Monthly Archives: August 2016

Ransomware is a type of malicious software whose purpose is to extract money from its victims. There are several types of ransomware, but, in this article, we will discuss Fantom Ransomware which is set to encrypt your files. Removing it is a must if you want to ensure your computer’s security. It is configured to demand that you pay a ransom to get the key needed to decrypt your files, but there is no guarantee that you will get it and that is something you ought to consider. Moreover, the sum of money the developers "ask" you to pay is unknown until you contact them via email. If they happen to be greedy, then your files may not be worth the money. Please continue reading to find out more. Read more »

Cyber_baba2@aol.com Ransomware might seem to come out of nowhere, but it is most likely that you have let in this malware yourself. In most cases, the victims of this malicious threat let it in via spam emails. All you need to do is open a corrupted attachment that might look harmless to let the infection in. Once in, the ransomware can corrupt your files by jumbling data and attaching the ridiculous “.[id number].cyber_baba2@aol.com.xtbl” extension to them. If you see this extension attached, and the file is unreadable, you can be sure that the ransomware has attacked. Most users realize that this infection is active once the desktop wallpaper is replaced with wp.jpg. This file represents a picture of a sadhu, which, in Hinduism, is considered a holy person. The file also displays text that represents cyber_baba2@aol.com, and that is where the name of this threat comes from. If you want to learn more about this email address, the activity of the threat, and the removal of Cyber_baba2@aol.com Ransomware, continue reading. Read more »

Serpico Ransomware is a malicious program that encrypts data and lets its victims know about it by playing a record in which a computer generated voice is reading the ransom note. Unfortunately, the text is not in English, so you may be unable to understand it. It says that you have to pay 50 euros to get a decryptor. Instead of giving the instructions on how to transfer the money, the infection’s developers demand users to email them. However, putting up with their demands could be a bad idea since there are no assurances that Serpico Ransomware’s will deliver the promised tool. Luckily, there is no need to make any rash decisions. Therefore, you should read more about the malware first and then if you decide to erase it, have a look at the removal instructions below. Read more »

You cannot be careless about spam emails. If you open them and interact with the contents provided to you via them, Domino Ransomware could slither in without any warning. This dangerous ransomware hides in spam email attachments, and it was created to encrypt your files (it uses the AES 1024 encryption key) and demand a ransom payment in return of their decryption. According to the malware analysts at Anti-Spyware-101.com, this devious infection works silently, and it is most likely that its victims will recognize it only after the damage is done. As you might have found yourself, this threat is capable of encrypting your personal files, including PDFs, photos, or video files. Obviously, if you have not backed up your personal files, you depend on cyber criminals to provide you with a decryption key, and that is not a situation you want to be caught in, do you? Keep reading to learn more about that and the removal of Domino Ransomware. Read more »

Malevich Ransomware is named this way because the malicious program changes user’s Desktop wallpaper with an image that contains the word “Malevich.” This picture should appear after the malware finishes encrypting user’s personal and program data. Besides, the new wallpaper, the user should also notice a text document created after the encryption. It is a ransom note left by the cyber criminals who developed the malware. Instead of giving detailed instructions, Malevich Ransomware’s creators want to be contacted via email. Thus, it is hard to tell what the price could be, as it might be different for each user or all the same to everyone. However, what we do know is that paying the ransom could be risky. As you continue reading the article, we will provide you with more information and most importantly we will place step by step deletion instructions below the article. Read more »

We have yet another ransomware based on the CrySIS Ransomware engine to report, and this one is called Ninja_gaiver@aol.com Ransomware. This malicious ransomware might have a unique name, but it is no different than Milarepa.lotos@aol.com Ransomware, Drugvokrug727@india.com Ransomware, and all other threats that belong to the same family. Unfortunately, at the moment, decryption tools that would be able to decrypt files corrupted by these ransomware infections do not exist. This means that you are completely in the hands of the cyber criminals who have developed the ransomware. If your files were corrupted by this malicious threat, there is very little you can do. If you have not encountered this threat yet, please reinforce protection immediately because you do not want to lose your files. Of course, if the ransomware is already active, make sure you delete it as soon as you read this report. We include instructions that will help you remove Ninja_gaiver@aol.com Ransomware manually. Read more »

Sitaram108 Ransomware is a computer threat targeted at users’ personal files. Once it is inside the computer, it scans it and then locks all the valuable files it manages to find. According to specialists who have carried out research, Sitaram108 Ransomware locks such files as pictures, documents, music, and even third-party applications. You will quickly notice that you cannot access them. On top of that, they will have the new filename extension, e.g. id.-(unique ID).{sitaram108@india.com}.xtbl or .id-(unique ID).{sitaram108@aol.com}.xtbl. Cyber criminals expect that many users will contact them and then pay the required amount of money for the decryption tool. We understand that you need your files back badly; however, we do not recommend transferring money to cyber criminals because you have no guarantees that you will receive the key or software to decrypt those files. Even though Sitaram108 Ransomware is based on the CrySiS Ransomware, and it is said that it is basically impossible to decrypt those files it touches, you should still download the free tool from the web to try to unlock files. If you find the free software useless, we suggest that you keep those encrypted files because specialists might develop the free tool in the future. Of course, it does not mean that you do not need to remove Sitaram108 Ransomware from your computer. Read more »

Milarepa.lotos@aol.com Ransomware might be the new release of the cyber criminals who developed such malicious programs as Vegclass@aol.com Ransomware, Meldonii@india.com Ransomware, Redshitline Ransomware, or other infections alike. Apparently, the threat was created while using the same CrySiS Ransomware engine. Since we have tested not only this particular malware but also lots of other similar ones, its working manner is well known to our researchers at Anti-spyware-101.com. For instance, we can tell you that the malicious application should encrypt all data on the computer except the one that belongs to the Windows operating system. As you continue reading the article, you will learn even more details about the infection. In addition, we are placing removal instructions below the text. Thus, if you were looking for a way to eliminate the malware manually, you came to the right place. Read more »