@MrMagic the file posted was just the text file with the encryption keys I have since edited the post removed the keys. check again see if nod32 still detects it. The file is clean after I posted last night found out I could have got rid of gandcrab without formatting my system needed fresh install anyway still had all the HP bloatware that came with the machine. I had just kept updating never done clean installation.
Mr X - I checked the file but was not able to verify checksum's. I did get a portion of the public key, which followed a similar pattern as the rest of the public key's I have on record. Can you verify the first 4 and last 4 numbers of the key on your end? Also - the file said the original file name was 7zS.sfx - I assume that is not the same on your end? Sorry I haven't been able to upload a file from my end, but my web connection would not work when I was on the PC I can work with w/ full access. Another question - all of my certificates have the exact same pattern - first 4 digits and last 4 digits are all the same, minor variation in the middle. This is NOT normal correct? I have played enough with PGP keys to know they are fairly random - would be a major coincidence if all keys followed the exact same pattern right? Or am I looking too far into things (smoking crack as it was so elegantly put earlier).
what router model/rev and firmware version? and do you have any switches also ? strange that its on more than 1 pc so it must be the common link = router or switch. if it was 1 pc its likely ram going bad.
I keep getting pointed back to the router, but I have tried a few (granted, the others I tried were extremely old). The hard reset option on my main router doesn't seem to really work (ie, it will not let me do a true factory reset, most settings are changed, but there are some that don't). My router is made by Synology if anyone is familiar. Through research, it appears that they had a major hack that is similar to what I experienced back in 2014/15, but the exploit was supposedly fixed. One weird thing, when the factory reset used to work, it would always tell me the day was something like december 2015. Like I said, it doesn't work anymore. I know absolutely nothing about SSH and how to connect via command line to my router, but I'm pretty sure it is something I need to learn. Does anyone have any good resources - remember, I can't download Putty or some other tool, it would need to be done as primitively as possible, probably through a linux terminal (and I'm not good with Linux). Every time I have tried via command line I get access denied.
Router is a Synology Rt-2600. Firmware is supposedly the latest, but with all of the weird stuff I'm not even sure if it was official firmware. It was downloaded from their site, but how does one know if it wasn't altered on its way (if a MITM attack is occurring for example).
How can it be the router when OP has already said he ran one machine offline completely disconnected from the network for 3 months and experienced the same problem after a clean install?
I think it is worth a shot - I still somehow think it ties back into my damn phone though. I've gotten a new phone since and supposedly unrooted the old phone, but I still think there may be something there. Who knows - I am honestly willing to try anything at this point. Can anyone else verify the public key of the Firefox download in here? I would appreciate it.
So you disconnected a machine, clean installed Windows on it, experienced the same problems yet think the router could be to blame when it was never connected to the machine at all during that time? And why would a phone have any influence on a disconnected machine? Or connected machines at that Root doesn't do anything other than give access to system files, you'd have had to do something pretty strange to have it cause problems with PCs on the network, and not on the network
You need to show us some evidence of what you are claiming, so far it is all just you saying hashes are wrong, but not shown us even a screenshot
Dorian1991 you should change username to DorianTroll. Yadda yadda yadda only but no evidence so far, that equals to trolling.
I'm not trolling man - I am just a little afraid of posting the key because it is almost identical to every other one on my system and I don't know what that means man. Can someone verify the public key on the firefox download please? If it is the same as on my end, I will tuck my tail and walk away. I just find it odd that every single downloaded file from any source has the same exact beginning and end to public key and the other numbers are similar just shifted a place or two. I could be looking WAY too far into it - maybe that is just how it is, but it seems weird. If someone could just tell me the pub key on that ff file I will confirm if it is the same on my end. Sorry to be a bit reluctant to upload stuff - after the year I've had, man, I'm honestly barely holding it together.
How come we are asking you to upload things or post some evidence, yet your reply is just for us to post keys? Post some screenshots, post something we can use How do you know keys are wrong if you don't know what they are meant to be in the first place? Tinfoil like I said originally
Ok man - maybe my "tinfoil" is a bit high due to the circumstances, but what is the harm in you posting keys. If they match on my end, I'll let you know and we will know my foil cap is wound too tightly. I have a strong feeling something is encoded from reading through threads on this site regarding certificates. Just cautious. If someone could tell me what the key should read I would appreciate it. If not - honestly no hard feelings and apologies for wasting your time.
How about you post the keys you have and we match them? This will be resolved a lot sooner if you just post what we have already asked, you reluctance to post anything at all screams BS Sounds like you are looking into things you don't fully understand and inventing scenarios to match them I already posted the hashes of the FF installer & a link for you to download and match it
And I sincerely appreciate your help. The computer I am on does not allow me administrative priv. So I can't verify the hash, can only view the signature key and attributes. When I tried doing it manually in cp, it wouldn't work. If you know of another way to verify them without special sw, please let me know. I am sorry if I came off as upset - I assure you this is real - and I am just tired man . I work on trying to find a solution 5 hrs a day while trying to raise a family and work. It has taken a toll on me.