Become a fighter against malware and join the forum at SensorsTech!  The SensorsTech’s forum is the place where you can solve your PC issues and educate yourself about malware. You are welcome to discuss various security topics with our professional team and other users like you! To unlock all features of the forums, you have to create an account. Otherwise, you can only browse the topics without taking part in the discussions. To leave a comment or ask your questions, read our Registration Agreement and create your free account here.

Recent Posts

Pages: [1] 2 3 ... 10
1
Internet and Networking Security / Re: Which is the Most Secure Browser?
« Last post by Execute on March 22, 2017, 10:36:29 am »
This topic will be updated in the newly available thread, called:

Which is the Most Secure Browser for 2017?
2
Internet and Networking Security / Which Is the Most Secure Browser for 2017?
« Last post by Execute on March 22, 2017, 10:33:33 am »
The topic for which is the most secure browser always changes ans stays relevant.

In 2017, there are quite a few changes in the browsing world.
Some browsers are getting dropped more and more, while others keep rising to new heights.

To see the latest improvements in popular and not so popular browsers, head over to this article:

Which Is the Most Secure Browser for 2017 ?

Kind Regards,
Execute
3
Malware Removal Questions and Guides / Re: spora encryption
« Last post by Execute on March 16, 2017, 10:50:14 am »
my files are encrypted with the spora ransomware...i had to do a recovery but the files are encrypted...where can i find a decryptor...i would appreciate any help

Hello, @brian4274.
The Spora ransomware has a very sophisticated encryption algorithm. There is no decryptor available for it, so currently there is no way to decrypt your files. What kind of recovery did you do?

The help we can provide you is give you information about the Spora ransomware here,

and to suggest you read and apply the tips for ransomware prevention given here in the forum.

Write back and say if you have formatted your computer or not.

Kind Regards,
Execute
4
Malware Removal Questions and Guides / spora encryption
« Last post by brian4274 on March 10, 2017, 08:13:55 am »
my files are encrypted with the spora ransomware...i had to do a recovery but the files are encrypted...where can i find a decryptor...i would appreciate any help
5
Malware Removal Questions and Guides / Re: Sage 2.0
« Last post by Pavella on February 27, 2017, 11:20:45 am »
Thank you

I am waiting for your news.

BR
Pavella
6
so to finish my story after paying bitcoin to the perps.. that did not work... then a deposit to an american specialist who after looking at the encryption wanted a lot of money... then went on a gut call to a European specialist that required two payments as the first try only half was retrieved and finally this weekend after 6 weeks of turmoil we now have all the data. The whole issue here was that the backups were useless and we had no choice but to try all options and yes it did work for us a few thousand later. You are right we should not pay them... what would you do... sink the company.... thats all and well but we have to be realistic here....the company cannot operate so eventually people loose there jobs... and backups now... through the roof...  What would you do????

Hello, @madden2008,
first of all, I am really happy that you had the luck of getting your files restored - would you mind sharing how did the spicialist recover them? Because the thing that comes to mind is that they charged you the same sum or more than the sum asked by the ransomware, they paid the cybercriminals and got the decryption key and then they gave it to you. That has happened in the past, so I cannot exclude it, yet I am curious to what the specialist told you. (By looking back at the comments, I see that you had the same suspicion yourself, and I didn't see that last line, so I didn't answer.)

Second of all, I will just repeat what I said above with a little more detail:

Quote
you should not pay the ransomware creators

By paying cybercriminals, you support them financially, you motivate them further to create ransomware, you might be seen as an accomplice as you do knowingly help criminals. Plus, there is no guarantee that you won't get your files encrypted again in the future by the same criminals.

Quote
Companies, which promise to decrypt your files are usually a scam

There are many companies that try to scam people, as harsh it may sound - it is true. I never said that ALL such companies/specialits are such. Again, I am glad you had a lucky strike in your case.

Quote
I see business paying, because they need their files to keep the business running, but that should not be an excuse or at least, not the first thing you do.

Like I said before, I know what is at stake, and that such files keep a business afloat. But paying shouldn't be the very first thing to do. I am speaking in general, that people should first inform themselves on the matter, evaluate their options, try everything that they can for free as a restoration method, and then maybe as a last option pay an engineer or a recovery specialist (who is not known for ONLY recovering files from a ransomware hit, but recovery in general, from disk drives etc).

As you said yourself, you paid the criminals, after which the company you paid a lot of money to, didn't manage to recover what you needed, and just prolonged the process and milked you for more cash. At the end a specialist recovered the data.

Now, probably this was the first time you encountered a hit from a ransomware cryptovirus and didn't know what to do, but doing a better research and informing yourself better should have been a priority. Yet again, I don't know exactly what you did and not everybody can provide you with a good insight and know-how about what your options are. Still, I hope you recover that money with your business and treat the situation as a learning curve and getting your company stronger.

Best Regards,
Execute
7
Malware Removal Questions and Guides / Re: Cerber ransomware,how can decrypt my files ?
« Last post by never on February 22, 2017, 10:00:15 am »
Hello, buddy.

There is one thing you can do, but it is purely theoretical. If you haven't removed the virus, you can try sniffing out the traffic from the infection file to hopefully find the decryption key while it is being sent to cyber-criminals. Here is more info on this:

http://sensorstechforum.com/find-decryption-key-files-encrypted-ransomware/

The downside of this method is that you have to be infected with Cerber and know how to sniff network traffic. Another downside is that the traffic is usually encoded in another format and even if there is a key, the cyber-criminals may have thought about obfuscating that as well.

Another method that you can attempt is try absolutely every single decryptor. But to do this you have to copy the encrypted files to a flash drive for example and test decryption tools only on copied files, because they may break the files indefinitely in case you are attempting to tamper with their structure (like a trap). Here are some free decryption tools and do not use them on the original files, please:

http://support.kaspersky.com/viruses/utility

https://decrypter.emsisoft.com/

There is also another option, but I am not sure that it can work. If you know what System Restore is and if you have set restore points on earlier time on your computer, you could attempt to restore it back to before the infection, but bear in mind that everything you have done after the infection may dissappear, so back it up. Technically System Restore only restores certain aspects of your PC, but not all of it. I am not sure but if your files are encrypted, they theoretically have modified settings on them. If System Restore brings back the old configuration and settings before the encryption(If you have set a restore point), you may succeed in restoring some documents. Here is full info on system restore thanks to howtogeek.com:

https://www.howtogeek.com/howto/windows-vista/using-windows-vista-system-restore/

Other than that, our team is actively researching for a universal solution against this problem, besides backup and we are yet to find one.

By the way, in the future, if you see malicious e-mails please check the attachments before opening them online. Here is one website that can help you with that:

ZipeZip.com

Before you open an attachment next time, simply upload it on this site. If it detects a virus, do not open the attachment. This is a very good and free way to protect yourself, but you have to make it your habit.

Best Regards and best of luck,

"never"
8
so to finish my story after paying bitcoin to the perps.. that did not work... then a deposit to an american specialist who after looking at the encryption wanted a lot of money... then went on a gut call to a European specialist that required two payments as the first try only half was retrieved and finally this weekend after 6 weeks of turmoil we now have all the data. The whole issue here was that the backups were useless and we had no choice but to try all options and yes it did work for us a few thousand later. You are right we should not pay them... what would you do... sink the company.... thats all and well but we have to be realistic here....the company cannot operate so eventually people loose there jobs... and backups now... through the roof...  What would you do????
9
Thank you so much for your guidance and advice . I tried to fix it with TeslacryptDecryptor 1.0.1569 MUI and Emsisoft Decryptor and also Stellar Phoenix Data Recovery Technicians License but unfortunately didn't work . However I tried Data Recovery Pro by Pareto Logic for some extension (.jpg) was worked but for my important files (pdf, word and excel ) couldn't  recognized. Actually  I'm student and  I can't pay money to ransom and also to buy this software  please kindly give me  another advice that I can decrypt my files .... Thank you for your time and consideration...
10
Malware Removal Questions and Guides / Re: All_Your_Documents.rar Virus
« Last post by Execute on February 20, 2017, 02:49:00 pm »
Most anti-virus programs and security tools nowadays should be able to remove the virus, but unfortunately are unable to decrypt the files...
Pages: [1] 2 3 ... 10