Monthly Archives: September 2018 - Page 2

At the moment, TotalWipeOut Ransomware cannot wipe out your personal files, but it is built as a file-encryptor, and so it would be a mistake to underestimate this infection. Anti-Spyware-101.com research team has recently obtained a sample of this malware, and it was tested in our internal lab. The conclusion: It is not a threat yet, but it could be upgraded to attack Windows systems and encrypt files. This is why we must discuss this threat and, of course, its removal. If you do not know what to think about this infection, and you have no idea how to get rid of it, you should keep reading this report. We show how to delete TotalWipeOut Ransomware from the operating system, and we provide you with tips that should help you keep malicious infections away in the future. Don’t forget that while you might be most interested in eliminating the ransomware at this point, it is crucial that you take into account that securing your operating system is the most important task. Read more »

It would be a lie if we told you that Scarab-Good Ransomware is a brand new malicious application because it is surely not. Research has clearly shown that this malicious application is a new Scarab Ransomware version. Just like all the previous versions of this threat, it mercilessly encrypts files on users’ computers. We are sure this will not go unnoticed. You will find out soon after its successful entrance that you can no longer access almost all files you consider valuable, including your documents, music, and pictures. Scarab-Good Ransomware is one of those nasty infections that try to obtain money by any means, so do not expect to unlock your files by erasing this infection from your system. Your files will stay encrypted even if you fully erase this ransomware infection. Unfortunately, it might be impossible to decrypt files locked by this threat – they are all encrypted using a strong encryption algorithm. Usually, ransomware infections use the Advanced Encryption Standard (AES)  to lock data on affected computers, which is definitely one of the strongest encryption algorithms available, so cracking it might be quite a problem. Usually, the only option victims have is the retrieval of files from a backup. If you have not backed up your files once in your life, those encrypted files might stay locked forever because it is not very likely that free decryption software that could help you will be developed anytime soon. Read more »

You do not want Trojan.Redgamble invading your operating system because if it does, it can steal highly personal information in a completely clandestine manner. This infection does not need to trick you into giving this information up, as it can use its own elements to steal this information illegally. According to Anti-Spyware-101.com research team, the infection can record data and capture screenshots to obtain even more information. The strange thing is that this malicious infection appears to have been created for the collection of very specific information. Do you play online gambling games, such as poker? If you do, you are the target of this Trojan. Of course, we cannot refute the possibility that other types of personal information could not be recorded by the infection, and that gives an additional push to remove it. Are you afraid you cannot delete Trojan.Redgamble from your operating system manually? Do not worry about this. We’ve got you. Of course, if we fail to answer all your questions in this report, you can always post your comments below. Read more »

Mimicry Ransomware might not look like much of a dangerous threat until it unleashes its malicious spell upon your computer. Perhaps you can already tell from its name that this program has something to do with a ransom.

The point is that this infection holds your files “hostage” until you supposedly transfer the ransom fee. However, we would like to point out that paying the ransom does not guarantee this program would “release” your files. Hence, you should focus on removing Mimicry Ransomware from your system, and the idea of paying the ransom should not even cross your mind. Read more »

Golden Ransomware is not a threat that works fully, but it does not mean that you are safe – crooks might soon release its final update and then it will lock your personal files without mercy. At the time of analysis, the infection was still in the development phase and thus did not lock a single file on our testing machine, but we cannot guarantee that you will be that lucky if you encounter its new version. Even if you encounter the same version analyzed by researchers at anti-spyware-101.com, it will still cause you trouble because it will execute a command shutdown -a to make sure it cannot be closed or killed by the user. In other words, it is a persistent infection that does all what it can to make sure it does not get removed. It does not mean that it cannot be erased. We cannot promise that it will be easy to eliminate it, but you could still delete it from the system yourself manually after you boot into Safe Mode or Safe Mode with Networking. We want to emphasize that you have to choose Safe Mode with Networking if you plan to download an automated malware remover and delete Golden Ransomware automatically. Read more »

After taking a closer look at Jeff Ransomware, our researchers concluded it is probably still being developed. Therefore, we doubt the malware could be spread among a lot of users. Nonetheless, we believe it is essential to learn about it just the same in case it gets upgraded and becomes a serious threat. In the article, we will explain why we believe it not yet finished and talk about its working manner. Moreover, users who are interested in how it could be erased will find instructions showing how to do so manually. Of course, if you encounter an updated version of Jeff Ransomware, it might act differently, and the provided deletion guide may not help you remove it completely. For this reason, it might be best to use a legitimate antimalware tool that could take care of the malicious program with no trouble. Read more »

DBGer Ransomware is a malicious program that may attack computers vulnerable to the so-called EternalBlue exploit. If the malware succeeds and settles in it should encipher user’s photos, documents, and other personal files with a secure encryption algorithm. As a result, the device should be unable to recognize modified files. Meaning, the only way to access them is decrypting them. Sadly, the only ones capable of deciphering data encrypted by DBGer Ransomware is the hackers who created it, and they ask for around six thousand US dollars for such services. Naturally, if you do not have so much money to spare, or do not want to risk being scammed; we would advise ignoring the malware’s displayed ransom note. For more information about the threat and the ways it can be erased, you should read our full article. Read more »

Wannacryv2 Ransomware is considered to be a copycat of WannaCry Ransomware; however, research conducted by specialists working at anti-spyware-101.com has clearly shown that this malicious application differs from the original threat completely. The only thing that unites them is the fact that they both lock files. Surprisingly, Wannacryv2 Ransomware does not drop a ransom note, and, on top of that, it is impossible to contact its author in order to purchase the decryption tool, which suggests that the ransomware infection is still in development, or it is just a test. Consider yourself lucky – we have a code that can unlock your files. You will have to enter it in the box the program (wanna cry v2 decryptor.exe) this ransomware drops on affected computers contains. You can find the unlock code indicated in our removal guide (you will find it below this article), but do not forget that you still need to eliminate the ransomware infection from your computer yourself – it will not be erased from your system automatically once files are unlocked. Read more »

It is very likely that you have let Scarab-Cybergod Ransomware into your Windows operating system yourself, and you might have done that by opening corrupted links or spam email attachments. Our research team at Anti-Spyware-101.com also suggests that unprotected RDP channels could be used to spread the malicious infection silently. If the threat infiltrates the operating system silently, you are unlikely to realize that you need to remove anything malicious. Needless to say, if you do not take care of that, the threat starts performing malicious processes, and the most important one is to encrypt files. The infection uses an algorithm to encrypt files and make the data unreadable. If the files are corrupted successfully, you cannot restore them, unless backups exist outside the infected operating system. Even if you delete Scarab-Cybergod Ransomware successfully, your files would not be restored automatically. Therefore, if you still have the chance, you need to protect your system and files against this malware. If you are already dealing with it, you need to get rid of it ASAP. Read more »