There is a reason why your files have a new .locked extension. The chances are high that a malicious application called The Magic Ransomware has slithered onto your computer successfully if original extensions of your personal files are gone. It does not differ at all from other ransomware infections – it encrypts users’ pictures, documents, videos, and music in order to obtain money from them. Users living in Italy should be the most careful, our security specialists say, because the ransom note this infection drops after the encryption of files is almost all in Italian, which suggests that this ransomware infection targets Italian-speaking users primarily. We are sure your files are locked too if this nasty infection has shown up on your PC illegally. Luckily, it is not that hard to remove it, so, please, go to erase it from your system as soon as possible. Unfortunately, we cannot say the same about the decryption of files. To be frank, we cannot even promise that you could unlock them without the decryption key cyber criminals have. Of course, we do not try to say here that you should go to purchase it from them because nobody knows if they are willing to give it to you. Consequently, you should focus on the removal of The Magic Ransomware mainly. Read more »
Trojans - Page 95 category archyve:
Viiperware
Viiperware, which is also known by malware researchers as Viiperware Ransomware, is a new malicious threat that seems to be in its test phase only but it can already cause some headaches. This ransomware program is in fact based on the well-known Hidden Tear Ransomware, which is an open-source program that was originally designed for security specialists as an educational project. However, hackers and wannabes started to use it as a good base for ransomware infections. Although this particular version cannot yet cause total devastation on your computer, it certainly has the skills to do so in the near future once it gets finished. Right now it only encrypts your files in one test directory and it only asks for a small ransom fee in exchange for the decryption key, which is indeed saved on your system and can be used to recover any possibly encrypted files. Fortunately, it is not too complicated to remove Viiperware from your system but before you do so, let us tell you more about this threat as it can soon turn into a real beast. Read more »
Kovter.c
Kovter.c is not the kind of malware that uses camouflages and tries to convince users that it is harmless. It is also not the kind of malware that shows up, reveals its true nature, and then demands something. This malware is much more clandestine than that, and it banks on staying invisible. Unfortunately, it is usually successful at that because it runs from the Windows Registry. You will not find malicious processes in the Task Manager, and you will not find suspicious files. Due to this, many victims do not know that this threat exists on their operating systems at all. If you are researching the removal of this malicious Trojan, the chances are that you have been introduced to the threat by a legitimate malware scanner. If you are still not sure if you need to delete Kovter.c from your operating system, it is crucial that you install and run a legitimate and up-to-date malware scanner immediately. Remember that the malicious infection could be identified with different names by different malware scanners. Read more »
Atchbo Ransomware
Atchbo Ransomware is one scary infection because when it slithers in it silently encrypts all of your personal files. Once that is done, the threat also locks the screen to make it impossible for you to terminate malicious files, remove the infection, or even see which files were corrupted. While there are many threats that pose as file-encryptors – they often lock screens just so that users could not see that files are safe – this is not one of them. This ransomware is real, and it was created for the sole purpose of forcing you into paying the ransom. Although this ransom is not very big (between 40-60 USD, depending on the conversion rates), paying it is not what Anti-Spyware-101.com researchers would ever recommend because your input is unlikely to help you decrypt your personal files. All victims, including those who have their personal files backed up and those who might end up losing their files, must delete Atchbo Ransomware. The operation might be lengthy and complicated, but it must be performed right now. Read more »
LockOn Ransomware
LockOn Ransomware is a typical ransomware infection that has been developed for money extortion. Luckily, it is not distributed actively yet because it is still in development, so the chances are not very high that you will ever find this infection on your computer. If you are reading this article not out of curiosity, i.e., LockOn Ransomware has already infiltrated your computer, you should go to delete this infection right away. The first symptom showing that this threat has been installed on the system is a window placed over Desktop. Also, if you have a “test” folder with files located in %HOMEDRIVE%\Users\Exploits\Desktop, you will find them all encrypted. Currently, this infection affects files located in this directory only, but, of course, it might be updated one day, so its behavior might change. No matter which version of this ransomware infection you find on your computer, you must delete it as soon as possible. The version specialists at anti-spyware-101.com have analyzed is not sophisticated at all, so it should not be hard to remove this malicious application. You will find more about its removal in the second half of this report. Read more »
Anubi Ransomware
According to our cybersecurity experts, Anubi Ransomware is a recently released ransomware-type computer infection that can encrypt your files and then offer you to purchase a decryption tool/key to get them back. They even offer you to send three encrypted files, and they send you them back decrypted as proof that they can decrypt all of your files. However, your fill might not be worth the money, and there is no guarantee that the cybercrooks will keep their word. Therefore, we recommend that you remove this ransomware. For more details on this malicious program, please read this whole article. Read more »
Asasin Ransomware
Asasin Ransomware is an infection that was unleashed to take your money. This threat is not new, and, in fact, it is a new variant of the well-known Locky Ransomware. This infection is one of the most prevalent threats nowadays, and it has been that way since it first emerged in early 2016. All versions of this malware are named after the extensions that are attached to the encrypted files. Some of the extensions include .zepto, .odin, .thor, .aesir, and .osiris. If you discover that an unfamiliar extension was attached to your personal file (e.g., a photo or a document), it is most likely that a malicious infection has corrupted it. The good news is – if you can consider it that – you do not need to hunt for ransomware because it exposes itself once it is done encrypting the files. It displays a ransom message in one way or another, and if it did not do that, the creator of the threat could not coerce you into paying a ransom for some alleged decryption tool or key. So, have you been introduced to the ransom demands? What should you do about them? Should you pay attention to them or should you remove Asasin Ransomware right away? Continue reading to find out. Read more »
X1881 Ransomware
A new malicious application X1881 Ransomware, often referred to as crypto malware, has been detected. It has turned out that it is not exactly a completely new threat. Malware researchers have proof that it is a new version of CryptoMix Ransomware (you can read about it on your website). This new version is as dangerous as the previous one, so we are sure you will find a bunch of your files encrypted if it ever slithers onto your computer. Ransomware infections do not encrypt users’ files just to make fun of them. Malicious software developers use these infections to obtain money from ordinary users easier. Although X1881 Ransomware does not ask users to make a payment right away, we are sure you will be told when you write an email to cyber criminals that the only way to decrypt those locked files is to pay a certain amount of money to them. Needless to say, sending money to malware developers is the worst users can do because the chances are high that their files will stay locked. It does not mean that it is impossible to unlock the encrypted data without the special decryptor cyber criminals have – you could restore your files from a backup. The restoration of files should only take place when X1881 Ransomware is removed completely because it can launch automatically with the Windows OS due to the entry it creates in the Run registry key, meaning that you could not disable it and, as a consequence, it will strike again and lock those decrypted files. Read more »
Tyrant Ransomware
Tyrant Ransomware is a newly released malicious application that was based on an open-source ransomware project known as DUMB. This ransomware is only semi-functional as it was designed to lock your computer’s screen but, in some cases, it might also encrypt your personal files. In any case, regardless of what it will do to your PC specifically, it will demand you pay money to unlock your PC and/or decrypt your files. However, you should not trust the cybercrooks to keep their word, so we recommend that you remove this ransomware as soon as the opportunity arises. Read more »
Ender Ransomware
If your operating system is not protected, every careless step you make could lead to the infiltration of malware. Ender Ransomware is one of the many infections that could slither into your operating system, and if you are not familiar with this threat, you could be tricked into believing that it has encrypted your personal files. That is the claim that is made via the ransom note window that pops up as soon as the infection is launched. Anti-Spyware-101.com research team has analyzed this infection, and our conclusion is that the ransomware does not encrypt files. That, of course, is the good news. The bad news is that this malware is still dangerous and unpredictable, and if you keep it installed for much longer, your virtual security could be jeopardized. Needless to say, we advise deleting Ender Ransomware as soon as possible, and if you want to learn more about the threat and its removal, this is the report you need to continue reading. Read more »