Author Archives: Max Lehmann - Page 76

Fake WindowsUpdater Ransomware is a malicious application which, just like its predecessors, encrypts users’ files with the AES-256 encryption algorithm. Its name, we can assure you, is not random. It has been given this name because of the name WindowsUpdater.exe found in its source code. Of course, it does not really matter what its name is. The most important thing is that it has all the features of a typical ransomware infection, i.e. it finds users’ valuable files after the successful entrance, encrypts them all, and then opens a ransom note. At the time of writing, the C&C server (http://ganedata.co.uk/ransomware/ransomware.php) of this ransomware infection is already dead, which suggests that it is no longer active. Unfortunately, there are no guarantees that this infection will not be fixed in the near future and thus will not start encrypting users’ files again, so do not be so sure that you will not encounter it. Most probably, you are reading this article because you have already detected Fake WindowsUpdater Ransomware on your computer. If we are right here, delete this computer infection from your system no matter it has encrypted your files or not, i.e. no matter you have encountered a working version of this threat or not. Read more »

LMAOxUS Ransomware is a malicious program that must be removed without any hesitation if it is ever found up and running on your personal computer. This is crucial since its functionality is extremely malicious. If you are not familiar with ransomware program, you must be aware of the fact that applications of this category are fully capable of locking enormous amounts of personal data without requiring any authorization whatsoever. It is not hard to understand that having this devious program active on your personal computer could have detrimental outcomes, to say the least. If you consider yourself to be a security conscious user, you must take appropriate virtual security measures to keep your PC clean and secure. In this article, we provide a few virtual security recommendations along with detailed information regarding the overall functionality of LMAOxUS Ransomware. We also include a detailed removal guide that you should use to delete this malware once and for all. Read more »

Project34 Ransomware is a major attack against your personal files that was most likely designed initially to only target Russian speakers; however, our malware specialists at anti-spyware-101.com say that this dangerous ransomware was also spotted in other regions as well in March, 2017. When your PC gets hit by such a vicious program, it is possible that you will be unable to recover your most important files. This is why we keep emphasizing the importance of making regular backups on either cloud storage places or removable media. Of course, you always have the option to pay the ransom fee these cyber crooks demand from you for the recovery of your files, but, in reality, there is little chance that you will actually receive anything in exchange. If you want to be able to move on and use your PC safely, we advise you to remove Project34 Ransomware ASAP. For further details, please continue reading our article. Read more »

A new ransomware-type infection Crptxxx Ransomware has been discovered by experts working in the cyber-security field. It has turned out that it is quite an old infection, which might even be an old version of Btcware Ransomware. Although its infection rate is no longer high, theoretically, users might still find it on their computers. The main symptom showing that this computer infection has successfully entered the system is a bunch of encrypted files on the computer. It scans the system and finds pictures, documents, media files, and other valuable files first before locking them. Luckily, it does not enter computers with the intention of ruining the Windows OS, so, as a consequence, the %WINDIR% folder will be left intact. The same can be said about the folder of Internet Explorer. Ransomware infections perform the encryption of personal files not without reason. We can assure you that they do not seek to make you angry either. Instead, it is all about money. Even though the victims of Crptxxx Ransomware do not find any information about a ransom in a ransom note left by this infection, it does not mean that they will get their files unlocked for free. Of course, we do not try to say here that users should immediately go to pay money to bad people when they discover ransomware on their PCs. Read more »

Rijndael Ransomware is a computer infection developed by the author who calls himself/herself humanpuff69. It seems to be a new version of Dnransomware Steps, which was spotted by our malware analysts in January 2017. Although it is a newly-detected computer infection, it seems that it has borrowed a working scheme from other ransomware infections because it does not differ from them in any way. After tricking users into downloading it, this malicious application finds files stored on the computer and then encrypts them all. It always acts the same unless a user downloads a corrupted malicious file. If you suspect that this ransomware-type infection is inside your computer too, delete it no matter it has encrypted your files or not. It will be slightly more difficult to do that if it has “locked” your Desktop, but, with our help, its removal should not be a task that is impossible to accomplish. Read more »