.mpal virus

Status
Not open for further replies.
mohammad mahdi

mohammad mahdi

New Member
Thread author
May 3, 2020
15
I forgot to say one thing
I made an effort and managed the first error 0x800705aa
But I have a new error:
system restore failed to exctract the file c: / windows fonts / krtica.ttf
error cod: 0x80071160
My ID is an online ID and cannot be decrypted
I have two restore points, but only from drive C.
Is it possible to recover my files with these conditions?
Which problem are you trying to solve?
 
nasdaq

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,597
I do not see any errors.

Is your computer running well?

p.s.
I do not find errors.
When someone has problems with the computer he post the error and we as helper try to solve them.
 
  • Like
Reactions: upnorth
mohammad mahdi

mohammad mahdi

New Member
Thread author
May 3, 2020
15
My files are encrypted by .mpal ransomware
I couldn't recover them because they had an online ID
I want to know if I can recover them with the restore system?
If it is possible to restore, I must correct this error that I receive when restoring:
system restore failed to exctract the file c: / windows fonts / krtica.ttf
error cod: 0x80071160
 
mohammad mahdi

mohammad mahdi

New Member
Thread author
May 3, 2020
15
Hi,
I reinstalled Windows I have two questions now:
1. How do I know if I still have a virus on my device?
2- Is it possible to find a solution for decrypting files later? How can I find out?
 
nasdaq

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,597
Hi,

1. How do I know if I still have a virus on my device?

The scubags do not leave any traces.

For your peace of mind run this tool.

Please download Sophos Virus Removal Tool and save it to your computer's Desktop.
  • Right-click the icon and select Run as administrator.[/*]
  • Click Yes to accept any security warnings that may appear.[/*]
  • Click the Next button.[/*]
  • Select 'I accept the terms in the license agreement', then click Next twice.[/*]
  • Click the Install button and wait until the installation is complete.[/*]
  • Click the Finish button. The tool created a shortcut icon on the Desktop of your computer.[/*]
  • Now, double-click the Sophos Virus Removal Tool shortcut icon to run the tool.[/*]
  • Click Yes to accept any security warnings that may appear.[/*]
  • After it updates and a "Start Scanning" button appears in the lower right:
    • Disconnect from the Internet or physically unplug your Internet cable connection.[/*]
    • Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.[/*]
    • Temporarily disable your anti-virus and real-time anti-spyware protection.[/*]
    [/*]
  • Click the "Start Scanning" button in the lower right to start the scan.[/*]
  • After starting the scan, do not use the computer until the scan has completed.[/*]
  • When finished, if it detected anything there will be a "Start Clean-up" button, click it and allow it to finish.[/*]
  • When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.[/*]
  • If any threats are found click Details, then View Log file (bottom left-hand corner).[/*]
  • Copy and paste its contents in your next reply and note any errors encountered.[/*]
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup.[/*]
  • Click Exit to close the program.[/*]
  • If no threats were found, please confirm that result.[/*]
Note: Whenever necessary, the log will be in the following location:

Windows Vista and above:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log

Please post the contents of the log in your next reply and note any errors encountered.
===

2- Is it possible to find a solution for decrypting files later? How can I find out?
Click to expand...

.MPAL is from the STOP/DJVU familiy of ransomware.

I do not think that a solution will be found in out life time.
The only possibility is if they release the key(s).

Follow this topic.
www.bleepingcomputer.com

ID Ransomware - Identify What Ransomware Encrypted Your Files - Ransomware Help & Tech Support

Page 1 of 101 - ID Ransomware - Identify What Ransomware Encrypted Your Files - posted in Ransomware Help & Tech Support: ID Ransomware ID Ransomware is a website I have created where a victim can identify what ransomware encrypted their files. All too often after a ransomware attack, the...
www.bleepingcomputer.com www.bleepingcomputer.com

p.s.
There are 900+ messages, start by the end.
 
Status
Not open for further replies.

Similar threads

R
  • Locked
Unable to remove 'search-great' browser hijacker; I feel like I tried everything - please help
Replies
3
Views
281
Windows Malware Removal Help & Support
Rman
R
tracker
  • Locked
I am infected with a hijack loader that has never been detected by any antivirus software, and I cannot remove it.
Replies
7
Views
832
Windows Malware Removal Help & Support
nasdaq
nasdaq
D
  • Locked
Need Help Removing Malware Chrome Extension "QuantumNeonious" which is unremovable
Replies
1
Views
385
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top