You are welcome to discuss various security topics with our professional team and other users like you!
Read our Registration Agreement and create your FREE account here!

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - never

Pages: [1] 2 3 4
Hello forum peeps, I would like some support and more information about A2 hosting as I am doing a research project on them. Any personal experiences and information about problems / downtimes would be appreciated plus I'm really interested in the experience with their support teams over the phone, the web  and more importantly how fast they can fix a given issue, provided that it is a relatively serious one.   ::)

Thanks in advance!

Independent malware researcher "MalwareHunter" has discovered a new version of the Wanna Decryptor ransomware, calling itself Wana Decrypt0r 2.0. The virus uses .WNCRY file extension which it adds to the files encrypted by the virus. Then, the ransomware drops a ransom note with the following content:

Ooops, your files have been encrypted!
What Happened to My Computer?
Your important files are encrypted.
Many of your documents, photos, videos, databases and other files are no longer
accessible because they have been encrypted. Maybe you are busy looking for a way to
recover your files, but do not waste your time. Nobody can recover your files without
our decryption service.

Can I Recover My Files?
Sure. We guarantee that you can recover all your files safely and easily. But you have
not so enough time.
You can decrypt some of your files for free. Try now by clicking <Decrypt>.
But if you want to decrypt all your files, you need to pay.
You only have 3 days to submit the payment. After that the price will be doubled.
Also, if you don't pay in 7 days, you won't be able to recover your files forever.
We will have free events for users who are so poor that they couldn't pay in 6 months.

How Do I Pay?
Payment is accepted in Bitcoin only. For more information, click <About bitcoin>.
Please check the current price of Bitcoin and buy some bitcoins. For more information,
click <How to buy bitcoins>.

And send the correct amount to the address specified in this window.
After your payment, click <Check Payment>. Best time to check:

The ransowmare also deletes the backup copies and other system restore points and changes the wallpaper on the victim's computer to the following image:

More information on the virus can be found on our blog:

This is a help and support topic for the Wana Decrypt0r ransomware virus. Feel free to ask questions, add decryption instructions and suggest methods to remove and restore files by this virus

Best Regards,

CryptoShield is a ransomware virus spotted in the beginning of 2017 and since it came out has infected numerous systems. The virus encrypts files, adding the .CRYPTOSHIELD file extension. The files are encoded in ROT-13 mode with AES-256 algorithm and in addition to this, the ransomware virus also drops two ransom notes named # RESTORING FILES #.txt and # RESTORING FILES #.html. For the moment, there is no free decryption available, but work is being done to find gaps in the code and hence make a breaktrought.

This is an open support topic, regarding the CryptoShield Ransomware. If you want to ask questions on the matter, leave your opinion or simply ask for assistance, do not hesitate to write. We will make sure we reply objectively.

4 is the e-mail address associated with a newly discovered crypto-infection variant. So far, malware researchers believe that this virus is a part of the .XTBL ransomware variants containing the e-mail addresses as extensions.  Malekal forum researchers have also discovered the following files to be associated with this virus:

C:\Users\{User's profile}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Decryption instructions.jpg
C:\Users\{User's profile}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Decryption instructions.txt
C:\Users\{User's profile}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\{malicious payload file}.exe
C:\Windows\System32\{malicious payload file}.exe

The copies of the files in the %Startup% directory clearly indicate that ransomware runs on startup. After encrypting the files, this virus may leave them unopenable by any program with the following file extension:{unique id}

In case you have encountered file encrypted by this virus on a PC and the ransom notes opening on startup, you should immediately try to intercept any traffic that is outgoing on startup and hopefully recover the decryption key. Here are instructions on how to perform this:

Find Decryption Key of Files Encrypted by Ransomware

In case you manage to discover the key, send it to us and we will research methods to decrypt the files and hopefully decode them.

This is an open forum topic and I urge anyone who will be pariticipating to input ideas, ask questions and share experience and technical details about ransomware. We will try to respond as soon as we see your reply.

Software Reviews / What is Advanced System Optimizer v3.5?
« on: August 02, 2016, 04:05:54 pm »
ASO is a program which has a lot of features like file recovery and malware protection along with many others designed in a manner which is user friendly.
It has been developed by a company called Systweak and is a program featuring primarily tools that are created to improve the performance of a PC. This program also has a game optimizer, an updater for the drivers, a protector and several disk utilities. It is primarily focused on automatic scheduling and lightness so that it runs most of the time on your computer. Very suitable for advanced and beginner users.

This is an open forum topic about Advanced System Optimizer. You may ask questions, leave your experience with the program and assist others with this software. More information is available on the link below:

Software Reviews / Glary Utilities Pro 5
« on: July 28, 2016, 05:16:39 pm »
Glary Utilities Pro 5 is a program which offers a lot of extras summarized in one place. The software is very useful for a system manager who is dealing with different machines and does not have the time to optimize every system by entering advanced settings. To simplify this, Glarysoft Ltd. have created a rather simple to work with program featuring one-click-fix type of mode as well as many advanced features and settings amongst which users can choose their desired ones to use:

We would like to hear what you, the users think about this neat little program. You may ask questions, leave your opinion and help others since this is an open forum topic.

See the full review here:

Software Reviews / What is Protonmail?
« on: July 28, 2016, 05:04:08 pm »
Protonmail is a mail service which is not your typical e-mail account. It features a strong encryption of the mailbox itself with custom algorithms that are primary focused on privacy. This results in the user having to create two passwords on login. The mail service has the standard mail features and a very light design.

Besides this, Protonmail also features application for mobile phones which enables users to login safely. Most users believe that this service and method for e-maling is very safe, however there is the fact that an online service used can be as safe as the computer its being used from and this is why we believe there should be more features for authentication in the service.

What is your opinion about Protonmail? Leave a reply and lets start discussing it!

You can see the full review here:

ProtonMail Review

Software Reviews / Zemana Anti-Malware - Good or Bad
« on: July 25, 2016, 01:36:49 pm »
Zemana's latest anti-malware tool is showing some very good signs of being a competitive next-generation malware fighting software. The program features some pretty neat extras:

-Light while being idle.
-Very fast while scanning.
-Very compatible with other software.
-Simple and easy to learn UI.
-Checks your web browser extensions for legitimacy.

See the full software review at:

This is an open forum topic - you may ask questions, leave your opinion and help others in case they have any.

Cipher Block Chaining(CBC) mode is a special process which includes a unique sequence of bits which are encrypted. They are grouped into a so-called unite or as the name refers - "block". This procedure also uses vectoring  and one of its defining details is that it also has a chaining mechanism which makes 1 of those "blocks" to rely on all of the previously encoded blocks, making them all connected together. This is very volatile, because if you try to decrypt the files, you will unknowingly rearrange those blocks, making the files lost forever. To put this into simple perspective, CBC is like a "dead man switch" and ransomware makers love it. Of course it is not easy to implement, but it is the next stage with such viruses and we will start seeing it more and more often.

Learn more on Ransomware viruses and how to protect yourself against them:

Safely Store Your Important Files and Protect Them from Malware
Obfuscation in Malware - The Key To A Successful Infection
Ransowmare Encryption Explained - Why Is It So Effective

A decryptor has been discovered for Nemucod ransomware. The crypto-malware encrypts user files, leaving a scary ransom message in it. Fortunately for the users a decryptor has been discovered, available at Emsisoft's webpage. For more information on how to decrypt your files, please check the instructions in the following article:

Remove Nemucod Ransomware and Decrypt Your Files

Malware Removal Questions and Guides / RemindMe Ransomware
« on: April 26, 2016, 04:46:35 pm »
A ransomware, called RemindMe has been reported to have a devastating impact on user files. The malware encrypts them using a strong cypher and appending the .remind file extension after encrypting the data. The ransomware then drops a ransom message with instructions on how to pay the cyber crooks for the decryption of .remind files.

More to it than that, RemindMe uses a strong combination of two cyphers. To encrypt the user files, it is believed that it uses the AES encryption algorithm which adds a custom decryption key to unlock the files. This key is then believed to be encrypted via an RSA cypher.

Here is more information about RemindMe along with removal and file restoration instructions:

Remove RemindMe Ransomware and Restore Encrypted Files

This is an open forum topic about RemindMe Ransomware. If you want to help users or simply share your experience with the ransomware and ask questions, do not hesitate to reply here.

CryptoBit is a crypto malware also known as ransomware and it is in the wild to do nothing else but encode your data with a strong encryption algorithm after which ask for money to decode it. This type of ransomware uses the following encryption algorhitms:

  • AES
  • RSA

The ransom money which it asks for decryption should be converted in BitCoins for which there are instructions in the ransom message. The ransomware targets your images, databases, documents, audio and video files.

Here is more information about CryptoBit and removal and file restoration instructions:

Remove CryptoBit Ransomware and Restore Encrypted Files

This is an open forum topic about CryptoBit. If you have any other suggestions for decryption, want to help users or simply share your experience with the ransomware and ask questions, do not hesitate to reply here.

Petya ransomware is one of a kind. This is the first time it is observed for a ransomware type of cyber-threat to have Rootkit capabilities. What the malware does is illustrated in the following methodology:

1. Infection - once downloaded by malicious URLs or attachments sent out via email which links to a Dropbox file, the program appears to mimick a Windows Shield type of app. Once executed, it crashes the computer, resulting in a BSOD (Blue Screen Of Death).

2. Action - once the user PC is restarted, you see the following scary Skull type of screen with the ransom instructions:

Unlike any other ransomware, this one does not fool around. Instead of the typical given time for the victim to pay the ransom money which is several days the very most, Petya gives several hours. This is extremely effective for the cyber-criminals since it takes significantly more time than several hours to unlock the computer. What is worse, a traditional boot scan does not do the job, so the best protection against this ransomware is to run applications sandboxed and to combine this with a strong AntiVirus and Anti-Malware software.

How To Fix It?

Unfortunately at this point in time there is no direct decryption method for free. The only mehtod to decrypt drives encoded by Petya is to follow the instructions, pay the 0.9 BTC and hope for the best. In case you have Cloud Backup, do not worry however, you may be able to download your files on a non-infected computer and simply reformat your drive and reinstall Windows.

We will keep you posted in this thread if a new solution surfaces, regarding Petya Ransowmare. You may find more information and eventual removal instructions to be updated in the article about Petya Ransomware.

PC Tips & Tricks / How To Build a Desktop PC
« on: March 16, 2016, 05:26:00 pm »
Hello, since there is no tutorial on anything related to building a computer on this forum, i have decided to help out and make one. Bear in mind that this is the most basic build and it does not include extras such as Wi-Fi or CD/DVD Player.


Besides a screwdriver, you will need several components to have before beginning the build:

-Power Supply Unit
-RAM Card
-GPU Card
-HDD or SSD.
-A suitable Desktop box (case) that will fit the components.
-Connector cables (Sata, etc.)
-CPU Cooler
-Monitor, Keyboard and Mouse with connecting cables.


Step 0 - Insert the motherboard onto the Desktop Box

Since the desktop box has to contain the motherboard first, you should unscrew it and place the motherboard onto the motherboard slot. You will recognize the slot by attaching the slot's plate in the rectangular hole at the back of the box. After fitting the plate fit in the motherboard. Make sure all your ports fit in the plate and then screw the motherboard onto the box where able.

Step 1 - Insert the CPU into the motherboard Socket.

Try to be very gentle while adding the CPU to the main motherboard, do not use force and make sure there is no dust and the socket is dry. Disable the socket locking mechanism, insert the CPU and then lock it again.

Step 2 - Insert the CPU cooler in its place.

Usually, coolers come together with processors and they usually come standard with thermal paste. If not, you should look forward to picking up such and insert very little amount on the top of the CPU.

Most coolers have either a lever that fits them into place or custom made mechanisms (See the instructions of your cooler for more info). In case you have a lever, fit the cooler and then slowly rotate the lever to fix it onto the motherboard.

Step 3 - Insert the RAM card onto the motherboard

The motherboard should either have 2 or more slots. You may recognize them from the side levers they have for fixing the RAM in place. To fix the RAM in place pull the levers down, insert the RAM card in the slot accordingly and then pull the levers up.

Step 4 - Isert the GPU (Video Card) into the motherboard

Find the PCI slot on your motherboard. it is an expansion slot which looks similar to the RAM slot. Then you need to unscrew the slot plate to reveal an opening on the back of the box of your PC to make room for the ports of the GPU. After this, it is important to line up the video card carefull onto the PCI slot and then it will automatically fit in the back opening of the box. It should also have a place to be screwed into place with your screwdriver.

Step 5 - Install the HDD or SSD onto the motherboard.

Most cases have drive slots in what is known as their front upper side. They also have screws on them and along with those instructions on how to put the hard drive onto the case in place and fix it via the screws. Insert the hard drive or solid state drive, screw it in and then use a SATA Cable(also comes with the drive itself)  to connect the drive with the motherboard. You should be able to find the SATA slot on your motherboard fairly easy.

Step 6 - Connect the power supply

In case your Desktop box does not come with its own power supply, you should mount one in. Its slot is usually located in the back of the box and on its top. There are also some power supplies located on the bottom. Fit the box so that its power slot and off and on button are exposed and screw it in the Desktop box.

Step 7 - Connect everything into place

Take the cables of your Power Supply unit and connect them as follows:

-The 24-pin power cord to the motherboard.
-Skinny power plugs with no visible pins to the hard drive or the solid drive.
-Molex cables (ones with cylindrical ends) to the CPU cooler plugs.
-Plug the USB cables (black, small with 4 pins) to the motherboard's audio header and so on.
-The smallest cables are for the led lights and other functions. For the header(slot) of those you should have a look at your motherboard's manual.

Now connect the keyboard, mouse and Monitor and the power supply cable to the electricity and you are ALL SET! And do not forget to RTFM OF THE COMPONENTS!

Best Regards,

Software Reviews / File Recover Plus Software Review
« on: March 07, 2016, 04:25:26 pm »
A program created by eSupport, File Recover is one of the lightest file recovery programs out there that are able to successfully restore erased data. The program supports advanced settings and detailed view of the restored files. There were several features we noticed that were very well placed and also there was some space for improvement.

We liked primarily several features:

  • The quality of the restored data we deleted.
  • Advanced info on the recovered files.
  • Simply created settings to mess with.
  • Deep scanning and smart scan options.
  • Very light and its only around 5 MB in size.

There was some details we found that could have been improved or added:

  • Using different scanning methods which can result in improved effectiveness.
  • Free evaluation of the software by giving the ability to restore several files with no charge.
  • On demand scanning feature based on specific folders.
  • Faster scanning process.

You can find more information in our software review of File Recover Plus.

Pages: [1] 2 3 4