Monthly Archives: January 2018

CCord SystemLocker is a computer infection that is classified as ransomware. It means that it holds your computer hostage and wants you to pay a ransom fee. If you pay the fee, the program will give you your system back, or so it says. These days, when we deal with ransomware programs, we usually expect to encounter the encrypting ransomware programs that scramble user’s files and then wait for users to pay for the decryption key. CCord SystemLocker, on the other hand, does not do anything of the sort. This program locks your screen, and you need to remove the infection for good if you want to access your desktop again. Read more »

Lebal is a nasty malicious application that will steal information from your computer if it ever slithers onto it. To tell you the truth, it seems that this infection primarily targets private companies, organizations, and institutions, but, of course, you cannot be so sure that you will never find it on your computer either, so you should be cautious 24/7. If you suspect that you could have become one of the victims of this nasty threat, scan your system with an antimalware scanner or check the main folders on your computer yourself. You should be able to find malicious .exe files representing Lebal in %TEMP%, %USERPROFILE%\Desktop, or %USERPROFILE%\Downloads. If it turns out to be true that you have a Trojan active on your computer, you must delete it as soon as possible. Unfortunately, it usually takes some time for users to realize that they have this Trojan because these threats enter computers illegally and perform activities in the background. Specifically speaking, Lebal is a threat used to steal personal information from users’ computers. As a consequence, if you do not disable it, privacy-related problems will arise sooner or later. It is not so easy to delete Trojans manually, but we promise to help you erase it – continue reading! Read more »

GandCrab Ransomware is yet another file encrypting infection that was created by cyber criminals to take your money. Just like most other threats of this kind, the ransomware could slither into the targeted system using corrupted spam emails and known security backdoors, but our Anti-spyware-101.com malware researchers have found that the threat can also be spread using the RigEK exploit kit. RigEK delivers malicious payload when the victim visits an unsecure website. After this, it employs Javascript to check for any vulnerable plug-ins that could be exploited. At the time of research, the ransomware was mostly affecting Windows users in South Korea, the United States, China, and Russia, but that does not mean that you are safe if you live in a different region. If you still have time, you need to protect your operating system as soon as possible, but if the malicious infection has already invaded, you need to focus on deleting it first. If you do not know how to remove GandCrab Ransomware, you will find useful information in this report. Read more »

You do not want to encounter Blacknord@tutanota.com Ransomware, believe us. Research conducted by specialists working at anti-spyware-101.com has clearly shown that this malicious application is one of those threats mercilessly encrypting users’ files. As a consequence, it is called crypto-malware by researchers. If it is already too late for prevention, i.e. if you have discovered the ransomware infection on your computer, you cannot turn the clock back and prevent it from entering your system, but it does not mean that you have to live with Blacknord@tutanota.com Ransomware active on your system. Specialists say that this threat should be removed from the system as soon as possible because it does not stop working after encrypting files on affected computers. It creates a Value in the Run registry key, so it continues working even if the affected machine is rebooted. If it is not disabled, you might find more files encrypted on your computer soon. We are sure you do not want to discover more ruined files, so we will help you to delete Blacknord@tutanota.com Ransomware fully. Continue reading this report for now. Read more »

Killbot, also known as KillBot_Virus Ransomware, could be a severe threat to your system and to your files once its finished version manages to slither onto your PC. As a matter of fact, our malware experts at anti-spyware-101.com say that this ransomware program seems like a project in development as not all functionalities work just yet. However, since this malicious program is coded in .NET, we inspected it and found that this threat can actually cause serious damage to your system once it is finished. In fact, it seems like a wiper and ransomware hybrid that has capability to encrypt all possible files on your system, including .exe files. Fortunately, the current version simply locks your screen with its ransom note but does not encrypt or damage your files. Therefore, you can relatively easily remove Killbot from your PC without losing your files to encryption. Nevertheless, you cannot take this threat lightly because if it has managed to infiltrate your system this time, what will protect you next time? Read more »