iolo WW

Tutorials

Useful tutorials on various PC troubleshooting topics. Video tutorials.

How to remove SunnyDay Ransomware and decrypt .SunnyDay files

0
SunnyDay is the name of a devastating ransomware infection. It was developed to cause encryption of personal data and help its developers capitalize on it. After restricting access to files using the .SunnyDay extension, the virus starts blackmailing victims into paying a fee for decryption. This information is presented inside of a text note (!-Recovery_Instructions-!.txt) created upon encrypting targetted data. Victims are guided to contact developers using e-mail communication (restoreassistance_net@wholeness.business or restoreassistance_net@decorous.cyou) and pay for special decryption software. Cybercriminals warn that trying to use any third-party software to decrypt the data will result in the immediate damage of files. It is also stated that all encrypted files have been uploaded to servers of cybercriminals, which, in case of refusing to pay, will be forwarded (sold) to parties potentially interested in it. Additionally, victims are offered to send 2 or 3 non-important and get them decrypted for free. This is used by swindlers to show they are actually able to decrypt the data. Unfortunately, decrypting data without the help of cybercriminals is more likely to corrupt data and make it no longer decryptable. It is very possible that ransomware developers incorporated protection that detects any unauthorized attempts to modify data. Users can recover their data using a copy of files backed up on uninfected storage. Unfortunately, this does not abolish the threats of having collected data leaked to online resources.

How to remove Acepy Ransomware and decrypt .acepy files

0
If you are no longer able to access your files and see them appear like this 1.pdf.acepy, then you are most likely infected with Acepy Ransomware. It is an encryption virus designed to render files inaccessible and blackmail victims into paying the so-called ransom. The infection does so through a ransom note (ACEPY_README.txt) created upon successfully encrypting the targeted data. It also force-opens a Command Prompt window with information identical to the text file we mentioned above. The notes briefly describe how to recover blocked files. Victims have to contact Acepy developers through the AcepyRansom@protonmail.com e-mail address and purchase special decryption software for the price announced after establishing communication with them. While there is no definite information on how much swindlers require to pay, meeting their demands is highly unrecommended. This is because of cybercriminals' tendency to fool their victims and not send any promised decryption tools afterwards. Despite this, the initial virus developers might be the only figures able to fully decrypt your data. Using third-party decryption tools as an attempt to avoid paying the ransom often flows in no anticipated results.

How to remove Quantum Ransomware and decrypt .quantum files

0
Quantum is the name of a ransomware infection. It was purposefully developed to encrypt system-stored data and blackmail victims into paying money for its return. The virus uses military-grade algorithms to restrict users from accessing their own files. It also appends the .quantum extension to highlight access-blocked data. For instance, a file named 1.pdf will change to 1.pdf.quantum and drop its original icon. After this, Quantum Ransomware creates an HTML file called README_TO_DECRYPT.html. The file is meant to show instruction on returning the data.

How to fix iPhone (iTunes) error 53

0
Although Apple officially said they fixed the issue with the IOS 9.3 update, some users are still unlucky to receive the 53 error in later IOS versions as well. Users reported the error started its presence after replacing security components like Touch ID sensor, Home button, or even a Screen with the help of unofficial repairing centers. This means a replaced iPhone component may be unauthorized therefore making a device think it is unsafe and should be avoided. As a result, this creates incompatibility issues preventing the system to restore or install new updates properly. The great news is that sometimes this error can be worked out without referring to Apple centers with hardware complaints. Also, if you have not done any replacements or damage to the aforementioned components, this guide will be especially useful for you. Alike other issues with updating or restoring a device, error 53 can be potentially solved using a general set of approaches to address such problems. Try each suggestion proposed below to circumvent the issue and get back to using your device as usual.

How to fix “The specified procedure could not be found” error in Windows 11

0
Some users who upgraded their system from Windows 10 to Windows 11 started facing problems with opening certain applications. The error they get is complimented with the following message: "There was a problem starting [filename]. The specified procedure could not be found.". While some issue victims struggle to open a third-party app, others experience troubles with accessing files like videos and photos via "Photos" and "Movies & TV" apps. It was also reported by some to face the same error while trying to open native Windows Defender to perform a scan. The information we gathered indicates there are a couple of fundamental reasons why such an error occurs - corrupted system file system, malware intervention, system bug, and other glitches as well. Based on this, we have collected all the solutions that other users proved to successfully resolve the issue. Before trying them out, we should also note that many users complained these solutions had only a temporary effect on fixing the error message. The problem disappeared but then re-occurred within the time after solution. Many suspect it is up to Microsoft themselves as they should release an update to address some internal glitch and eliminate the error respectively. Before that happens, try the solutions below.

How to remove Pandora Ransomware and decrypt .pandora files

0
Pandora is a ransomware infection previously known under the name of Rook Ransomware. The virus uses RSA-2048 algorithms to encrypt system-stored data and demand money for its decryption. In order to show that access to files has been restricted, cybercriminals assign the .pandora extension to each affected sample. For instance, a file named 1.pdf will change to 1.pdf.pandora and reset its original icon. Following this, the ransomware creates a text file (Restore_My_Files.txt) with instructions on how to recover the data. It says victims should contact developers (via contact@pandoraxyz.xyz) and pay for special decryption software. The price depends on how fast you write, as cybercriminals say. In case of refusal to buy the decryption, frauds behind Pandora Ransomware warn they will publish collected data on dark web markets. Victims can view what data has been collected in TOR Browser via a link provided in the note. While contacting cybercriminals, victims are also allowed to attach 3 encrypted files before paying the ransom. Pandora developers promise they will decrypt them for free to prove capabilities of their decoder. The ransom note is concluded with warnings against trying third-party means of decryption as it may cause permanent damage to data. In general, decrypting files without initial developers is almost impossible indeed.

How to remove TargetCompany Ransomware and decrypt .devicZz, .consultransom, or .avast files

0
TargetCompany is a new ransomware virus that made its presence known in January 2022. During system infection, the virus terminates a lot of essential Windows processes to prepare the soil for easier encryption of data. The research team made an analysis and concluded that TargetCompany Ransomware uses a combination of Chacha20 and AES-128 algorithms to write strong ciphers over the stored data. It also appends one of 3 different file extensions to each encrypted sample - .devicZz, .consultransom, or .avast. This means a file named 1.pdf can change to 1.pdf.devicZz, 1.pdf.consultransom, or 1.pdf.avast depending on individual cases. TargetCompany also populates each encrypted folder with a text note called RECOVERY INFORMATION.txt (How to decrypt files.txt for previous versions). A copy of the ransom note is also placed into this path C:\HOW TO RECOVER !!.TXT. As said in the note, users should buy a special decryption tool to return their data. To do this, victims are asked to send their personal ID to one of the e-mail addresses (recohelper@cock.li or mallox@tutanota.com). It is also allowed to send a couple of files for free test decryption of them. After this, cybercriminals promise to announce the price for the entire decryption and provide instructions on how to buy the decoder. As a rule, files affected by ransomware infections are almost impossible to be decrypted for free without the help of cybercriminals.

How to fix Windows Update error 0x80071ab1

0
0x80071ab1 (ERROR_LOG_GROWTH_FAILED) is a Windows error that makes its presence known after trying to install updates related to .NET Framework 3.5. It is known to occur on Windows 11 - a new OS edition released by Microsoft quite recently. Users may see this error abruptly at any point of update installation. Retrying to perform the process again is likely to keep resulting in exactly the same error with no further development. Alike many other issues of such nature, the 0x80071ab1 code can be caused by corrupted or missing system files, glitched or damaged Windows update components, and other system issues as well. Below, we shed some light on all potential reasons along with solutions for them. Follow carefully as some methods will require extra attention and dedication as well.