Computer technician blog


General - General posts, notices and other information.
Viruses - News and articles related to viruses, will be posted in this section.

You can subscribe to RSS feed RSS Feed

Wednesday, 15 June 2016 04:36 AM

User Rating: / 1
AMBA Website Ransomware

What is AMBA?

AMBA is ransomware-type virus that targets Russian websites. After infiltrating the server, AMBA encrypts most files on the system and adds the .AMBA or .RROD extension to the name of each encrypted file. A text file ("ПРОЧТИ_МЕНЯ.txt") is then created that contains a message (in Russian) encouraging server owners to contact cyber criminals via the email address provided.


Thursday, 31 March 2016 04:37 AM

User Rating: / 1
Petya Ransomware

What is Petya?

Petya is ransomware distributed via malicious e-mails containing Dropbox download links to applications which, when executed, will install Petya on victims' computers. Research shows that these e-mails mainly target human resources (HR) departments of various German companies. After system infiltration, Petya encrypts portions of hard drives and makes ransom demands.


Thursday, 31 March 2016 02:36 AM

User Rating: / 1
KimcilWare Website Ransomware

What is KimcilWare?

KimcilWare ransomware targets websites using the Magento e-commerce platform (currently, it is not confirmed whether KimcilWare infects other platforms). During encryption, this ransomware adds a .kimcilware to each file stored on the server. Furthermore, it creates an index.html file containing a ransom-demanding message.


Wednesday, 09 March 2016 02:28 AM

User Rating: / 1
KeRanger Ransomware

KeRanger ransomware removal instructions

What is KeRanger?

KeRanger is ransomware-type malware that stealthily infiltrates systems and then encrypts stored files. Distributed via the Transmission BitTorrent client, KeRanger is the first ransomware that successfully works on the Mac OSX operating system. The software is open-source and, therefore, cyber criminals have edited the source code and concealed KeRanger ransomware within. Once infiltrated, KeRanger remains silent for three days and only then starts encrypting files. To encrypt, cyber criminals employ 2048-bit RSA encryption and, therefore, a private key is required to decrypt all files affected by KeRanger. Note that this ransomware adds an ".encrypted" extension to each encrypted file. Following successful encryption, KeRanger demands a ransom payment from victims in exchange for decryption software. If the user declines to do so, files affected by this malware will remain encrypted forever.


Monday, 21 September 2015 04:06 AM

User Rating: / 1

COMPUTER HEALTH IS CRITICAL removal instructions


This false error message pops-up when the system is infected with adware-type applications such as Games DesktopMovieDea, and Desktop-play. All claim to provide various useful features that supposedly improve the Internet browsing experience, however, fake promises delivered by adware-type apps are simply attempts to trick users to install. Rather than providing the functionality promised, these applications gather personal data, deliver intrusive online advertisements, and generate this fake error message.


Monday, 14 September 2015 07:26 AM

User Rating: / 4
WINDOWS VIRUS WARNING! Identity Theft and Hacking Possibilities

WINDOWS VIRUS WARNING! Identity Theft and Hacking Possibilities removal instructions

What is WINDOWS VIRUS WARNING! Identity Theft and Hacking Possibilities message?

This fake error message is caused by various adware-type applications including MovieDea, Games Desktop, and Desktop-play. These apps claim to enhance the Internet browsing experience, however, these false claims are merely attempts to trick users to install. None provide the features promised. In fact, they generate fake error messages, collect personally identifiable data, and display intrusive online advertisements.


Page 1 of 5

<< Start < Prev 1 2 3 4 5 Next > End >>