Monthly Archives: October 2018 - Page 3

5H311 1NJ3C706 Ransomware

5H311 1NJ3C706 Ransomware

5H311 1NJ3C706 Ransomware is a malicious threat that encrypts files on the victim’s computer and then shows a note demanding to pay a ransom. Usually, we do not recommend paying the ransom because there is always a chance the user could be tricked, and the money he spends might go to waste, but in this case, it may not be necessary. Apparently, the malware has an integrated decryption tool, which deciphers all user’s data after entering this passcode: 666HackerThn. Of course, we cannot be sure the decryption password will not be changed, but if you come across this infection and you have no other options to get your data back, it is worth a try. Needless to say, later on, we would recommend removing 5H311 1NJ3C706 Ransomware from the computer as leaving it could be still dangerous. If you need help with its deletion, you should take a look at the instructions we will place below the article. Read more »

PUP.Daily File Converter

PUP.Daily File Converter

Daily File Converter is a free tool for Google Chrome and Mozilla Firefox web browsers that is meant to convert files. Although the extension works, there is no need to install it because its services are neither exclusive nor highly useful. Unless you convert files all the time, you really need to think carefully if you should get involved. The services promoted by the extension are offered at cloudconvert.com, and so you might as well bookmark this website rather than install a potentially unwanted program (PUP). Well, what could go wrong if you installed it? First and foremost, that depends on how you install it. If you install the PUP along with malicious programs, you could encounter serious security problems. Besides that, the extension is not as innocent as it might appear to be at first, and our Anti-Spyware-101.com research team has a few things to share with you. If you end up deciding you want to delete Daily File Converter, you can find a manual removal guide below. Before you follow it, we suggest you read this report. Read more »

Giyotin Ransomware

Giyotin Ransomware is among the newest ransomware infections detected by specialists at anti-spyware-101.com. It seems that malware targets Turkish-speaking users primarily, but it does not mean that you cannot encounter it. You might find any harmful program installed on your computer if you are not very careful, click on random links and advertisements that are displayed to you, and download tons of all kinds of applications from torrent websites. Luckily, Giyotin Ransomware does not encrypt files on users’ computers even though it places a window with a message in Turkish over the users’ screens claiming that all important files have been encrypted immediately after the successful entrance. According to specialists, this might show that Giyotin Ransomware is still in the development phase or hackers expect that users will send them money immediately after discovering a message opened on their Desktops. Since that window can be closed easily, you will see for yourself that none of your files have been locked – simply tap Alt+F4 to close it. It does not mean that you do not need to do anything else if your files have not been encrypted – you must still remove the ransomware infection from your PC. There is nothing smart about keeping malware on the system, even if it is not extremely harmful, because it might download an update from its C&C server and turn your life into a nightmare. Read more »

goDownload Search Plus

goDownload Search Plus

Do you download new programs and extensions frequently? If you do, goDownload Search Plus might seem like a great program. The Chrome webstore installer introduces this potentially unwanted program (PUP) as this “powerful search engine” that, allegedly, can offer you “a variety of unique features and search tools.” The application is presented at chrome.google.com/webstore/detail/godownload-search-plus/cbieibobpefaobhfncpimjimbijplebe by gozooms.com. This source promotes “Zooms Start,” “Search by Zooms,” and “Musix.” We do not recommend installing any of these add-ons, especially if you are not willing to research them first. In general, the extension we are discussing is not represented in a very clear or straightforward manner. It doesn’t even seem to have an official downloader. Is this a reason enough to remove goDownload Search Plus? It might be, but we can provide you with other reasons. If you continue reading this report, you will learn how to delete this PUP, and you will understand why that might be the best thing to do. As always, if there are any questions you come up with while reading this report, you can use the comments section to post them. Read more »

Power Speedup 2018

Power Speedup 2018

New PC optimization tools are released every year; however, some of them do not differ much from older applications. Power Speedup 2018 is the perfect example of this. It has been developed on the same template as some other PC optimization tools our specialists analyzed last year.  It looks like perfectly decent software, but what immediately causes concern about its trustworthiness is the message “The site ahead may contain harmful programs” that is displayed to users trying to open its official website https://www.speedywinutils.com. Of course, if you have an older version of the web browser you use, it is very likely that you will open it without any problems. Malware researchers working at anti-spyware-101.com have also confirmed that it is not exactly a fully reliable application. No, it is not harmful malicious software, but, according to them, it has several drawbacks that make it a potentially unwanted application. Continue reading to find out more about it and then decide whether or not it should stay installed on your system. Read more »

IT.Books Ransomware

IT.Books Ransomware

IT.Books Ransomware encrypts almost all files found on the computer, which is why some of the software might crash once the system gets infected, and data like images might become impossible to open. The cybercriminals behind this threat may offer their decryption tools for a particular price, but it seems to us it would be safer to restore enciphered data from backup copies. It would not cost you anything either. However, before attaching any removable devices or connecting to cloud storage where backup copies could be kept, it would be advisable to erase the malicious application first to be on the safe side. If you choose to follow our advice we encourage you to use the removal instructions available at the end of this report. On the other hand, if the process appears to be too complicated for you to complete on your own, you could get a legitimate antimalware tool and let it eliminate IT.Books Ransomware for you. Read more »

Kraken Cryptor 1.5 Ransomware

Kraken Cryptor 1.5 Ransomware is a nasty computer threat whose entrance will not be fun at all. It is one of those harmful malicious applications that enter computers to obtain money from users, so if you ever encounter it, you could no longer access a bunch of files on your computer. The ransomware infection locks files with .3gp, .1cd, .dat, .dbx, .class, .docx, .doc, .drw, .dxg, .djvu, .groups, .jar, .java, .json, and other popular extensions, but, luckily, it skips all system files. In other words, your computer will continue working normally even though you could no longer open a bunch of your files. You will be offered to acquire a unique key that can unlock encrypted personal files, but you should definitely not send money to cyber criminals. We do not say so without reason. Sending money to crooks is not a smart move no matter what kind of computer threat you encounter because it is unclear whether you will really solve your problems by making a payment. Speaking about this particular situation, the Kraken Cryptor 1.5 Ransomware encounter, we are sure this infection will not be deleted from your system even if you transfer a ransom. On top of that, you cannot be 100% sure that you could really unlock your files. Read more »

bkp@cock.li Ransomware

bkp@cock.li Ransomware

Have you found a window with a padlock image claiming that “All your files have been encrypted!” opened on your Desktop? If so, bkp@cock.li Ransomware must have infiltrated your computer and already done the damage. bkp@cock.li Ransomware is nothing else than a harmful malicious application that seeks to obtain money from users. It locks personal files on affected computers for the same reason as well. The exact amount of money cyber criminals behind this infection wants is not indicated in the message the opened window contains, but it still tells users that they will have to pay money if they have encountered bkp@cock.li Ransomware: “You have to pay for decryption in Bitcoins.” Of course, it does not mean that you could not delete this threat from your system if you do not transfer a ransom. Actually, we do not even recommend sending money to malicious software developers because they will definitely take your money, but there are no guarantees that the working decryption tool will be sent to you. The ransomware infection will not be erased from your computer, no matter you pay money or not. Read more »

Fanatics Search

Fanatics Search

If you are not cautious, you might install malware and unreliable or unwanted programs without even realizing it. Fanatics Search has an official installer, but because this installer does not present the add-on in an attractive manner, it is most likely that third-party installers are used for the distribution. These installers might attach the extension to more desirable programs, or it could be lost in the middle of all other programs bundled together. All in all, regardless of how you install the application, it is recommended that you remove it from your web browser. At the time of analysis, it was compatible with Mozilla Firefox and Google Chrome browsers only. The extension was also available on official Chrome and Firefox app stores: chrome.google.com/webstore/detail/fanatics-search/aphmipfohigogebjlbkeecamnljollac and addons.mozilla.org/firefox/addon/fanatics-search/. Without a doubt, it might be easier to handle the situation of the only thing you need to do is delete Fanatics Search. That being said, make sure you eliminate all unwanted and malicious threats that exist on your operating system. Read more »

EverydayMemo Toolbar

EverydayMemo Toolbar

Did you research EverydayMemo Toolbar before installing it into your Windows operating system and Internet Explorer, Google Chrome, or Mozilla Firefox web browser? If you did, the chances are that you did not install it at all. Otherwise, you might have decided that the benefits of the suspicious application outweighed the security risks that are associated with it. If you did not research the application before installing it, you might have been surprised regarding its activity. For example, you should have been surprised by the introduction of the MyWay search engine that is integrated into the interface of the application. Furthermore, you might have expected the app to install as a separate toolbar that floats at the top of the browser. Instead, it is represented via a new tab page, and it might be represented via the homepage of Internet Explorer and Mozilla Firefox browsers too. Due to this, some remove the toolbar because they believe it to be a browser hijacker. While we do not classify it as a hijacker, we do advise deleting EverydayMemo Toolbar from your browsers. Read more »