Author Archives: Max Lehmann - Page 65

RanRans Ransomware is one of the newest ransomware-type infections specialists at anti-spyware-101.com have detected. If it ever successfully enters your computer, you will discover files located in %USERPROFILE% and %ALLUSERPROFILE% (including its subfolders) encrypted. The ransomware infection has been set to lock users’ personal files not without reason. Cyber criminals expect that this will help them to obtain money from users more easily. Even though the ransom RanRans Ransomware asks is quite small if compared to the amount of money required by other ransomware-type infections, do not encourage cyber criminals to continue developing malicious applications by sending them money. It is, of course, not the main reason you should keep the money to yourself. Specialists also do not recommend transferring money to cyber criminals because there are no guarantees that files could be unlocked. Unfortunately, it might be impossible to unlock files without the special decryption software users are told they could download from any of the three provided URLs (http://bit.ly/2pSvha0, http://bit.ly/2pSGjvO, and http://bit.ly/2qtVk8B) after paying a ransom, but it does not mean that you should go to send money. Read more »

Crystalcrypt Ransomware is a malicious infection that can leave you with encrypted data without the decryption key. The main reason this program enters your computer is money. However, you should never pay anything to the people behind this infection because that would only encourage them to continue to malicious practices. Please remove Crystalcrypt Ransomware from your computer following the removal instructions you will find right below this description. If you find the manual removal too challenging, you can always leave us a comment, and our research team will guide you through the process step by step. Read more »

ForceLocker Ransomware is a malicious application targeting Russian users primarily. It seems to be a new version of ShellLocker, a ransomware infection detected by specialists some time ago, because they are similar to each other. The first thing ForceLocker Ransomware does on users’ PCs after the successful infiltration is encrypting personal files. Then, it locks Desktop by placing a screen-locking window with a ransom note on it. It becomes clear after reading the message left on the screen that all this threat wants from users is their money. Of course, you should not send a ransom no matter how badly you need your files back. What we recommend doing instead is simply deleting this infection from the system and then recovering files from a backup. We have to tell you the truth – it might be impossible to restore files if you do not have a backup of files because the encryption key AES-256 which it uses is one of the strongest encryption algorithms. Read more »

Whoever created Fenrir Ransomware, they must be in the Norse mythology, seeing how they gave their program the name of the monstrous Norse wolf. Perhaps they expected their program to be just as destructive as the mythical creature. Judging from the reports we get from distressed users, the program must have reached at least part of their intended victims.

It is unfortunate that there is no public decryption tool that would allow us to restore the files encrypted by this infection, but you can actually remove Fenrir Ransomware if you check out the manual removal instructions we have compiled right below this description. Read more »

If ReadIT Ransomware manages to infiltrate your system, there is a good chance that you can say goodbye to all your important files. This ransomware infection can encrypt most of your personal files, including your documents, photos, videos, databases, and more. Your only possible way out of this threat is to have a recent backup saved in cloud storage or on a removable hard disk. Of course, your attackers will offer you their sort of way out if you contact them. Obviously, you will be told to pay a certain amount of ransom fee in exchange for the unique decryption key without which it is not yet possible to recover your files. Malware hunters are most likely working hard on a solution to provide victims with a free tool, but as of yet no such tool has emerged on the web. Our malware specialists at anti-spyware-101.com say that you should remove ReadIT Ransomware immediately if you would like to use your computer even if this could mean the loss of your files. Of course, whatever you decide to do is up to you. But please keep in mind that paying any money to criminals would simply encourage them to go on with their dirty business. Read more »

J Ransomware is a computer infection that seemingly has not been developed to the fullest yet. Although it can encrypt your files, the program does not come with the features that would allow it to collect the ransom payment from you. Hence, you need to deal with the consequences of this infection, without the chance of restoring your files with the decryption key from these criminals. As a public decryption tool is not available either, you should focus entirely on removing J Ransomware from your computer. You might be able to restore your files using other means, but first, you need to make sure that your computer is safe and clean again. Read more »

ViaCrypt Ransomware is a threat first detected at the end of June, 2017 by malware analysts. It enters computers to encrypt files and then tells users to enter a decryption key to restore them. Unfortunately, it is not so easy to get this key, but it seems that ViaCrypt Ransomware does not act like other ransomware-type infections do. That is, it does not demand money in exchange for the decryption key. Well, at least the version analyzed by specialists at anti-spyware-101.com does not even mention a ransom. To be frank, we cannot guarantee that all the users who encounter ViaCrypt Ransomware will need to go to unlock their files. It seems that there is a version that does not encrypt a single file after the entrance, so you should first check files stored on your PC first before taking action. If you encounter the version that does not lock personal data, all you need to do is to remove the ransomware infection from the system. That is, you do not even need to go to acquire the decryption key. You will find more about the removal of this ransomware infection at the end of this article. Read more »

We are usually dealing with ransomware programs that allow us or should allow us to restore the affected files to some extent. However, Petna Ransomware just tries to pass for a ransomware program, while in fact it is a so-called “wiper” that can successfully wipe out most of your files. Therefore, there is no way to decrypt the affected files, and the only thing you can do about Petna Ransomware is remove it. And even for that, we would recommend contacting professional computer security specialists because by having this infection on your computer you have become a victim of a global malware attack. Read more »