You are welcome to discuss various security topics with our professional team and other users like you!
Read our Registration Agreement and create your FREE account here!

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Execute

Pages: 1 [2] 3 4 ... 26
16
Yes, try 26-symbol ones to be sure.
Hardware is advancing at an alarming pace.

17
Hello.
As you can see, you have got hit with the .rezuc variant of the STOP ransomware virus.

Download a malware removal tool to remove the virus, then the decryption tool from this article to restore your files:

https://sensorstechforum.com/rezuc-files-virus-stop-ransomware-remove/

Best of luck!

18
Malware Removal Questions and Guides / Re: Encrypted files
« on: June 19, 2019, 10:33:27 am »
Hello,

Our 2 servers, file and exchange 2016, were infected by a ransomware.
I want your help to tell exactly what kind of ransome is that and if I can revert the encryption of my files.
TEXT:
"All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the e-mail luciolussenhoff@aol.com
Write this ID in the title of your message 9EF7A78C-1023
In case of no answer in 24 hours write us to this e-mail:leeming.derick@aol.com
If there is no response from our mail, you can install the Jabber client and write to us in support of waitheisenberg@xmpp.jp
You have to pay for decryption in Bitcoins. The price depends on how fast you write to us. After payment we will send you the decryption tool that will decrypt all your files. "
How can I remove the ransomware and How cai I revert the files?

Urgent!!!

This looks like the newest 2019 version of PHOBOS ransomware.
For information and removal instructions check the following article:

https://sensorstechforum.com/phobos-ransomware-remove-restore-phobos-files/

As to how you can revert the files, there is no decryption tool, but you can try a Data Recovery tool, although I have not seen it being effective against PHOBOS.

What you can do from now on is to backup your 2 servers on two separate locations, so at least one of the backups survive.

19
Malware Removal Questions and Guides / Re: Grangab v 5.2
« on: June 17, 2019, 04:26:12 pm »
GandCrab 5.2 decryption tool is released - article is updated:

https://sensorstechforum.com/decrypt-gandcrab-ransomware-files/

20
Posted Today, 09:13 AM

Hi guys.

I'm new member and I've got a problem with my computer. I was browsing on internet and suddenly i saw all my files renamed with .gerosan at the end. As the files were not opening anymore, I thought maybe there was a problem with my operation system and I formated installing a new operation system.
Kind off, no file is opening. I also tried some programs to recover/ decrypt the files but I'm struggling.
Can someone help please? Thanks.

This is the .gerosan Files Virus, part of the "STOP" Ransomware family.
You should remove any leftover files of the virus with an anti-malware tool.
Then, you should try the decryption tool for it.

For reference:
https://sensorstechforum.com/gerosan-files-virus-stop-remove/
Decrypt Files of STOP Ransomware Article

Know that the decryption tool might not be able to decrypt exactly your version of the virus.

Best of luck and
let us know how it went.

21
Malware Removal Questions and Guides / Re: grandgrab 5.1 vbpik
« on: June 14, 2019, 03:59:20 pm »
Good morning my pc got grandgrab 5.1 extension vbpik and I can not decrypt by favom help me

I have merged your topic with an older one for GandCrab 5.1.
There is already a decryptor available as you can see in the above comments.
Here is a link: https://labs.bitdefender.com/2019/02/new-gandcrab-v5-1-decryptor-available-now/

Try it! =)

22
Greetings, my files were added the extension .lanset, someone could help me recover my files

.lanset extension virus is part of the STOP ransomware family. There is a decryption tool for older variants of the virus, but not for .lanset.
You should remove the virus and try out the decryptor:

How to Remove .lanset Ransomware Virus

Decrypt Files Encrypted by STOP Ransomware


If the decryption tool doesn't work, then you should wait for the malware researchers to update it.

Kind Regards,
Execute

23
I would like to know if you have any solution to decrypt files with the .davda extension.

.davda extension virus is part of the STOP ransomware family. There is a decryption tool for older variants of the virus, but not for .davda.
You should remove the virus and try out the decryptor:

.davda Files Virus (STOP) – Remove It

Decrypt Files Encrypted by STOP Ransomware


If the decryption tool doesn't work, then you should wait for the malware researchers to update it.

Kind Regards,
Execute

24
HELP, my computer had infected .2k19sys virus, how can i decrypt my documents???
Any solution??

Hello @hou817, currently there is no solution but if a decryptor program is available, the appropriate article will be updated:
.2k19sys Files Virus – How to Remove

You can at least remove the cryptovirus so it stops encrypting files and stops to spread across the Internet.

25
Yes, you can remove the virus and after that try to decrypt your files with the decryptor linked under the table of this article:
.dotmap Ransomware – How to Remove It

The decryptor should work, but it doesn't work with all variants of the .dotmap ransomware.

27
I 've cought a ransomware with .docm extension but haven't found anyone with this problem. Is there any cure for my files?

There is a GlobeImposter variant of this virus:
https://sensorstechforum.com/docm-ransomware-remove/

There is no remedy for restoring your files at this time, but you can remove the virus with an anti-malware tool and try to recover some files with a data recovery program.

28
Hello guys, I have a client infected with that .jack version of dharma ransomware. We have tried almost everything except payment. No Shadow copy, no file recovery as these are VMs with shared drive, free tools don't work, paid recovery data companies stated they cannot do anything. We don't have backup only from one server and we need only 3 files out of it. Should we consider payment to the bad actors? Do you reckon they can and will recover the files? Or no honour amongst thieves? Any advice is welcome!

Hello. This is one of the newer ransomware viruses.
There is no decryption tool available at this time, so best you can do is remove the virus,
do a backup of important files, re-install the system and hope for a decryption tool.

Some Dharma variants that still have no decryption tool made for them date back over more than 1 year, so chances are slim and hope is fading away for a decryptor. Paying the thieves is last resort, but we advise against it. You could be targetted again and get your computer systems infected again. Even if they contact you back, their decryption tool might not work.

As for criminals keeping their word - some of them do, some of them don't and some act as what their mood is.
Very unfortunate, but unless there is a lot of money involved (business) we advise against paying.
If data recovery companies cannot help you, then currently there isn't really a way to get your files restored that way.

Kind Regards,
Execute

29
Hello guys,

Please help me. 5 days ago, all my files from PC were changed. I have now all files with extension .i1n7y95pm6.
A new file was created in each folder, named 6ca2e8b7.lock.

A lot of weddings pictures are affected, so I'm desperate....please help.

Thank you.
Best regards,
Alin

This is a ransomware attack.
The extensions seem random, but if every file is a .lock file, then it could be the .lock ransomware virus.
Do not pay the ransomware authors, as they might infect your computer again.
There is no decryption tool available at this time, so best you can do is remove the virus, do a backup of important files, re-install the system and hope for a decryption tool.

30
PC Tips & Tricks / Re: File Permission of The Sh Files
« on: May 21, 2019, 11:56:02 am »
chmod 770 filename

That should be the command but that is for Unix/Linux systems.
This is mainly a forum for Windows, so simple questions like that could easily be answered with a quick Google Search.

Pages: 1 [2] 3 4 ... 26