Monthly Archives: December 2017 - Page 8

French Ransomware

French Ransomware

French Ransomware appears to be a new malicious file-encrypting program created while using an open-source ransomware known as Hidden Tear. The threat looks quite dangerous since it can encipher not only pictures, text documents, or other personal files, but also executable files and other data that could belong to the software located on the affected computer. Fortunately, the malware is still in the development stage and so even if you come across it, the chances are it might not lock any of your files, and later in the article, we will tell you more about it. It is still difficult to say if the threat is even being spread yet, but just in case it is we will provide step by step deletion instructions showing how to get rid of French Ransomware manually. The infection can be removed with a legitimate antimalware tool too, so all that is left is to decide which way is easier for you. Read more »

Package Tracker Pro

Package Tracker Pro

Package Tracker Pro is a new questionable browser extension from the notorious Polarity family. This tool offers you the ability to "track all of your FedEx, UPS, and USPS packages" but our malware specialists at anti-spyware-101.com say that this is just another potentially unwanted program (PUP) created by Polarity Technologies Ltd, which can also be labeled as a browser hijacker. In fact, this is not even a new tool since we have already seen its identical twin called Search.hfastpackagetracker.co. This family contains dozens of similar or identical clones. The main issue here is that this PUP promotes a questionable and potentially unreliable search engine that may expose you to potentially unreliable third-party ads and links through modified search results. We recommend that you remove Package Tracker Pro from your browsers to stop further infections from happening. Read more »

Xzzx Ransomware

Xzzx Ransomware is the newest variant of CryptoMix Ransomware. It was first detected at the end of November, 2017, so we cannot say that it has already become a prevalent infection. The chances are not very high that you will ever encounter it, but you still need to be cautious if you do not want to find your files locked completely. It should be mainly distributed as other ransomware-type infections, i.e. via spam emails, so do not go anywhere near these emails if you do not want to encounter this malicious application. If it is a little too late for prevention, i.e., you have already found this threat on your computer, you should mercilessly delete it from your system. Do not even bother sending an email to the author of Xzzx Ransomware because you will be asked to pay a ransom for the decryptor. Since you do not know whether you could decrypt your files after transferring your money to them, you should not send the required money to crooks. Instead, eliminate the ransomware infection from your computer today. If you do not disable it, it will keep running on your computer due to the entry in the Run registry key it creates upon the entrance. Read more »

Nilla Weather

Nilla Weather

Recently our researchers have discovered another potentially unwanted program (PUP) almost identical to Check Weather or Always Weather; it is called Nilla Weather. Like its older versions, the application is targeted at Google Chrome users and is designed to show users weather forecasts based on their location. Nevertheless, our specialists at Anti-spyware-101.com discovered that the add-on might do more than provide the user with weather information. Apparently, the extension might place third-party advertisements while the user is surfing the Internet. The worst part is, there are no guarantees about such content's reliability and given it could be displayed by a PUP we would not be surprised if some of the ads may redirect the user to scam web pages, suggest installing various threats, etc. Because of this, we recommend not to waste any time with Nilla Weather and get rid of it with no hesitation. Read more »

Cryp70n1c Ransomware

Cryp70n1c Ransomware

Cryp70n1c Ransomware is a dangerous threat that cyber criminals have designed to encrypt your files. This threat was built using a source-code that is popularly known by the name Hidden-Tear. There are hundreds of infections built using it, some of which include French Ransomware, Jhash Ransomware, and Onion3Cry Ransomware. These infections are equally as malicious and dangerous, and so it is crucial that you protect your Windows operating system against them. If the malicious ransomware has already corrupted your operating system, you probably are worried about your personal files. The thing is that this threat corrupts files only in certain folders in the %USERPROFILE% directory. If you do not keep any important files here, it is unlikely that the threat has done any real damage. Nonetheless, in any case, you must delete Cryp70n1c Ransomware from your operating system, and the sooner you take care of that, the better. If you are in a hurry to remove this malicious threat, refer to the guide below. If you want to get more information about this threat, continue reading. Read more »

Terdot

Terdot is an extremely malicious and dangerous piece of software, that should not be active on your personal computer. If unfortunately, you have discovered it up and running on your PC, make sure to execute its complete removal without any hesitation. During the in-depth analysis, malware experts at Anti-Spyware-101.com have noticed that the Trojan in question can gather sensitive data without your knowledge or authorization. Furthermore, it could subject your operating system to other devious programs, and you would not have a clue. If you want to find out more about the complex inner workings of this malicious program, make sure to read our report as we provide in-depth information gathered by our malware experts. Also, you will find a few virtual security tips, which you should use to improve your overall system's security. To help you remove Terdot, we provide a detailed removal guide below. Read more »

Bancocrypt Ransomware

Bancocrypt Ransomware is another name of Jhash Ransomware. Its primary goal is to help cyber criminals to obtain money from users, so the first activity it performs on affected computers is the encryption of victims’ personal files (for instance, pictures, downloads, games, videos, and much more). The encryption of victims’ personal data is nothing new – the majority of ransomware infections created using the source code of Hidden-Tear, open-source ransomware, lock users’ data right after slithering onto their computers. We suspect that your files have already been locked too if you are reading this article. There are hundreds of crypto-threats that could have done that, but you can be sure that Bancocrypt Ransomware is the one responsible for encrypting your data if these files you can no longer open have a new extension appended to them. Specifically speaking, this infection uses the .locky extension to mark those locked files. You will not remove this extension easily. In fact, only a decryptor can do that. You will be offered to purchase it, but you should not do that because cyber criminals behind this threat might not even give it to you. There might be no other ways to decrypt data for free, but you can always restore it from a backup you have. You should not rush to delete these encrypted files from your system even if you have never backed up your data too because free decryption software might be developed someday. Read more »

Smart PC Mechanic

Smart PC Mechanic

If you think that Smart PC Mechanic can provide you with reliable system security and optimization services, you are not right. This alleged system optimizer might appear to be great, but, in reality, it is not equipped to assist you properly, and that is the conclusion our Anti-Spyware-101.com virtual security experts have made after analyzing this suspicious application. In fact, it is classified as a PUP (potentially unwanted program) because its services are not beneficial. Although this application can scan your PC and identify certain components that allegedly require your attention, the chances are that these components are just junk that does not threaten your virtual security. If a program can only remove harmless files, do you want to invest in it? Most likely, you do not. Continue reading this report to learn more about the suspicious, potentially unwanted program and its elimination. If you cannot wait to delete Smart PC Mechanic from your Windows operating system, check out the guides below. Read more »

WannaPeace Ransowmare

WannaPeace Ransowmare is not an application that should be up and running on your personal computer. If you ever encounter it while surfing the web, it is critical to do everything in your power to avoid it. Our malware experts advise you to do so because this devious application can act in an extremely malicious manner. If you are not familiar with ransomware programs, you must know that they are designed to lock a vast number of data without any notification or authorization. If you want to learn how that could happen, make sure to read the rest of our detailed report. Additionally, you will find a few virtual security recommendations, which will allow you to maintain a fully secure operating system at all times. To help you remove WannaPeace Ransowmare once and for all, we also include a detailed removal guide that we present below. Read more »

Shadow Ransomware

Shadow Ransomware

Shadow Ransomware is a vicious threat that may leave you with no working programs and none of your personal data. The malware does not exactly ruin any files, but it enciphers them with a secure encryption algorithm and without specific decryption tools such data becomes useless. To extort money from you, the threat’s creators should ask you to pay a ransom in exchange for a decryptor. No doubt they may sound quite sincere, but keep it in mind there are no guarantees they will keep up with their promises. There are plenty of users who got tricked while believing they could trust hackers and if you do not want to be one of them we would advise you to remove the malicious application. The instructions you can find a bit below the article should help you with such a task. However, if you are interested in getting to know more about Shadow Ransomware, we recommend reading the rest of our article too. Read more »