Category: Ransomware

How to Remove the KOOM Ransomware

Posted on September 23, 2021 - Infections, Ransomware, Removal Guides, Security Tips

KOOM is a ransomware from the STOP/DJVU family that will encrypt a user’s file (photos, videos, documents, spreadsheets, etc.) with the .koom extension. It will take over your computer functionality and lock your personal files until you pay a “ransom” in order to get access back.

The ransom note is in the form of a “_readme.txt” file which contains the following details:

ATTENTION!

Don’t worry, you can return all your files!
All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.
The only method of recovering files is to purchase decrypt tool and unique key for you.
This software will decrypt all your encrypted files.
What guarantees you have?
You can send one of your encrypted file from your PC and we decrypt it for free.
But we can decrypt only 1 file for free. File must not contain valuable information.
You can get and look video overview decrypt tool:
[different links per User ID]
Price of private key and decrypt software is $980.
Discount 50% available if you contact us first 72 hours, that’s price for you is $490.
Please note that you’ll never restore your data without payment.
Check your e-mail “Spam” or “Junk” folder if you don’t get answer more than 6 hours.

To get this software you need write on our e-mail:
manager@mailtemp.ch

Reserve e-mail address to contact us:
helpmanager@airmail.cc

Don’t fall for the trap and don’t pay any ransom fees! It disguises itself as a legit official warning when in reality it is all fake. With software, you can remove the KOOM ransomware easily. This type of infection can be downloaded on your computer for many reasons such as malicious websites, phishing emails, codecs, or downloads. Be sure to remove it immediately.

How to Remove the Email Scam ‘Your device was compromised’

Posted on July 25, 2021 - Ransomware, Removal Guides, Scams, Security Tips

Have you recently received an email saying your device was compromised? Below is its full content.

I am sorry to inform you that your device was compromised.

I’ll explain what led to all of this. I have used a Zero Day vulnerability with a special code to infect your device through a website.
This is a complicated software that requires precise skills that I have. It works as a chain with specially crafted and unique code and that’s why this type of an attack can go undetected.
You only need one not patched vulnerability to be infected, and unfortunately for you – it works that simple.

You were not targeted specifically, but just became one of the quite a few unlucky people who got hacked that day.
All of this happened a few month ago. So I’ve had time to collect information on you.

I think you already know what is going to happen next.
During that time, my software was quietly collecting c
There is more to it, but I have listed a few reasons for you to understand how serious this is.

For you to clearly understand, my software controlled your camera and microphone as well and it was impossible for you to know about it.
It was just about right timing for me to get you privacy violated.

I’ve been waiting enough and have decided that it’s time to put an end to this.
So here is my offer. Let’s name this a “consulting fee” I need to delete the media content I have been collecting.
Your privacy stays untouched, if I get the payment.
Otherwise, I will leak the most damaging content to your contacts and post it to a public tube for perverts to explore.

I understand how damaging this will be for you, and amount is not that big for you to keep your privacy.
Please dont blame me – we all have different ways of making a living.

I have no intention of destroying your reputation or life, but only if I get paid.
I don’t care about you personally, that’s why you can be sure that all files I have and software on your device will be deleted immediately after I receive the transfer.
I only care about getting paid.

My modest consulting fee is 1650 US Dollars transferred in Bitcoin. Exchange rate at the time of the transfer.
You need to send that amount to this wallet:

The fee is non negotiable, to be transferred within 2 business days.
We use Bitcoin to protect my identity.

Obviously do not try to ask for any help from anybody unless you want your privacy to violated.
I will monitor your every move until I get paid. If you keep your end of the agreement, you wont hear from me ever again.

Take care.

Don’t fall for the trap and don’t pay any ransom fees! These scammers don’t have any compromising or embarrassing photos of you. This said email is a scam which will try to extort the receiver into paying $1650 in BitCoin. Avoid clicking any link. Simply ignore and delete these kind of emails.

With software, you can remove the ‘Your device was compromised’ email scam easily. You may have received this email and was downloaded on your computer for many reasons such as clicking malicious websites, codecs, or downloads. Be sure to remove it immediately.

How to Remove Octane Ransomware

Posted on June 4, 2021 - Ransomware, Removal Guides, Security Tips

Octane is a ransomware that will take over your computer functionality and lock your computer until you pay a “ransom” in order to get access back. It disguises itself as a legit official warning when in reality it is all fake. It has the email address – rekotmz@gmail.com. Don’t fall for the trap and don’t pay any ransom fees. With software, you can remove the Octane ransomware easily. This type of infection can be downloaded on your computer for many reasons such as malicious websites, codecs, or downloads. Be sure to remove it immediately.

How to Remove Ncovid Ransomware

Posted on March 26, 2021 - Ransomware, Removal Guides, Security Tips

Ncovid is a ransomware that will take over your computer’s functionality and lock your computer or files until you pay a “ransom” in order to get access back. It disguises itself as a legit official warning when in reality it is all fake. What the Ncovid ransomware does is encrypt files rendering them inaccessible. Once encryption is done, it will display the file “___RECOVER__FILES__.ncovid.txt” with the following text inside:

All of your files have been encrypted.
To unlock them, please send 1 bitcoin(s) to BTC address:
Afterwards, please email your transaction ID to: Ciastko.zlukrem@gmail.com
Thank you and have a nice day!

Don’t fall for the trap and don’t pay any ransom fees! With software, you can remove Ncovid ransomware easily. Do note that this type of infection can be downloaded on your computer for many reasons such as malicious websites, codecs, or downloads. Be sure to remove it immediately.

How to Remove the Dablio Ransomware

Posted on December 7, 2018 - Infections, Ransomware, Removal Guides, Security Tips

Dablio is a ransomware that will take over your computer’s functionality, encrypt your personal documents, and lock your computer until you pay a “ransom” in order to get access back. It disguises itself as a legit official warning when in reality, it is all fake. Don’t fall for the trap and don’t pay any ransom fees in the form of cryptocurrency. With a specialised spyware fix software, you can remove Dablio easily. 

remove Dablio ransomware

This type of infection, Dablio ransomware, can be downloaded on your computer for many reasons such as malicious websites, codecs, or downloads. Be sure to remove it immediately.

How to Remove MOLE66 Ransomware

Posted on May 27, 2018 - Infections, Ransomware, Removal Guides, Security Tips

MOLE66 is an updated version of the CryptoMix ransomware. It will take over your computer functionality, encrypt your data, and lock your computer until you pay a “ransom” in order to get access back. It disguises itself as a legit official warning when in reality, it is all fake. Don’t fall for the trap and don’t pay any ransom fees! With software, you can remove MOLE66 easily.

remove MOLE66 Ransomware

 

This type of infection can be downloaded on your computer through spam attachments, harmful websites, malicious scripts embedded into online ads, codecs, or third-party downloads. Be sure to remove it immediately!

How to Remove Tweakerbit Registry Optimizer (Virus Removal Guide)

Posted on February 2, 2018 - Infections, News, Ransomware, Removal Guides, Rogue Antivirus, Security Tips, Trojans

Tweakerbit Registry Optimizer is a potentially unwanted program which is advertised as a system optimizer and once installed, it claims that several issues were detected on your computer. However, if you try to fix these issues, Tweakerbit Registry Optimizer will state that you need to buy its full version before being able to do so.

Tweakerbit Registry Optimizer is bundled with other free software that you download off the Internet. Unfortunately, some free downloads do not adequately disclose that other software will also be installed and you may find that you have installed an adware without your knowledge.

The Windows registry is a database that Windows and its applications store their settings in. It contains hundreds of thousands of entries. Some of the entries may be slightly outdated — maybe you’ve uninstalled a program and it left a key or two behind, or maybe a there’s a file extension with no associated application.