Become a fighter against malware and join the forum at SensorsTech!  The SensorsTech’s forum is the place where you can solve your PC issues and educate yourself about malware. You are welcome to discuss various security topics with our professional team and other users like you! To unlock all features of the forums, you have to create an account. Otherwise, you can only browse the topics without taking part in the discussions. To leave a comment or ask your questions, read our Registration Agreement and create your free account here.

Recent Posts

Pages: [1] 2 3 ... 10
1
Off-Topic Discussions / Re: Hello Everyone
« Last post by Execute on February 16, 2018, 04:55:47 pm »
Hello @Saadraja and Welcome. But what is Intersty?
2
Off-Topic Discussions / Hello Everyone
« Last post by Saadraja on February 16, 2018, 08:55:14 am »
Hello

I am blogger, reader, tech lover, love to write blogs connect with my space at Intersty. Glad to Join this Space, hope to find some good Discussions.

Thanks You
3
Malware Removal Questions and Guides / Re: Extractor Ransomware
« Last post by Execute on February 14, 2018, 10:24:10 am »
Hello pmouat!

You can upload those tools to https://www.hybrid-analysis.com/ and/or https://beta.virusbay.io/ for example.

This ransomware was first discovered around the month of May, 2017 (Reference: https://sensorstechforum.com/extractor-ransomware-remove-restore-xxx-files/), but what you got might be a new variant or even tools used to spread/ develop other ransomware viruses. So it would be useful for researchers who come up with decryptors and for updating databases of security software as a prevention against such toolkits.

Kind Regards,
Execute
4
Malware Removal Questions and Guides / Extractor Ransomware
« Last post by pmouat on February 06, 2018, 04:21:27 pm »
Hi last week someone managed to break in via a weak RDP password and encrypt all of my files using from what I understand is the "Extractor Ransomware"

I managed to interrupt them "mid" hack so I have his/her toolkit with the executables that they used to encrypt my files

Is there any tools out there that can help to decrypt my data

Or if I uploaded these files somewhere would it help
5
Malware Removal Questions and Guides / Styx Ransomware - a new cryptovirus arises
« Last post by Execute on December 15, 2017, 12:23:16 pm »
The Styx ransomware is a new cryptovirus that will encrypt your files.
All of the locked files will get the .styx extension appended to them.
The encryption algorithm which is used is AES with 256-bit ciphers.

You can see the Remove Styx Ransomware Virus article for more information.

6
Malware Removal Questions and Guides / Re: .java Ransomware
« Last post by Execute on December 15, 2017, 12:09:25 pm »
Hello @luizconrado,

I am very sorry to hear about your passed mother.
I am also sorry to hear you got hit by that ransomware.

Currently, there is no working solution to getting your files back to normal,
but you can try the alternative decryptors from the .java Files Virus article,
and see if that yields any results. If not - backup the files you want to keep
and wait for a fix in the future (if a decryptor comes out, you will be notified!)

Kind Regards,
Execute
7
Malware Removal Questions and Guides / .java Ransomware
« Last post by luizconrado on December 14, 2017, 06:48:11 pm »
Hi,

I have been infected with a ransomware that encrypted all my files to a .java extension.
The ransom not is called "FILES ENCRYPTED.txt"
The email for ransom are:
[email protected] or [email protected]

I have pictures of my recently passed mother there.
I would really appreciate some help.

Thanks.
8
All my files have been renamed to .arena and .nemesis Is there a way to restore files to the original state?

Hello, @faxmodem.
First of all, I have moved your question to the appropriate topic (so there is no confusion).
Second, it seems there is currently no solution to the Dharma (.arena files) ransomware.
Third, Nemesis has been spotted to roam around the Internet with new variants - do you mind sharing if there is a ransom note (or a ransom note picture) with it? With that there might be more to go on, although I believe previous variants of Nemesis were not decryptable.

Here is an article about Nemesis and its first variant: Remove Nemesis Ransomware and Restore Encrypted Files

See if it's of help and provide more information to try and help you!

Kind Regards,
Execute
9
All my files have been renamed to .arena and .nemesis Is there a way to restore files to the original state?
10
The current variant of the Locky virus spreads with multiple malware campaigns
that have reached thousands of users already.

Inside the e-mail, you will most commonly see it pretending to be an
email from DropBox to confirm your registration or something similar.

These are some of the payload download sites, that you should not open
and should close immediately if you see them open on your browser:

  • deltasec(.)net/iugftrs2?
  • shahanabiomedicals(.)com/iugftrs2?
  • henweekendsbirmingham(.)co.uk/iugftrs2?
  • ostiavolleyclub(.)it/iugftrs2?
  • agrourbis(.)com/iugftrs2?
  • dueeffepromotion(.)com/iugftrs2?
  • axtes(.)com/iugftrs2?
  • mastertenniscoach(.)com/iugftrs2?
  • likiihillschool(.)com/iugftrs2?
  • xploramail(.)com/iugftrs2?
  • nsaflow(.)info/p66/iugftrs2

You can read more beneath:
.Asasin File Virus (Locky) – Remove It and Restore Files
Pages: [1] 2 3 ... 10