Monthly Archives: February 2018 - Page 10

BatBitRst

BatBitRst is an ad-supported program that can sneak onto your system without your knowledge and use a browser extension to display potentially unreliable third-party advertisements on your screen. The presence of this adware program can turn your browsing experience rather annoying with its pop-ups and other types of advertising. Our malware experts at anti-spyware-101.com say that this adware is related to Filetour, another well-known ad-supported program. Of course, this malware infection is not only annoying with its pop-ups and banners, but it may also expose you to potentially harmful ads. Engaging with such content could cause further infections as well as exposure to online scams. Since this adware usually lands on your system with a company of other malware threats, your PC could be under attack right now on multiple fronts. If you would like to win this malware battle, we suggest that you remove BatBitRst along with the browser extension it uses to flood you with ads. Read more »

CrossRAT

CrossRAT is a Trojan that was found spreading via malicious links that are sent randomly via email, Facebook, WhatsApp, and other social networking platforms. The link should be supported by a misleading message to make you think that nothing bad will happen if you click it. Unfortunately, many bad things can happen if you let the Trojan in because it enables attackers to access your operating system remotely. The worst part about it all is that this infection is very clandestine, and it is unlikely that you will realize that it is active right away. Needless to say, the longer this infection is active, the more trouble you are likely to get in. Our research team at Anti-Spyware-101.com has tested the threat and has devised instructions that show how to delete it. If you are still unsure if you even need to remove CrossRAT from your operating system, quickly install and run a legitimate malware scanner. You should take this step even if you have already unveiled the Trojan because you want to check if any other malicious threats are active. Read more »

My Weather Radar

My Weather Radar

It is possible that you do not even realize that My Weather Radar has appeared in your browsers as your new homepage, new tab, and default search engine. This questionable search page may seem like a harmless legitimate search page, like the ones you may have gotten used to. Our malware specialists at anti-spyware-101.com say that this is a potentially unwanted program, or PUP, which comes from a large family of PUPs and browser hijackers created by Polarity Technologies Ltd. This family includes identical clones and very similar search pages as well, such as Your Weather Info Now and Search.youreasyemailsh.com. Any of these tools and search websites may pose a threat to your virtual security by exposing you to questionable affiliated websites and content. Thus, we advise you to remove My Weather Radar from your PC along with all other harmful or potentially risky programs you may find on board. Read more »

Search.searchlye.com

Search.searchlye.com

When was it the last time you got attacked by a browser hijacker? Search.searchlye.com is one of those rather fishy programs that may look like regular search engines, but the truth is that they are there to provide custom commercial content, hoping you will interact with it. While there is nothing malicious about browser hijackers at the core level, computer security experts maintain that it is for the best to remove Search.searchlye.com and other similar programs from your system before they manage to expose you to something dangerous. Hence, be sure to scroll down to the bottom of this description for the manual removal instructions. Read more »

MADA Ransomware

MADA Ransomware

If you have just been presented with a pop-up warning saying that your files are encrypted by the MADA ransomware,  that means that you are dealing with another version of the Jigsaw ransomware. The Jigsaw ransomware is notorious for its capability to delete files at  regular intervals, and the same action is performer by its spin-offs. The MADA ransomware should removed immediately after being detected, and preventative measures should be taken to prevent future ransomware and malware attacks. Read more »

Ransomuserlocker Ransomware

Ransomuserlocker Ransomware

If a black window with red letters has been opened on your screen, and it is no longer possible to open a bunch of files, Ransomuserlocker Ransomware must have entered your system. It is one of those nasty infections that encrypt files on users’ computers right away after infiltrating them. It is not a prevalent infection, but it might still enter your system one day without your knowledge. Even though this malicious application is one of those threats that arrive on users’ computers without permission, it does not stay unnoticed for a long time because users’ usually soon discover that their important files and pictures have been locked. The first thing you should do after discovering Ransomuserlocker Ransomware active on your system is to fully remove the ransomware infection from the system. This Korean infection does not create any entries in the Run registry key like some other file-encrypting threats, so it cannot start working automatically on users’ computers; however, you might launch it yourself accidentally and, after doing this, discover more files locked, not to mention that the black window with a ransom note in Korean will be opened on your screen once again. Luckily, this window is not opened in full-screen, so you could still access system utilities and erase the ransomware infection from the system. Continue reading to find out what you need to do to delete this infection manually from your computer. Read more »

EncryptServer2018 Ransomware

A new malicious application has been discovered by specialists at anti-spyware-101.com. It has been named EncryptServer2018 Ransomware. One of the reasons it has such a name is because it encrypts files on servers and appends the .2018 extension to all affected files. Yes, this threat targets Windows Servers primarily, but we cannot guarantee that you will not discover this malicious application on your computer one day. If it ever finds a way to enter your system unnoticed, we are sure you will still soon find out about its entrance because you will discover a number of files encrypted. There is a reason why this malicious application locks files on compromised computers. Cyber criminals behind this infection use it as a tool to obtain money from users more easily. If your files have already been encrypted, and you are one step away from sending money to crooks, you should know that there are no guarantees that you will get a tool to decrypt your files. It is the main reason our specialists do not consider sending money to the author of the ransomware infection a good solution to this problem. Either way, the ransomware infection needs to be removed from the system completely as soon as possible. Read more »

Msttc.exe Miner Bitcoin

If your computer became slower than usual and you see a suspicious process called msttc.exe running in the background, you probably encountered a Trojan called Msttc.exe Miner Bitcoin. Under such circumstances, it would be best to delete it with no hesitation. However, before using the removal instructions available at the end of this article, we advise you to read the rest of the text first and get to know this malicious program better. Further, in the text, we will describe its effective manner and explain why it would be a bad idea to leave this malware unattended. Moreover, we will also talk about the Trojan’s possible distribution channels, so if you do not wish to come across a threat similar to Msttc.exe Miner Bitcoin, you will find tips suggesting how to maintain the system clean as well. Read more »

videoZone Search

videoZone Search

A potentially unwanted program is a piece of software that is not particularly malicious but is annoying and otherwise intrusive. One such application goes by the name of videoZone Search. Malware researchers at our internal labs have classified this piece of software as a potentially unwanted program because it exhibits devious functionality. As it turns out, it can quickly alter your web browser's default settings without requiring your authorization. In turn, browsing the Internet will become a much more annoying experience than you are used to. In this report, we present an in-depth analysis of this potentially unwanted program. By reading it, you will learn more about its intricate inner workings. Also, you will find a few virtual security recommendations that will allow you to keep a secure operating system at all times. To delete videoZone Search in just a few simple steps, make sure to follow the detailed instructions that we present below. Read more »