pro, for example, can help in restoring your data or ShadowExplorer if your ransomware left shadow volume copies.
  4. Data Recovery pro or ShadowExplorer maybe? I have a few examples from fellow nerds that have successfully restored at least some of their files with these tools. I guess the best and the safest way is a file recovery from a backup, but not in this case
  5. Could this be a false positive? I have been getting the same alert for several days now.
  6. Hello, Francisco unfortunately, you are dealing with a new and complicated virus, so there is no official decrypter available yet. However, do not even think about contacting owners of Gandcrab because you can be left with nothing. Cases when they just take victims' money and give them nothing in exchange are quite popular. However, you can try Shadow Explorer which can recover separate files from their shadow volume copies. Check it here: https://shadowexplorer.com/ Besides, if System Restore was enabled on your computer, you can also try using Windows Previous Versions feature. However, this method works only for separate files as well. Here is a detailed guide explaining how to use it properly. Could you tell me how did you get infected with this threat? Virus has been spread with the help of several exploit kits, so I think that there was a spammy email, am I right?
  7. Have you tried Data recovery pro or Shadow Explorer? I believe this virus doesn't remove Shadow Volume Copies of the affected files, so you could use these tools to recover some part of your data. If you have no idea what "shadow volume copy" is, read this Microsoft post. However, keep in mind that this virus keeps encrypting new files if not removed from the system on time. This is a new feature added to ransomware by cyber crooks.
  8. Several days ago piesearch appeared on my computer and I don't know what to do! I have already tried AVG and Kaspersky but they failed to help me. What else can I try to remove piesearch? Can I use these instructions? <deleted link>
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.