Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Any risks with Tor browser?


  • Please log in to reply
5 replies to this topic

#1 mikey117

mikey117

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:23 PM

Posted 10 October 2016 - 09:13 AM

Trying to help someone out with their ransomware situation & I'm concerned with going to the site that tells you the amount wanted. Is there any risks of doing this? I have computer at my home, not on network, but didn't want to run a risk of turning this loose on my home network. I actually went through this process before, but I had a verizon USB modem that I used, so wasn't as concerned. I had thought of just connecting computer directly to my comcast modem, figuring that would keep things isolated.
Any advice?
Thanks!

BC AdBot (Login to Remove)

 


#2 robby501

robby501

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:23 AM

Posted 10 October 2016 - 09:24 AM

I'm sure someone will be along to help shortly......but in the mean time.........I would certainly not visit the site if I were you.


Edited by robby501, 10 October 2016 - 10:34 AM.

Im a rookie and purely recreational pc user. Im utterly obsessed with security (even though I consider myself a safe and law-abiding internet user!) and run a combo of the following freeware security suites.....

Windows Defender/firewall

Regular scans with Malwarebytes, AdwCleaner, JRT, HitmanPro

 

 

 


#3 mikey117

mikey117
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:23 PM

Posted 11 October 2016 - 11:47 AM

Define 'shortly'...

BTW, one thing I've noticed is that all the files haven't been encrypted. From what I've read, this process makes copies of the files, decrypts them & then deletes the originals. I'm hoping I may be able to get the 'deleted' ones...



#4 robby501

robby501

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:23 AM

Posted 11 October 2016 - 05:40 PM

Yeah, I'm sorry.

I'd have assumed one of the pros would have been along to help by now.

I was merely advising against you doing any dealings with whoever issued the ransomware.

Hope you get help soon. 


Im a rookie and purely recreational pc user. Im utterly obsessed with security (even though I consider myself a safe and law-abiding internet user!) and run a combo of the following freeware security suites.....

Windows Defender/firewall

Regular scans with Malwarebytes, AdwCleaner, JRT, HitmanPro

 

 

 


#5 AaroniusLeonius

AaroniusLeonius

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:23 AM

Posted 31 October 2016 - 08:31 PM

Do you know what ransomware he has? You might be able to see the Tor site by visiting it in your favorite web browser adding .to after .onion. This is called tor2web and you can learn more about it at tor2web.org. If you can find the name of it in there, I will try to find you the decrypter if there is one.

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:23 PM

Posted 01 November 2016 - 07:26 AM

In regards to your topic title, there was a recent discussion in this General Security forum topic...Is Tor totally safe?

As far as identiying the ransomware infection...

Are there any obvious file extensions appended to or with your encrypted data files?

Did you find any ransom notes? These infections are created to alert victims that their data has been encrypted and demand a ransom payment. Check your documents folder for an image the malware typically uses for the background note. Check the C:\ProgramData (or C:\Documents and Settings\All Users\Application Data) for a randomly named .html, .txt, .png, .bmp, .url file. Most ransomware will also drop a ransom note in every directory/affected folder where data has been encrypted.

You can submit samples of encrypted files and ransom notes to ID Ransomware for assistance with identification and confirmation. This is a service that helps identify what ransomware may have encrypted your files and then attempts to direct you to an appropriate support topic where you can seek further assistance. Uploading both encrypted files and ransom notes together provides a more positive match and helps to avoid false detections.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users