Protect Your PC From SUPPORT@DECRYPT.WS Ransomware Virus

SUPPORT@DECRYPT.WS is a newly detected threat in the family of ransomware that encrypts most of the files on the attacked PC. This harmful virus infiltrates through spam mail attachments, infected links and fake ads injected on malicious webpages. SUPPORT@DECRYPT.WS demands huge ransom of 3 BTC or roughly $3900 to be paid in form Bitcoins as the decryption fees. This ransomware is able to delete the shadow volume copies of the encrypted files and encrypts the files by appending .SUPPORT@DECRYPT.WS extension. SUPPORT@DECRYPT.WS also leaves a ransom note that instruct the user on how the pay the ransom amount using the website through TOR network.

Cyber experts always recommend keeping a backup of all important files and never pay any ransom to such criminals as it is no any guarantee that they are going to give your files back. Instead go for powerful removal tool to remove SUPPORT@DECRYPT.WS ransomware from PC and try recovering files using data recovery tool.

List of file extension encrypted

→ .sql, .mp4, .7z, .rar, .m4a, .wma, .avi, .wmv, .csv, .d3dbsp, .zip, .sie, .sum, .ibank, .t13, .t12, .qdf, .gdb, .tax, .pkpass, .bc6, .bc7, .bkp, .qic, .bkf, .sidn, .sidd, .mddata, .itl, .itdb, .icxs, .hvpl, .hplg, .hkdb, .mdbackup, .syncdb, .gho, .cas, .svg, .map, .wmo, .itm, .sb, .fos, .mov, .vdf, .ztmp, .sis, .sid, .ncf, .menu, .layout, .dmp, .blob, .esm, .vcf, .vtf, .dazip, .fpk, .mlx, .kf, .iwd, .vpk, .tor, .psk, .rim, .w3x, .fsh, .ntl, .arch00, .lvl, .snx, .cfr, .ff, .vpp_pc, .lrf, .m2, .mcmeta, .vfs0, .mpqge, .kdb, .db0, .dba, .rofl, .hkx, .bar, .upk, .das, .iwi, .litemod, .asset, .forge, .ltx, .bsa, .apk, .re4, .sav, .lbf, .slm, .bik, .epk, .rgss3a, .pak, .big, wallet, .wotreplay, .xxx, .desc, .py, .m3u, .flv, .js, .css, .rb, .png, .jpeg, .txt, .p7c, .p7b, .p12, .pfx, .pem, .crt, .cer, .der, .x3f, .srw, .pef, .ptx, .r3d, .rw2, .rwl, .raw, .raf, .orf, .nrw, .mrwref, .mef, .erf, .kdc, .dcr, .cr2, .crw, .bay, .sr2, .srf, .arw, .3fr, .dng, .jpe, .jpg, .cdr, .indd, .ai, .eps, .pdf, .pdd, .psd, .dbf, .mdf, .wb2, .rtf, .wpd, .dxg, .xf, .dwg, .pst, .accdb, .mdb, .pptm, .pptx, .ppt, .xlk, .xlsb, .xlsm, .xlsx, .xls, .wps, .docm, .docx, .doc, .odb, .odc, .odm, .odp, .ods, .odt

If you are among the one being a victim of “SUPPORT@DECRYPT.WS”, then we would strongly suggest you not to pay any ransom to illegitimate persons behind it. Because even after paying they are not going to give your files back. So it is urged that you must opt for removal solutions for SUPPORT@DECRYPT.WS and try to recover files by automatic data recovery tool or any backup copy if you have.

immune_download_log

Continue reading

How To Protect Your PC From [anubi@cock.li].anubi Ransomware Virus

If you ever found your computer’s files are encrypted by [anubi@cock.li].anubi, then consider it as a serious note . This Ransomware is usually distributed via spam e-mails, suspicious websites, torrents, P2P network and free software offering. Once your computer is infected, it will quickly sneak into and execute in the system process without the knowledge of the user. As soon as it finishes the setup, it will lock your computer screen and display a fake notification scaring Internet users worldwide with alleged messages !!!!README_FOR_SAVE FILES.txt format. Also, it asks for ransom to further unlock your files. Please be aware that even if you pay money there is no guarantee that you will get back your locked files. It’s a trap. The longer this virus [anubi@cock.li].anubiremains in your computer, the more harm it does. It can steal your confidential information through monitoring the browsing activities. As a result, your privacy is exposed to a huge threat. [anubi@cock.li].anubi  is a highly dangerous virus which may cost you loosing all your data if not act on time. It is strongly recommended you to remove it as soon as possible.

immune_download_log

Continue reading

How To Protect Your PC From .wnx file extension Ransomware Virus

.wnx file extension is a new variant of ransomware virus that have been creating chaos on the infected computer presently. It encrypts files on the targeted PC with and then forces users to pay money in order to decrypt them. Once installed, Locky Ransomware scans for the files of various extensions like doc, txt, pdf, mp3, jpg and mp4 to encrypt them with .wnx file extension. It also drops a ransom note on the desktop that instructs users how to pay the ransom. The said amount is usually paid through MoneyPak, Paysafecard, Ukash, cashU and Bitcoin. Usually this ransomware spreads through Spam email attachments and various exploit Kits. Security experts recommend not to pay any money to the criminals behind this program as they may not decrypt your data back. Rather quickly download the automatic removal tool and try recover files through data recovery options.

Remove .wnx file extension

immune_download_log

Continue reading

Protect Your PC From .loveransisgood Extension

Description About .loveransisgood Extension

.loveransisgood Extension is a new threat for computer users that can be a big headache for them. It encrypts users file and demand a ransom amount from the user to grant access back to the files. Once installed, It scans for the files of various extensions like doc, txt, pdf, mp3, jpg and mp4 to encrypt them. after that it drops a ransom note with instructions for paying the ransom shows as a DECRYPT_YOUR_FILES.html file. The said amount is usually paid through MoneyPak, Paysafecard, Ukash, cashU and Bitcoin. Usually .loveransisgood Extension spreads through Spam email attachments and various exploit Kits. Security experts recommend not to pay any money to the criminals behind this program as they may not decrypt your data back. Rather quickly download the automatic removal tool and try recover files through data recovery options.

Remove .loveransisgood Extension

immune_download_log

Continue reading

Protect Your PC From .wyvern file Ransomware Virus

What is ‘.wyvern file’

.wyvern file is a new file- encrypting program that targets important documents, videos and images found on the PC to encrypt them and ask them to pay the ransom in order to free the files. If you see your files replaced with “.wyvern file” extension then it means your PC is attacked by this Ransomware. .wyvern file virus states that your files have been encrypted and the extortionists leaves a ransom note instructing users to contact them to get their file back.

Remove .wyvern file

We would recommend to use below tool and run it on your computer to remove .wyvern file automatically.

immune_download_log

Continue reading