Posts

Mole00 ransomware: how to decrypt virus .MOLE00 files

Mole00 ransomware: how to decrypt virus .MOLE00 files

Learn how to remove MOLE00 ransomware strain from Windows computer and restore encrypted .MOLE00 extension files without submitting the ransom to attackers. July 2017 update: The most recent version of MOLE ransomware is .MOLE01 The Mole ransomware family engages much more social engineering in the attack chain than the vast majority of crypto threats in […]

Decrypt .loptr files – Locky ransomware virus variant

Decrypt .loptr files – Locky ransomware virus variant

This post provides analysis of the Locky ransomware edition that appends the .loptr extension to encrypted files and leaves loptr-[4_chars].htm ransom note. Some strains of ransomware surface and quickly vanish to never come back, but some evolve in order not to become stationary targets. The latter trend mainly applies to lineages of crypto malware architected […]

Perfc.dat file makes Windows immune to Petya/NotPetya ransomware

Perfc.dat file makes Windows immune to Petya/NotPetya ransomware

Researchers have found a way to protect a Windows computer against the current outbreak of the revamped Petya ransomware using the ‘perfc‘ file trigger. A new massive ransomware distribution wave, which took root as of June 28, is instilling fear with its top-notch proliferation tactics and devastating effect on compromised computers. This time, it’s a […]

Petya ransomware removal and system recovery (upd. June 29)

Petya ransomware removal and system recovery (upd. June 29)

Learn how the Petya ransomware is different from other crypto threats, why it is considered a high-profile infection, and how to go about the attack. The ransomware called Petya illustrates the fact that crypto viruses are evolving over time. The perpetrators are no longer content with the tactic where victims’ personal data is held for […]

Sorebrect ransomware – fileless malware exploits PsExec utility

Sorebrect ransomware – fileless malware exploits PsExec utility

The Sorebrect ransomware is more sophisticated than the average crypto strain because it boasts stealthy fileless execution and easily evades AV suites. Considering all ransom Trojans the same except their names is a wrong perception. Whereas the extortion scheme proper tends to be common ground, the modus operandi is a variable. The ransomware dubbed Sorebrect […]

Remove MOLE02 ransomware virus and decrypt .mole02 files (upd. July 03)

Remove MOLE02 ransomware virus and decrypt .mole02 files (upd. July 03)

It appears that CryptoMix virus is back again. Its fresh variant is labeled as MOLE02 ransomware. This update changes files extensions to .MOLE02 for all encrypted files. The new version of MOLE virus also uses new ransom note and Tor website. Ransom note text: !!!IMPORTANT INFORMATION!!! All of your files are encrypted with RSA 2048 […]

Erebus ransomware infects Linux web servers in South Korea

Erebus ransomware infects Linux web servers in South Korea

Since the crypto ransomware called Erebus is professionally designed and currently cannot be cracked, it is shaping up to be another serious security problem. There is no computer completely immune to ransomware. What is more, these threats are getting increasingly sophisticated over time. Even if one exercises due caution with files that go with malicious […]

Decrypt .master ransomware files – BTCWare virus variant

Decrypt .master ransomware files – BTCWare virus variant

A new version of the BTCWare ransom Trojan is out that appends the .master extension to encrypted files and drops a ransom note named !#_RESTORE_FILES_#!.inf. The evolution of the BTCWare crypto hoax is underway. Its latest edition has introduced a few external tweaks, while on the inside it is still the same, quite professionally tailored […]

Remove unTabs virus in Chrome, Firefox, IE and Safari

Remove unTabs virus in Chrome, Firefox, IE and Safari

Learn how to get rid of unTabs, a potentially unwanted program that gets installed on its own, changes the default search engine and displays nagging ads. It’s amazing how a commendable idea can be implemented in a way that makes people want to opt out. The application called unTabs is a shining example of such […]

Taskeng.exe virus popups removal in Windows

Taskeng.exe virus popups removal in Windows

The issue with Taskeng.exe popup windows fully demonstrates the blurred gist of present-day malware, where the line between legit and malicious is very thin. There are two different facets of the Taskeng.exe. On the one hand, it is a genuine Windows process referred to as the Task Scheduler Engine. Residing in C:\Windows\System32 directory, this entity […]

Page 3 of 17«12345»10...Last »