Win32:Ransom-AOQ
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 60 % (Medium) |
Infected Computers: | 1 |
First Seen: | August 21, 2013 |
Last Seen: | October 17, 2019 |
OS(es) Affected: | Windows |
Win32:Ransom-AOQ is a dangerous ransomware Trojan that encrypts your files and then charges you to decrypt them. The Win32:Ransom-AOQ Trojan may be used to steal private information from your computer that can then be used to steal your identity or carry out other types of online fraud. In the long run, this may be used to steal sensitive business-related data, banking credentials, or other important data that may allow criminals to impersonate you, steal your money or profit at your expense in other ways. Win32:Ransom-AOQ Is related to a fraudulent online service that offers to decrypt files on your computer. The service associated with Win32:Ransom-AOQ, named 'No Problem Bro' supposedly helps computer users recover passwords after having forgotten them. However, Win32:Ransom-AOQ's attack is actually much more dangerous than Win32:Ransom-AOQ seems.
Win32:Ransom-AOQ and the Misleading 'No Problem Bro'
'No Problem Bro' offers its decryption services in exchange for anonymous online payment methods such as WMZ or bitcoin. However, this service is actually used to distribute Win32:Ransom-AOQ. This is often distributed as a decoy PDF file that actually encloses an executable file. In the background, this malicious executable file installs malware on the victim's computer and carries out various harmful changes to the infected computer's settings. Once installed, Win32:Ransom-AOQ first ensures that Win32:Ransom-AOQ has not been installed on a virtual machine of on a computer used by PC security researchers to analyze malware. If Win32:Ransom-AOQ does, then the Win32:Ransom-AOQ infection shuts down and deletes itself. Win32:Ransom-AOQ also verifies the infected computer's IP address and attempts to connect to the Internet. Win32:Ransom-AOQ connects to the 'No Problem Bro' website and downloads a malicious RAR file that encrypts files on the victim's computer and deletes all detected back-up files. Win32:Ransom-AOQ also drops text files containing information relating to this bogus decryption service. Essentially, Win32:Ransom-AOQ blocks all access to the victim's files and then demands payment in order to restore them to normality.
Do not Fall for the Win32:Ransom-AOQ Scam
There's a way to restore the deleted files from your computer by using a recovery utility. It may also be attainable to bring them back if your traffic goes through a proxy server. To prevent these kinds of scams, ESG security researchers strongly advise computer users to back up all of their files. In case that the computer user has a suitable backup, dealing with this attack would entail the removal of the malware threat and then restoring all the compromised files from their backed up copies.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.