You are welcome to discuss various security topics with our professional team and other users like you!
Read our Registration Agreement and create your FREE account here!

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - never

Pages: 1 [2] 3 4 ... 9
16
Hello,

Looks like you have been hit by Alma Locker ransomware. This nasty threat uses TOR networking to communicate with its victims and get them to pay 1 BitCoin ransom payoff and the deadline for this is 5 days. On the tor based web page given to you, you can decrypt one of your files of free, so I suggest you do that right away. Then copy the encrytped files and the decrypted file to a USB drive or a safe device.

Unfortunately at the moment, there is no direct decryption for free that has been released for Alma Locker because, this virus is, well, new. But we have some solutions that you can try. One of them is to use Wireshark while Alma Locker ransomware is still installed on your computer and sniff out the packets of information that this virus may use to send the decryption key to the cyber-criminals server to which it connects to. You can do this by following the instructions in this URL:

http://sensorstechforum.com/find-decryption-key-files-encrypted-ransomware/

Try using this program to inspect outgoing packets from your IP address to the cyber-criminals' server. Be patient and check the packets one by one. Look for any keywords when you inspect them, like RSA, AES, etc. Also, do not forget to configure the program to run on system startup.

Once you have found the key, write a reply here and we are going to attempt and decrypt your files.

Best Regards,
Never

17
Hello,

We have created instructions on how to decrypt your files via TrendMicro's latest decryptor for free. This is working only with the 1st variant of Cerber Ransomware.

Instructions are available on this web link:

http://sensorstechforum.com/decrypt-encrypted-files-cerber-ransomware/

Make sure to leave a comment if you have any questions. We will make sure to respond as soon as possible.

18
Software Reviews / What is Advanced System Optimizer v3.5?
« on: August 02, 2016, 04:05:54 pm »
ASO is a program which has a lot of features like file recovery and malware protection along with many others designed in a manner which is user friendly.
It has been developed by a company called Systweak and is a program featuring primarily tools that are created to improve the performance of a PC. This program also has a game optimizer, an updater for the drivers, a protector and several disk utilities. It is primarily focused on automatic scheduling and lightness so that it runs most of the time on your computer. Very suitable for advanced and beginner users.

This is an open forum topic about Advanced System Optimizer. You may ask questions, leave your experience with the program and assist others with this software. More information is available on the link below:

http://sensorstechforum.com/advanced-system-optimizer-software-review/

19
Software Reviews / Glary Utilities Pro 5
« on: July 28, 2016, 05:16:39 pm »
Glary Utilities Pro 5 is a program which offers a lot of extras summarized in one place. The software is very useful for a system manager who is dealing with different machines and does not have the time to optimize every system by entering advanced settings. To simplify this, Glarysoft Ltd. have created a rather simple to work with program featuring one-click-fix type of mode as well as many advanced features and settings amongst which users can choose their desired ones to use:



We would like to hear what you, the users think about this neat little program. You may ask questions, leave your opinion and help others since this is an open forum topic.

See the full review here:
http://sensorstechforum.com/glary-utilities-pro-software-review/


20
Software Reviews / What is Protonmail?
« on: July 28, 2016, 05:04:08 pm »
Protonmail is a mail service which is not your typical e-mail account. It features a strong encryption of the mailbox itself with custom algorithms that are primary focused on privacy. This results in the user having to create two passwords on login. The mail service has the standard mail features and a very light design.

Besides this, Protonmail also features application for mobile phones which enables users to login safely. Most users believe that this service and method for e-maling is very safe, however there is the fact that an online service used can be as safe as the computer its being used from and this is why we believe there should be more features for authentication in the service.

What is your opinion about Protonmail? Leave a reply and lets start discussing it!

You can see the full review here:

ProtonMail Review

21
Software Reviews / Zemana Anti-Malware - Good or Bad
« on: July 25, 2016, 01:36:49 pm »
Zemana's latest anti-malware tool is showing some very good signs of being a competitive next-generation malware fighting software. The program features some pretty neat extras:

-Light while being idle.
-Very fast while scanning.
-Very compatible with other software.
-Simple and easy to learn UI.
-Checks your web browser extensions for legitimacy.

See the full software review at:
http://sensorstechforum.com/zemana-anti-malware-software-review/

This is an open forum topic - you may ask questions, leave your opinion and help others in case they have any.



22
Cipher Block Chaining(CBC) mode is a special process which includes a unique sequence of bits which are encrypted. They are grouped into a so-called unite or as the name refers - "block". This procedure also uses vectoring  and one of its defining details is that it also has a chaining mechanism which makes 1 of those "blocks" to rely on all of the previously encoded blocks, making them all connected together. This is very volatile, because if you try to decrypt the files, you will unknowingly rearrange those blocks, making the files lost forever. To put this into simple perspective, CBC is like a "dead man switch" and ransomware makers love it. Of course it is not easy to implement, but it is the next stage with such viruses and we will start seeing it more and more often.

Learn more on Ransomware viruses and how to protect yourself against them:

Safely Store Your Important Files and Protect Them from Malware
Obfuscation in Malware - The Key To A Successful Infection
Ransowmare Encryption Explained - Why Is It So Effective


23
Malware Removal Questions and Guides / Re: Wildfire locker
« on: July 04, 2016, 11:25:00 am »
Hello,

At this point there is no direct decryptor for WildFire Locker. Top security researchers are looking into it as far as we are informed. As soon as there is decrytpor we will post you a reply in this forum topic.

In the meantime, you may want to try the file restoration methods in step "3. Restore files encrypted by WildFire Locker" at the bottom of the article below (the steps after the conclusion of the article):

http://sensorstechforum.com/wildfire-locker-ransomware-remove-restore-wflx-files/


24
Malware Removal Questions and Guides / Re: Old CryptoWall 2.0 Files
« on: June 21, 2016, 10:06:41 am »
Hello,

Yes, I understand what you were going through, I have met similar errors whilst testing the manual. But this is how ubuntu works. If you do not know what is needed, it tells you. To install the missing module simply type:

sudo apt-get install libgmp3c2 libgmp3-dev
 
If you want to do everything manuall you can try with root but it isnt really advisable:
 
sudo make install

Oh yes, and if you haven't typed  the following python installation command, type it:

sudo apt-get install python3 python-sqlite python-pysqlite2

Best Regards,
Never

25
Hello, maro

I believe you will find the information you seek by downloading the latest updated database from this website:

http://urlblacklist.com/?sec=download


I advise waiting for download because they have a daily limit for downloaded files. I hope this is of use to you, since there is "Games" category in the database.

Best Regards,
never

26
A decryptor has been discovered for Nemucod ransomware. The crypto-malware encrypts user files, leaving a scary ransom message in it. Fortunately for the users a decryptor has been discovered, available at Emsisoft's webpage. For more information on how to decrypt your files, please check the instructions in the following article:

Remove Nemucod Ransomware and Decrypt Your Files

27
Malware Removal Questions and Guides / RemindMe Ransomware
« on: April 26, 2016, 04:46:35 pm »
A ransomware, called RemindMe has been reported to have a devastating impact on user files. The malware encrypts them using a strong cypher and appending the .remind file extension after encrypting the data. The ransomware then drops a ransom message with instructions on how to pay the cyber crooks for the decryption of .remind files.

More to it than that, RemindMe uses a strong combination of two cyphers. To encrypt the user files, it is believed that it uses the AES encryption algorithm which adds a custom decryption key to unlock the files. This key is then believed to be encrypted via an RSA cypher.

Here is more information about RemindMe along with removal and file restoration instructions:

Remove RemindMe Ransomware and Restore Encrypted Files


This is an open forum topic about RemindMe Ransomware. If you want to help users or simply share your experience with the ransomware and ask questions, do not hesitate to reply here.

28
CryptoBit is a crypto malware also known as ransomware and it is in the wild to do nothing else but encode your data with a strong encryption algorithm after which ask for money to decode it. This type of ransomware uses the following encryption algorhitms:

  • AES
  • RSA

The ransom money which it asks for decryption should be converted in BitCoins for which there are instructions in the ransom message. The ransomware targets your images, databases, documents, audio and video files.

Here is more information about CryptoBit and removal and file restoration instructions:

Remove CryptoBit Ransomware and Restore Encrypted Files

This is an open forum topic about CryptoBit. If you have any other suggestions for decryption, want to help users or simply share your experience with the ransomware and ask questions, do not hesitate to reply here.

29
Since we have seen tons and tons of ransomware, we have also seen users who were able to recover at least some of their files using data recovery software. Here is a video about it:

  Recover Your Data and Find Hidden Files

Bear in mind that you should also check the  Tips and Tricks regarding ransomware which Execute has kindly created to assist you with this mess.

Best Regards,
Never

30
Nice programs, Execute.

Here is a little video to show to you to work with data recovery software and find hidden files. I hope it helps to all the affected users at least to some extent.

Recover Your Data and Find Hidden Files

Pages: 1 [2] 3 4 ... 9