Monthly Archives: July 2017 - Page 6

Social-enhancer

Social-enhancer

Social-enhancer (social-enhancer.com) is a search tool users usually discover set on their browsers after installing the extension called Social Enhancer. This piece of software does not inform users in advance that it is going to alter their browsers’ settings, so no matter if they have downloaded and installed it willingly from https://chrome.google.com/webstore/detail/imagesearch-enhancer/liemnpdalagghghhofblgohoaaaddjfk?hl=en-US or it has shown up on the system without permission, they still find the changes they see quite undesirable. If you feel the same, you should remove this extension as soon as possible no matter that this extension is advertised as a useful tool for zooming images and videos and you have found it quite useful. Of course, not all the users see the presence of a new search tool Social-enhancer on their browsers a huge problem. Some of them make a decision to keep it and use it as a new search provider. Unfortunately, specialists at anti-spyware-101.com cannot confirm that this search tool can be fully trusted either. Since they can say more negative things about the Social Enhancer browser extension than positive ones, they have classified it as a potentially unwanted program, or PUP. Potentially unwanted programs cannot be compared with malicious applications; however, it does not mean that they cannot cause problems to you, so we do not recommend keeping potentially unwanted programs active on the system despite the fact that they are not as dangerous as malicious software. Read more »

Search.htrackyourpackages.co

Search.htrackyourpackages.co

Search.htrackyourpackages.co is a new release from the Polarity Technologies Company that specializes in making malicious search engines that it later distributes using software bundles. It can end up on your PC without your knowledge or consent because the bundled installers are set to install by stealth. Thus, our malware analysts have classified this search engine as a browser hijacker and suggest that you remove it from your PC as soon as you can. Its creators count on you to mistake it for a legitimate search engine and use to for conducting your online searches. You may not be aware that its search results feature promotional links that can be unreliable and outright malicious. The information below will help you get a better understanding of what Search.htrackyourpackages.co is all about. Read more »

ForceLocker Ransomware

ForceLocker Ransomware

ForceLocker Ransomware is a malicious application targeting Russian users primarily. It seems to be a new version of ShellLocker, a ransomware infection detected by specialists some time ago, because they are similar to each other. The first thing ForceLocker Ransomware does on users’ PCs after the successful infiltration is encrypting personal files. Then, it locks Desktop by placing a screen-locking window with a ransom note on it. It becomes clear after reading the message left on the screen that all this threat wants from users is their money. Of course, you should not send a ransom no matter how badly you need your files back. What we recommend doing instead is simply deleting this infection from the system and then recovering files from a backup. We have to tell you the truth – it might be impossible to restore files if you do not have a backup of files because the encryption key AES-256 which it uses is one of the strongest encryption algorithms. Read more »

Unlckr Ransomware

Unlckr Ransomware

The Unlckr ransomware is a malicious ransomware infection that accesses the system surreptitiously  in order to encode your file so that you cannot use as usual. On top of that, the infection displays a ransom saying that you should contact someone behind the malware to regain access to your files. Usually, ransom notes contain the sum that is required as a fee for having the encrypted files restored.  Episodes when victims are instructed to contact the attackers are quite rare, but it is the case with the Unlckr ransomware. Our team at Anti-Spyware-101.com insists that you ignore the infections of the ransomware and remove it from the computer for good. Read more »

Msoft Update

Msoft Update is a questionable browser extension that may cause system security-related issues. This tool can sneak up to your system without your knowledge and install itself under Google Chrome. Its name may suggest that it has something to do with Microsoft, but this could not be further from the truth. In fact, our malware specialists at anti-spyware-101.com have categorized it as a potentially unwanted program (PUP) because it can display potentially harmful third-party pop-up ads and promoted pages while you are surfing the web. This PUP also forces the installation of several Chrome extensions behind your back. Since this extension cannot be found in the Chrome web store and does not have its own official site, it can only spread in questionable ways. This means that it is quite likely that it is not the only potential threat on your system; you may also find malware infections that may have entered your system together. Therefore, we recommend that you do not hesitate to remove Msoft Update from your browser. For the details, please read on. Read more »

Fenrir Ransomware

Fenrir Ransomware

Whoever created Fenrir Ransomware, they must be in the Norse mythology, seeing how they gave their program the name of the monstrous Norse wolf. Perhaps they expected their program to be just as destructive as the mythical creature. Judging from the reports we get from distressed users, the program must have reached at least part of their intended victims.

It is unfortunate that there is no public decryption tool that would allow us to restore the files encrypted by this infection, but you can actually remove Fenrir Ransomware if you check out the manual removal instructions we have compiled right below this description. Read more »

Azer Ransomware

Azer Ransomware

The devious Azer Ransomware slithers in without your notice and immediately initiates the encryption of your personal files. Have you noticed that many of your files have been removed and replaced with suspicious files with random names? In reality, your personal files were not eliminated, and they were only encrypted. The names are changed so that you would have a harder time understanding which files were corrupted, but, of course, you should be able to figure things out. Another thing that the threat does is that it appends the “-email-[webmafia@asia.com].AZER” extension to all encrypted photos, documents, and other files. Needless to say, the name of the ransomware derives from this extension. As you can see it also includes an email address, and we discuss that further in the report. The infection, as you must know already, was created to make money, and it can do that by pushing their victims into paying ransoms in return of file-decryption. The thing is, a decryptor is unlikely to be given. Whatever happens, you must delete Azer Ransomware, and the tips in this report should help you. Read more »

ReadIT Ransomware

ReadIT Ransomware

If ReadIT Ransomware manages to infiltrate your system, there is a good chance that you can say goodbye to all your important files. This ransomware infection can encrypt most of your personal files, including your documents, photos, videos, databases, and more. Your only possible way out of this threat is to have a recent backup saved in cloud storage or on a removable hard disk. Of course, your attackers will offer you their sort of way out if you contact them. Obviously, you will be told to pay a certain amount of ransom fee in exchange for the unique decryption key without which it is not yet possible to recover your files. Malware hunters are most likely working hard on a solution to provide victims with a free tool, but as of yet no such tool has emerged on the web. Our malware specialists at anti-spyware-101.com say that you should remove ReadIT Ransomware immediately if you would like to use your computer even if this could mean the loss of your files. Of course, whatever you decide to do is up to you. But please keep in mind that paying any money to criminals would simply encourage them to go on with their dirty business. Read more »

Unikey Ransomware

Unikey Ransomware

Has Unikey Ransomware invaded your operating system and corrupted your personal files? It is unlikely that it has because this infection is not currently spread in the wild. The sample our Anti-spyware-101.com researchers got their hands on is not fully functional, and even though it can encrypt files, it does so in one specific folder only, %USERPROFILE%\Desktop\test. This is also where the ransom note file is found, and that makes no sense. Furthermore, the ransom note is useless as it does not provide the victim with any useful information. That being said, it is possible that the developer of this strange infection will make it much more powerful, and that could happen very fast. If that does not happen, it is likely that the creator of the ransomware will use the knowledge gained to create more powerful threats. If that happens, we will inform you about it as soon as possible. For now, all we can do is discuss the potential of this malicious ransomware, ways to prevent its infiltration, and, of course, how to delete Unikey Ransomware in case it attacks. Read more »

Arcadelift Ads

Arcadelift Ads

If you see an excessive amount of unwanted third-party content while surfing the web, it could be an indication that your operating system is in connection with an adware server that goes by the name of Arcadelift Ads. In most cases, such connectivity signifies the fact that your PC is already infected with some intrusive piece of software, which initiates and keeps the connection intact. To understand why it is crucial to break such connectivity and what could happen if that is not done, make sure to read this detailed article as we provide valuable information gathered by our malware experts. Furthermore, we present a few virtual security tips that every user should take to improve their overall system security. Finally, our researchers have crafted a generic removal guide that you should use to delete the questionable program linked to Arcadelift Ads in just a few easy steps. Read more »