Monthly Archives: August 2017

Findgofind.com

Posted by on August 31, 2017 No comments
Findgofind.com

Our researchers say users who surf the Internet with Findgofind.com could endanger the device, as the provided search results might be modified and so they may contain links to potentially malicious web pages. Users who do want even to risk coming across such content should erase the application with no hesitation. No need to worry if you do not know how to achieve it; at the end of this report there will be removal instructions you could follow. Also, Findgofind.com is considered to be a browser hijacker and according to our specialists at Anti-spyware-101.com users should be able to delete such a threat with a legitimate antimalware tool too. For more information about this browser hijacker, you should keep reading this report. Read more »

Conversor PDF

Posted by on August 31, 2017 No comments
Conversor PDF

Conversor PDF might seem like a great tool to have active on your operating system. That is so because it is advertised as a tool that should allow you convert .pdf files to your desired format. While it sounds promising, the reality is rather different. Upon further analysis malware experts at Anti-Spyware-101.com have discovered that this application is capable of intrusive functionality. In fact, due to the inner workings of this program, your online experiences might become annoying and frustrating. Due to such functionality and questionable distribution, our research team has classified this application as yet another potentially unwanted program that should not be active on your PC. Learn more about this suspicious piece of software by reading the rest of our report. Below we also include a detailed removal guide that will help you delete Conversor PDF quickly and easily. Read more »

WininiCrypt Ransomware

Posted by on August 31, 2017 No comments

WininiCrypt Ransomware is a vicious file-encrypting malware that is after user’s files and even their shadow copies. As a result, the malicious application’s victims may receive a lot of damage, and there might be no way to undo it. In this article, we will present more details about the threat, for example, how users could infect their systems with it, so if you wish to know this malware better, you came to the right place. Moreover, our researchers at Anti-spyware-101.com have prepared deletion instructions to guide users through the removal process. Thus, users who have no idea how to deal with WininiCrypt Ransomware manually, should not hesitate to use these steps. On the other hand, if the task looks quite difficult, it might be best not to take any chances and employ a legitimate antimalware tool. Read more »

Kariloo

Posted by on August 31, 2017 No comments
Kariloo

Kariloo is a new browser extension that has caught the attention of our malware experts at anti-spyware-101.com because having it in your browser may put your virtual security at risk. This Google Chrome extension promises you "excellent content search" by installing its own search engine as your default and changing your home page and new tab page settings, too. Due to its capabilities, we have labeled this threat as a browser hijacker. It is quite likely that you did not even install this tool knowingly. In that case it could mean that there are other malware threats on your system as well. These infections may expose you to dangerous third-party content that could cause further system security issues for you, not to mention the possibility of privacy breach and online scams. Since you cannot trust the search results this browser hijacker presents to you either, we believe that it is best for you to remove Kariloo as soon as possible to protect your PC from malicious attacks. Please read on to find out more about this malware infection and how you may be able to avoid such threats in the future. Read more »

Chrome Settings Button

Posted by on August 31, 2017 No comments
Chrome Settings Button

Chrome Settings Button is one of the browser extensions presenting themselves as useful software. Its description available on its official website chromesettingsbutton.info specifies what it should do – add a button on Google Chrome browser allowing users to access its settings with a single click. Although this might sound like an advantage, we are not so sure that this piece of software is very beneficial because it is not hard to access the browser’s settings without it as well. On top of that, we cannot confirm that it is a fully trustworthy extension. Specialists at anti-spyware-101.com have classified this extension as a potentially unwanted program (PUP) because they have found evidence that it might perform undesirable activities on users’ computers, which is definitely not a feature of reliable software. It should be emphasized that potentially unwanted applications are not as harsh as real malware; however, their presence might still have undesirable outcomes, so, in the opinion of our specialists, such a program should not be kept active on the system. You will find all its drawbacks listed in the next two paragraphs of this article, so if you still have not arrived at a final decision regarding the future of Chrome Settings Button, you should continue reading this article. Read more »

Cyron Ransomware

Posted by on August 31, 2017 No comments
Cyron Ransomware

Cyron Ransomware can infect your computer by stealth and then encrypt many of your files with an AES encryption algorithm. Its creators want you to pay 50 Euros, which means that this program was created to be distributed in the Eurozone countries in Europe. We recommend not wasting your time trying to pay the ransom because you might not get the promised decryptor/decryption tool, so you might also lose your money. For this reason, we advise that you remove this program as soon as you can. To find out more about it, please read this whole article. Read more »

Kappa Ransomware

Posted by on August 31, 2017 No comments
Kappa Ransomware

A new ransomware infection has been discovered by our research team, and it goes by the name Kappa Ransomware. By the time you are reading this, the malicious ransomware might have been unleashed already, and your personal files might have been encrypted, but at the time of our research, this threat was still in development stages. The sample that our Anti-Spyware-101.com malware researchers have tested had a fully functional encryption and decryption algorithm, and it could connect to a remote server to transfer certain information. It was found that the threat could record technical details about the infected computer, and some of it could be used to create the so-called Client ID. It was found that this ID is a combination of the MAC Address and the Processor ID, as well as the Hard Drive serial number. This ID is sent to a remote server (http://185.106.120.162/key/key.php?hwid=) along with the encryption key that is used for the corruption of files. Also, you are introduced to this ID via a window that the infection launches right after the encryption is complete. Unfortunately, your files will remain encrypted if you delete Kappa Ransomware, but, of course, removing this threat is crucial. Read more »

Ransom Prank Ransomware

Posted by on August 31, 2017 No comments
Ransom Prank Ransomware

Ransom Prank Ransomware is not a program that you want to have fully active on your personal computer. If unfortunately, this intrusive application is already active on your PC, make sure to execute its complete removal right away. It is critical to do so because this program, like a lot of other applications classified as ransomware, might be capable of locking vast quantities of data in just a few moments. It goes without saying that due to such functionality you might have to face disastrous outcomes. For further information regarding the overall functionality of this intrusive program, make sure to read the rest of our detailed report. Besides all of that, you will also find a few virtual security recommendations to help you avoid various suspicious and malicious programs. Finally, to delete Ransom Prank Ransomware in just a few simple steps, make sure to follow the detailed instructions that we present below. Read more »

Onepagesnews.net

Posted by on August 31, 2017 No comments
Onepagesnews.net

Onepagesnews.net may look like a search engine, but it is more than that. Our cyber security experts have classified it as a browser hijacker and recommend that you remove it because it replaces your browser’s homepage address without your consent and features-ad-supported search results that can pose a security threat to your computer. The promotional links featured in its search results can redirect you to malicious websites that can infect your PC with malware or scam sites that will try to lure money from you. Needless to say, this search engine is bad news, so the sooner you get rid of it, the better. Read more »

Aac Ransomware

Posted by on August 31, 2017 No comments

Aac Ransomware is a new variant of the NMoreira Ransomware infection that was discovered last year. It is believed that both infections were created by the same cyber criminal or group of cyber criminals, but there is no denying that they have many differences. For example, the original ransomware was found to remove itself after the encryption was complete, appropriate registry keys were added, and the ransom note file was created. Our Anti-Spyware-101.com research team has not observed this to be the case with the newer variant. Also, the messages hidden in the launcher file are different. The first original one was specifically addressed to the malware research community, while the new ransomware has a message for researchers who managed to decrypt NMoreira Ransomware. At the time of research, a decryptor that would work with the new version of the threat did not exist, and it is possible that it will not be developed at all. While the decryption of files might be impossible, deleting Aac Ransomware is something anyone can handle, and that should be done sooner rather than later. Read more »