Author Archives: Lisa Blanc - Page 5

Anchor

While we usually talk about one specific infection, Anchor happens to be a group of Trojan infections that target multiple systems worldwide. There have been several waves of this infection recorded, and users are always encouraged to learn more about Trojan distribution, so that they could avoid similar intruders in the future.

What’s more, we would like to point out that removing Anchor manually could be quite challenging. Therefore, it would be recommended to invest in a licensed security application that would terminate everything related to Anchor at once. After all, automatic malware removal is the fastest and the most efficient option you have. Read more »

Lampion

The end and the beginning of a year is always a good season for spammers and cyber crooks. There are so many ways to slither into target systems because of year-end communication between various companies and organizations. The people behind the Lampion Trojan infection seem to have caught up on that. This malicious infection targets users in Portugal by masquerading as an official email from the Portuguese Government Finance & Tax.

There are several stages of this infection, but the technical story aside, the most important thing for users is to remove Lampion and to avoid similar intruders again. Hence, we shall look at those two aspects in our description. Read more »

PhobosImposter Ransomware

PhobosImposter Ransomware

PhobosImposter Ransomware is a threat that adds the .phobos extension to each file that it enciphers. The malicious application uses a strong encryption algorithm, which is why files that get affected become unusable unless a victim has a decryption tool. Sadly, usually, decryption tools cannot be downloaded from the Internet. That is because hackers are often the only ones who have such tools, and they provide them only to those who pay a ransom. Cybercriminals behind PhobosImposter Ransomware are not an exception as they claim they want to receive a payment in Bitcoins in the malware’s displayed ransom note. Before deciding what to do, we encourage you to find out more about this malicious application, which you can do if you read the rest of our article. If you decide you wish to erase PhobosImposter Ransomware, we recommend checking our removal instructions that you can find at the end of the text. Read more »

BDDY Ransomware

BDDY Ransomware

BDDY Ransomware belongs to the Matrix Ransomware family. It encrypts various files that could be valuable and then shows warning messages that urge victims to contact the malware’s developers and pay for decryption tools. Hackers might sound convincing in their messages, but keep in mind that there are no guarantees that they will deliver what they promise even if you do what is told. Naturally, if you do not think you can risk losing your money in vain, we advise not to put up with any demands. If you have backup copies, you can replace encrypted files with them as soon as you erase BDDY Ransomware, and your computer becomes malware-free again. To learn how to delete the malicious application manually, you should check the instructions located below this text. Of course, if the process seems too challenging, you should not hesitate to leave this task to a legitimate antimalware tool of your choice. Read more »

Prometey Ransomware

If you are not cautious, you run the risk of facing Prometey Ransomware, a dangerous infection that can seamlessly encrypt all of your personal files. During the process of encryption, the data of the affected files is changed, and that ensures that you can no longer read them in a normal manner. A decryptor is needed for that. Unfortunately, you cannot download just any decryptor to assist you because the attackers behind this malware are using a unique encryptor, and it has not been deciphered yet. It is possible that no one will be able to decipher it at all. This is good news for the attackers behind the threat because if you cannot decrypt the files yourself, and if you do not have copies that could be used to replace the corrupted files, you might give in to their demands. Hopefully, you have not done that yet. To learn more about the infection and its removal, please continue reading, and note that if you need assistance deleting Prometey Ransomware, you can always post a comment below. Read more »

Pponce.lorena@aol.com Ransomware

Pponce.lorena@aol.com Ransomware

Anti-Spyware-101.com research team is warning Windows users about a new threat called Pponce.lorena@aol.com Ransomware that comes from the GlobeImposter Ransomware family. This version of the well-known infection adds the “.[ponce.lorena@aol.com]” extension to the files that are corrupted by it, and so if you have discovered corrupted files with this extension, we suggest that you read this report. Hopefully, you will be able to recover your files, but that is unlikely to happen if you choose to follow the lead of the cybercriminals who control this malware. Since this threat is part of a larger family of malware, a free decryptor already exists. We cannot guarantee that the GlobeImposter Decryptor will be able to restore all files corrupted by the threat, but this might be the best option you have. Alternatively, you might be able to use backups to replace the corrupted files, but all of this should be done after deleting Pponce.lorena@aol.com Ransomware. Do you want to learn more about the removal of this malware? Continue reading if you do. Read more »

GlobeImposter Ransomware (.Horriblemorning variation)

GlobeImposter Ransomware (.Horriblemorning variation)

You do not need to guess whether or not GlobeImposter Ransomware (.Horriblemorning variation) has invaded your operating system. All you need to do is look at your files and see if “.Horriblemorning” has been attached to their names. If this extension is added, the malicious ransomware has encrypted your personal files, and you need to take immediate action. Sadly, files cannot be restored by removing the threat, but there are solutions that might help you with that. For one, the GlobeImposter Decryptor created by malware experts might assist in some cases. Alternatively, some victims might be able to replace the corrupted files using copies stored online, on external drives, or other secure locations. Of course, before any replacements can be made, it is necessary to delete GlobeImposter Ransomware (.Horriblemorning variation). Whether you identify it as GlobeImposter Ransomware or Horriblemorning Ransomware, you need to figure out a way to get rid of this malware ASAP. Read more »

MZP Ransomware

MZP Ransomware

MZP Ransomware is a sneaky threat that might appear on a system after opening a suspicious file received or downloaded from the Internet. It can encrypt various documents and picture formats. As a result, its affected files should become locked. While such data can be unlocked, the tools needed for this task might be impossible to get. We explain this as well as other things related to this malicious application further in this article. Thus, if you wish to learn more, we invite you to read our full text. Also, have in mind that should you choose to erase MZP Ransomware manually, you could use our removal instructions placed at the end of this article. There is a comments section too that we encourage you to use if you have any questions about this malware. Read more »

Gesd Ransomware

Gesd Ransomware is a dangerous program that will surely slither into your system behind your back. Since it is a ransomware program, we know already what it wants from you – money. You should do your best to resist its threats and remove Gesd Ransomware from your computer as soon as possible. Although there are the manual removal instructions below this description, you should seriously consider scanning your computer with a licensed antispyware tool that would help you delete all the malicious programs automatically. Consequently, you would also protect your computer from other similar threats. Read more »

MarioLocker Ransomware

MarioLocker Ransomware

MarioLocker Ransomware is an infection that might have been abandoned by its creator already. That is what we have to think about because one of the most important files that belong to this malware can no longer be downloaded onto the infected systems. Perhaps this is just a temporary glitch, and perhaps the file will become downloadable again. If that happens, the Anti-Spyware-101.com research team will report back to you as soon as possible. For now, it looks like we are dealing with something that might be obsolete already. That being said, it is always possible that the threat could be spread even if parts of it are dysfunctional. In most cases, ransomware is spread using spam emails or bundled downloaders, and you could always open spam emails much later on, and bundled downloaders could float around with dysfunctional malware for a long time. Whatever the case, whether or not your files were encrypted, you need to remove MarioLocker Ransomware if it got in. Continue reading, and you will learn how to delete this threat. Read more »