Become a fighter against malware and join the forum at SensorsTech!  The SensorsTech’s forum is the place where you can solve your PC issues and educate yourself about malware. You are welcome to discuss various security topics with our professional team and other users like you! To unlock all features of the forums, you have to create an account. Otherwise, you can only browse the topics without taking part in the discussions. To leave a comment or ask your questions, read our Registration Agreement and create your free account here.

Recent Posts

Pages: [1] 2 3 ... 10
1
Malware Removal Questions and Guides / Re: I'm a victim of this ransomware
« Last post by Execute on September 10, 2018, 05:40:24 pm »
My server also was encrypted and all files got encrypted. They now have '.combo' extension (Filename.ppsx.id-********.[[email protected]].combo). After long search, I found out, that there is no decryptor for it.
With no other choice I wrote to email, and since data on server was important, decided to pay. We dealed on 0.8 btc, and I paid on my own risk.
Guys have send me the decryptor right after transaction approved, and they've seen it.
If your data is important I advice you to pay. Do not use other decryptors - they've destroyed my test files

Hello @hercules_puaro,
I don't know who you are but you could be from the cybercriminals trying to get people to pay. Advising others to pay the ransom is questionable to say the least. There is a new ransomware that is encrypting servers and asking 0.8 Bitcoin as a ransom payment in the moment, which is called "Forbidden Rasd". It might be the same cryptovirus or something based on it. For the time being there is no decryptor, but one might be made in the future. I am sad if you were indeed a victim and felt that you had no other choice but to pay the ransom sum.

I hope that less people encounter such trouble, just from knowing about it and how to prevent infection.

Best Regrads,
Execute
2
Malware Removal Questions and Guides / Re: I'm a victim of this ransomware
« Last post by hercules_puaro on September 06, 2018, 02:31:03 pm »
My server also was encrypted and all files got encrypted. They now have '.combo' extension (Filename.ppsx.id-********.[[email protected]].combo). After long search, I found out, that there is no decryptor for it.
With no other choice I wrote to email, and since data on server was important, decided to pay. We dealed on 0.8 btc, and I paid on my own risk.
Guys have send me the decryptor right after transaction approved, and they've seen it.
If your data is important I advice you to pay. Do not use other decryptors - they've destroyed my test files
3
Malware Removal Questions and Guides / Re: need help decryptor gandcrab 2 and 3
« Last post by Execute on September 05, 2018, 09:36:42 am »
Thank you very much for the help !!!

You are welcome! I hope you have success in the restoration of your data!
Don't hesitate and write if there is anything else you want to ask.
4
Malware Removal Questions and Guides / Re: need help decryptor gandcrab 2 and 3
« Last post by camachousa on September 04, 2018, 05:15:33 pm »
Thank you very much for the help !!!
5
Malware Removal Questions and Guides / Re: need help decryptor gandcrab 2 and 3
« Last post by Execute on September 04, 2018, 10:58:28 am »
need help decryptor gandcrab 2 and 3
Thanks for any help !!!

Hello @camachousa.
Currently, there are no decryptors available for Gandcrab cryptovirus after the Version 1 (.GDCB) decrypter from BitDefender. So, unfortunately, Gandcrab 2 and 3 (.CRAB) and after do NOT have decryption tools available, and the tool for the 1st version works only for it.

You can try a data recovery program (if the ransomware deletes the original files) or some other method suggested in the article below:

How to Restore Files Encrypted by Ransomware (Without Decrypter)

Kind Regards,
Execute
6
Malware Removal Questions and Guides / need help decryptor gandcrab 2 and 3
« Last post by camachousa on September 01, 2018, 02:59:44 pm »
need help decryptor gandcrab 2 and 3
Thanks for any help !!!
7
Malware Removal Questions and Guides / Re: I'm a victim of this ransomware
« Last post by Execute on August 20, 2018, 11:00:31 am »
Hello @Vtchoula,

have you been trying to decrypt with the Emsisoft decryption tool hosted here:
https://decrypter.emsisoft.com/globeimposter ?

On that page there is even a "Detailed usage guide" that you can open to see if you were missing something.
If it still doesn't work, then I am afraid you have a newer variant of the virus and decryption is not yet possible.

Tell us what has happened after you read the guide.
8
Hello @Vtchoula,

have you been trying to decrypt with the Emsisoft decryption tool hosted here:
https://decrypter.emsisoft.com/globeimposter ?

On that page there is even a "Detailed usage guide" that you can open to see if you were missing something.
If it still doesn't work, then I am afraid you have a newer variant of the virus and decryption is not yet possible.

Tell us what has happened after you read the guide.
9
Hello, can anyone help me encrypt 60mb bip file i can send you to pm or email, it's verry important file for me.

Hello @mati,
I am suspecting you meant that you want that file DEcryted.
Unfortunately, for the time being, there is no decryption tool available, so decryptiong won't be possible.

If such a tool is developed, you will be informed here in the forum.

Best Regards,
Execute
10
Hello,
i'm a victim of the ransomware that encrypted all my file. i've try diferent versions of globimposter, but no way. i receive the message "the decrypter could not determine a valid key for your system, please drag and drop both encrypted file as well as its uncencrypted counterpart onto the decrypter to determine the correct key. Files need to be at least 128 bytes long" .

The extension of my file is .BIG_SITE
Can you tell me plz how to do to decrypt?

the email adress [email protected] is for the harker, I paid the ranson but he no longer responds to the email I sent him and especially he did not send the right decryptor

thanks in advance
Pages: [1] 2 3 ... 10