Monthly Archives: May 2016 - Page 2

JohnyCryptor Ransomware

JohnyCryptor Ransomware

It does not take long to realize that JohnyCryptor Ransomware has invaded your operating system because this malicious infection changes the background of your Desktop with an intimidating message after encrypting your personal files. Besides encrypting personal files, such as photos, videos, music, documents, text files, and so on, it also encrypts executables (.exe files) rendering most applications unresponsive. Of course, the malicious ransomware does not touch the files in the %WINDIR% directory, as this could disrupt the running of the entire system. If you look at how this infection works and where it has originated from, it is easy to compare it with Saraswati Ransomware, also known as the Mahasaraswati Ransomware. Whichever one of these infections enters your operating system, you have to remove it as soon as possible. Unfortunately, deleting JohnyCryptor Ransomware or any other ransomware infection is never easy because it often involves making some hard decisions. Read more »

An embedded page at Astrumpops.online

An embedded page at Astrumpops.online

An embedded page at Astrumpops.online is a fake alert that is presented to you if malware has modified your computer's settings. You should remove this false alert from your PC because it has been configured to promote a particular tech support phone number which we at Anti-spyware-101.com believe to be fictitious. This pop-up message is supposed to compel you into dialing the phone number by using scare tactics. It claims that your computer is infected with malware and, ironically, that is most likely the case, but this malware is related to An embedded page at Astrumpops.online. So if you see similar fake security alerts, then we suggest that you read this description. Read more »

Mahasaraswati Ransomware

Mahasaraswati Ransomware

Mahasaraswati Ransomware (also known as Saraswati Ransomware) is a new ransomware infection that frequently infects unprotected computers these days. It is a new version of the ransomware infection in the CryptoEncoder family; however, it can be distinguished from others because it sets the image of the Indian goddess Saraswati as Desktop background. This is the only unique feature because Mahasaraswati Ransomware acts exactly like other well-known ransomware infections, for example, ODCODC Ransomware, zCrypt Ransomware, and Nemucod Ransomware. Researchers at anti-spyware-101.com have observed that it locks files immediately after it sneaks onto the computer and then asks users to pay a ransom for the decryption of files. We hope that we will help you to decide whether or not to pay money. Read more »

DirectionsAce Toolbar

DirectionsAce Toolbar

DirectionsAce Toolbar is a suspicious application that comes with an untrustworthy search engine called Myway.com. The website should be set as your default search engine and homepage. The problem with the site is that it might show you modified search results, which could contain ads and sponsored links from unknown sources. In other words, you could be redirected to malicious web pages that might invade your privacy or infect you with malware. Of course, we cannot be entirely sure about this, but given that the toolbar is rather worthless, you should not risk your computer’s security. Despite what users might think, the software can only provide links to other web pages, so it does not have any unique tools. If you continue reading the text, you will learn how it works once it enters your system. Also, you will find a step by step removal guide if you wish to get rid of DirectionsAce Toolbar. Read more »

Saraswati Ransomware

Saraswati Ransomware

Saraswati is a holly symbol in the Hinduism world, but it is not that holly to the creators of the Saraswati Ransomware who have exploited the image of the goddess for malicious purposes. The image of the goddess appears on the desktop along with a message that tells you to keep calm and contact an email provided (mahasaraswati@india.com). Chances are that the creator of this malicious ransomware is located in India, but this could also be a trick to conceal the true location. Well, wherever these malicious malware distributors are located, they have developed the ransomware to get you. Some users rush to delete Saraswati Ransomware from their computers thinking that this is the only way to get their files decrypted. Unfortunately, that is not the case. Once this threat encrypts your files, the decryption key is hidden from you to force you into paying the ransom. Read more »

SunnyDay-App

SunnyDay-App

It is possible that you have noticed potentially harmful third-party ads generated by SunnyDay-App in your browsers. These advertisements can be easily recognized by their labels, such as "Provided by SunnyDay-Apps" or "Ads by SunnyDay-Apps." If you see such banners and pop-ups, you can be sure that this adware has infiltrated your computer. The most likely way for this ad-supported program to show up on your computer is rather questionable and is called bundling. Unfortunately, there is a good chance that this infection comes alongside other malicious software installers. This is why its presence may indicate multiple system security threats. If you do not want to end up on unreliable websites, you should not think twice to remove SunnyDay-App right now. You may already know that this will not be enough to restore order on your system. Unless you eliminate all potential risk sources from your computer, you cannot feel safe anytime you switch on your machine. Read more »

ZX Player

ZX Player

ZX Player is not a program that you can consider entirely trustworthy as it holds little to no valuable features whatsoever. As a matter of fact, this devious application has been dubbed as a potentially unwanted program by malware experts working at our internal labs. The main reasons such category has been assigned to this program is because it exhibits dubious functionality and is usually spread in various questionable ways. In this article, we present our findings about the overall dubious features in regards to this potentially unwanted program's functionality, which should make you realize why the advise you to execute a complete removal of ZX Player. To do so, make sure to follow the detailed instructions that we provide below as it will help you delete this devious application without encountering any major problems. Read more »

Windows заблокирова

Windows заблокирова

If you live in a country where Russian is the commonly spoken language, you might be targeted by the vicious Windows заблокирова malware. This devious infection was created by cyber criminals who care about nothing else but making a profit, and they are ready to do whatever it takes to get it. According to the research conducted in the Anti-Spyware-101.com lab, this suspicious infection might ask you to pay money after locking down your computer. Although the creators of this threat might convince you that this is the only way of regaining access to your computer, we believe there is a way out. You should continue reading this report to learn how this infection works and how to delete it from your operating system. Although it is crucial to remove Windows заблокирова from your PC as soon as possible, you can spare a few minutes that you will spend reading this report. Read more »

ODCODC Ransomware

ODCODC Ransomware

Being attacked by ODCODC Ransomware could be one of your worst days. This ransomware can slither onto your computer without your knowledge and encrypt all your most important personal files within mere seconds. Obviously, the criminals, who created this dangerous threat, offer you their “generous help” to recover your files if you are willing to pay the demanded ransom fee. Normally you cannot decrypt your files without the private key or the decryption key unless there is a free tool available on the web that cracks the key. Another method to recover your files is to keep a backup copy on a removable disk. However, in this particular case, you may have a third option that is due to a “mistake” this otherwise dangerous infection makes. We will share with you the details later on but first, let us tell you more about this vicious program and also, why our researchers suggest that you should remove ODCODC Ransomware right away. Read more »

zCrypt Ransomware

zCrypt Ransomware is a malicious program that might enter your computer through infected email attachments. It appears to be that the malware shows a fake system alert to draw user’s attention away. At the same time, it starts encrypting user’s personal data. The infection’s creators ask for 1.2 Bitcoins, which is more than 500 US dollars. If you do not have any intentions of making the payment, you should not waste your time with zCrypt Ransomware and delete it from your system. Our researchers at Anti-spyware-101.com prepared a removal guide that should help you in the process. Nonetheless, if you do not think that you will manage to erase it manually, try to download a legitimate antimalware tool and use it to delete the ransomware. Read more »