Monthly Archives: July 2017 - Page 6

ForceLocker Ransomware is a malicious application targeting Russian users primarily. It seems to be a new version of ShellLocker, a ransomware infection detected by specialists some time ago, because they are similar to each other. The first thing ForceLocker Ransomware does on users’ PCs after the successful infiltration is encrypting personal files. Then, it locks Desktop by placing a screen-locking window with a ransom note on it. It becomes clear after reading the message left on the screen that all this threat wants from users is their money. Of course, you should not send a ransom no matter how badly you need your files back. What we recommend doing instead is simply deleting this infection from the system and then recovering files from a backup. We have to tell you the truth – it might be impossible to restore files if you do not have a backup of files because the encryption key AES-256 which it uses is one of the strongest encryption algorithms. Read more »

The Unlckr ransomware is a malicious ransomware infection that accesses the system surreptitiously  in order to encode your file so that you cannot use as usual. On top of that, the infection displays a ransom saying that you should contact someone behind the malware to regain access to your files. Usually, ransom notes contain the sum that is required as a fee for having the encrypted files restored.  Episodes when victims are instructed to contact the attackers are quite rare, but it is the case with the Unlckr ransomware. Our team at Anti-Spyware-101.com insists that you ignore the infections of the ransomware and remove it from the computer for good. Read more »

Whoever created Fenrir Ransomware, they must be in the Norse mythology, seeing how they gave their program the name of the monstrous Norse wolf. Perhaps they expected their program to be just as destructive as the mythical creature. Judging from the reports we get from distressed users, the program must have reached at least part of their intended victims.

It is unfortunate that there is no public decryption tool that would allow us to restore the files encrypted by this infection, but you can actually remove Fenrir Ransomware if you check out the manual removal instructions we have compiled right below this description. Read more »

The devious Azer Ransomware slithers in without your notice and immediately initiates the encryption of your personal files. Have you noticed that many of your files have been removed and replaced with suspicious files with random names? In reality, your personal files were not eliminated, and they were only encrypted. The names are changed so that you would have a harder time understanding which files were corrupted, but, of course, you should be able to figure things out. Another thing that the threat does is that it appends the “-email-[webmafia@asia.com].AZER” extension to all encrypted photos, documents, and other files. Needless to say, the name of the ransomware derives from this extension. As you can see it also includes an email address, and we discuss that further in the report. The infection, as you must know already, was created to make money, and it can do that by pushing their victims into paying ransoms in return of file-decryption. The thing is, a decryptor is unlikely to be given. Whatever happens, you must delete Azer Ransomware, and the tips in this report should help you. Read more »

If ReadIT Ransomware manages to infiltrate your system, there is a good chance that you can say goodbye to all your important files. This ransomware infection can encrypt most of your personal files, including your documents, photos, videos, databases, and more. Your only possible way out of this threat is to have a recent backup saved in cloud storage or on a removable hard disk. Of course, your attackers will offer you their sort of way out if you contact them. Obviously, you will be told to pay a certain amount of ransom fee in exchange for the unique decryption key without which it is not yet possible to recover your files. Malware hunters are most likely working hard on a solution to provide victims with a free tool, but as of yet no such tool has emerged on the web. Our malware specialists at anti-spyware-101.com say that you should remove ReadIT Ransomware immediately if you would like to use your computer even if this could mean the loss of your files. Of course, whatever you decide to do is up to you. But please keep in mind that paying any money to criminals would simply encourage them to go on with their dirty business. Read more »

Has Unikey Ransomware invaded your operating system and corrupted your personal files? It is unlikely that it has because this infection is not currently spread in the wild. The sample our Anti-spyware-101.com researchers got their hands on is not fully functional, and even though it can encrypt files, it does so in one specific folder only, %USERPROFILE%\Desktop\test. This is also where the ransom note file is found, and that makes no sense. Furthermore, the ransom note is useless as it does not provide the victim with any useful information. That being said, it is possible that the developer of this strange infection will make it much more powerful, and that could happen very fast. If that does not happen, it is likely that the creator of the ransomware will use the knowledge gained to create more powerful threats. If that happens, we will inform you about it as soon as possible. For now, all we can do is discuss the potential of this malicious ransomware, ways to prevent its infiltration, and, of course, how to delete Unikey Ransomware in case it attacks. Read more »