Monthly Archives: July 2017 - Page 8

Random6 Ransomware

Random6 Ransomware

Random6 Ransomware, also known as Johnie Ransomware, is an application designed to encrypt files. If your computer is unprotected, then it can enter it by stealth and encrypt many of your files. Its developers will probably want you to purchase a decryption tool that may not come cheap and might not be worth your files. Therefore, you may want to remove it instead. It is a rather simple and primitive ransomware but, nevertheless, effective as it can render your files useless. Therefore, it is paramount that you protect your PC from infections like it. However, if you were unfortunate to get Random6 Ransomware, then you may want to find out more about it. Everything you need to know about it is provided below. Read more »

Karo Ransomware

Karo Ransomware

If your files with .txt, .sql, .cpp, .html, .java, .mdb, and .ruby extensions can no longer be opened and contain a new extension .ipygh, Karo Ransomware is the one that should be blamed for encrypting them, you should know. It is a malicious application, also known as a crypto-threat, which illegally enters users’ PCs and locks some files seeking to extract money from computer users. It encrypts the above-listed extensions not without reason as well. Cyber criminals know well that users consider these files the most valuable, and, consequently, they believe that it might be easier to obtain money from users by locking them. Even though the encryption of files is the major activity this malicious application performs on users’ computers, it is not the only one. For example, research conducted by experts at anti-spyware-101.com has revealed that this ransomware infection connects to the Internet, communicates with its C&C server, checks the version of the OS used, and tries to find out some technical information, for example, how many processors the machine has and whether it uses Virtual Box (a virtual machine). What is more, it downloads TOR on users’ PCs without their permission and, finally, issues several commands, e.g. cmd.exe /c taskkill.exe /f /im sqlwriter.exe to terminate certain processes. Judging from all these activities it performs on those affected PCs, it is a serious malicious application. Fortunately, it does not mean that it is impossible to delete it from the system, so remove it the second you discover this infection on your computer. Read more »

Whycry Ransomware

Whycry Ransomware

Although Whycry Ransomware is supposed to be a ransomware infection that takes your important files hostage, including your photos, videos, audio files, archives, documents, and even .exe files, you seem to be in the luck this time. As a matter of fact, our malware specialists at anti-spyware-101.com say that this first version of this threat seems to be unfinished and it actually crashes before it could start encrypting your files. This is certainly good news right now but it does not stop the authors of this malicious threat to come out with a new version that actually works. This can happen any time in the near future; and, if that hits you, it is quite likely that you will lose all your files if you do not save a backup to a safe place like cloud storage or a portable drive. Let this infection be a big warning that your PC's protection may not be the most effective. We advise you to remove Whycry Ransomware immediately to make sure that you can recover your system so that you can use your computer as this infection locks your screen. For further details on how this ransomware may sneak onto your system and what it could do, please read our full report. Read more »

Sumnum

Sumnum

Sumnum does not present streaming services. It cannot show sports events. It certainly cannot be trusted. All of this might be a surprise to those who have been tricked into thinking that this potentially unwanted program (PUP) is a reliable and useful tool. Of course, once the program is installed, it does not do anything that was promised, and so it should not be hard to understand that it is useless and, potentially, malicious. In fact, this PUP was never intended to be a useful program, and it appears that the only goals it has are to record as much information as possible, help third parties get that information, and then showcase third-party content, which might include advertisements. Do you want to be exposed to all that? If you do not, delete Sumnum without further hesitation. Read this report first to learn what kinds of problems you might have brought upon yourself by letting this PUP in. Read more »

Pro-search.me

Pro-search.me

Pro-search.me is a recently encountered questionable search tool that was tested and researched by our specialists. Therefore, if you are here to learn more about it, you came to the right place. In the text, we will discuss not only the application’s possible distribution channels, but also review all the accessible information related to it. Since we believe Pro-search.me to be unworthy of your trust, we encourage users removing the tool from their browsers with the deletion instructions located by the end of this report. Also, provided you have more questions about this search engine or its removal, keep it in mind you could leave a message in the comments section too or contact us through social media. Read more »

ViaCrypt Ransomware

ViaCrypt Ransomware

ViaCrypt Ransomware is a threat first detected at the end of June, 2017 by malware analysts. It enters computers to encrypt files and then tells users to enter a decryption key to restore them. Unfortunately, it is not so easy to get this key, but it seems that ViaCrypt Ransomware does not act like other ransomware-type infections do. That is, it does not demand money in exchange for the decryption key. Well, at least the version analyzed by specialists at anti-spyware-101.com does not even mention a ransom. To be frank, we cannot guarantee that all the users who encounter ViaCrypt Ransomware will need to go to unlock their files. It seems that there is a version that does not encrypt a single file after the entrance, so you should first check files stored on your PC first before taking action. If you encounter the version that does not lock personal data, all you need to do is to remove the ransomware infection from the system. That is, you do not even need to go to acquire the decryption key. You will find more about the removal of this ransomware infection at the end of this article. Read more »

Petna Ransomware

We are usually dealing with ransomware programs that allow us or should allow us to restore the affected files to some extent. However, Petna Ransomware just tries to pass for a ransomware program, while in fact it is a so-called “wiper” that can successfully wipe out most of your files. Therefore, there is no way to decrypt the affected files, and the only thing you can do about Petna Ransomware is remove it. And even for that, we would recommend contacting professional computer security specialists because by having this infection on your computer you have become a victim of a global malware attack. Read more »

SkullLocker Screenlocker

SkullLocker Screenlocker

Cyber security experts at Anti-spyware-101.com have recently come across a new ransomware-type computer infection called SkullLocker Screenlocker. Apparently, this application was designed to lock the screen of your PC and, thus, prevent you from using it. While this application has been classified as ransomware, testing has shown that this program does not demand that you send its creators money to unlock your PC’s screen. Hence, it locks your PC for the sake of locking it, and you are left to deal with it somehow on your own. Luckily, this program is very primitive, and you can bypass its lock screen and remove without too much effort. We have a guide on how to get rid of it below, but if you want to find out more about it, please read this whole article. Read more »

Secure Surf

Secure Surf

It is possible that you do not even remember installing Secure Surf, which is a questionable web search page, because this browser extension may crawl onto your system without your noticing it. In all fairness, we need to mention that you can also install it officially but statics show that it has not been done by too many people. Therefore, it is more likely that this tool travels the web in questionable ways and possibly not alone. This means that it is likely that you will find other potential threats or even malware infections on your computer right now. Our malware specialists have labeled this threat as a potentially unwanted program (PUP) because it may expose you to unsafe third-party ads and sponsored links that may put your system security at risk. Thus, we advise you to remove Secure Surf from your browser if you do not want to find out what might happen by keeping it on board and using it for a while. But let us explain more about this potential threat so that you can avoid similar or even worse threats in the future. Read more »

Cryptodark Ransomware

Cryptodark Ransomware

Cryptodark Ransomware is a recently detected malicious application. Unlike ransomware infections previously analyzed by researchers working at anti-spyware-101.com, it does not encrypt files at the time of writing; however, despite this finding, it has still been classified as ransomware because it demands money. Have you encountered this threat too? If so, do not send a cent to the cyber criminals’ Bitcoin address despite the fact that a window with a ransom note has covered your Desktop because it can be easily removed and, additionally, it is very likely that none of your files have been locked. What you should do instead is to remove the ransomware infection from your system fully. Before you take action, you need to close the window opened on your screen by Cryptodark Ransomware so that it would be possible to remove all its components. This can be done by right-clicking on the icon of the ransomware infection located on the Taskbar and selecting “Close window.” Also, since this threat does not automatically start with the Windows OS, it should be enough to restart the computer to be able to access Desktop freely. Read more »