Author Archives: Max Lehmann

MediaConverterOnline Promos

MediaConverterOnline Promos

You might think that MediaConverterOnline Promos has something to do with video or music conversion, but it is a potentially unwanted program that shows advertisements. Now, who would install a program that shows ads? Well, if it is advertised as a tool that can convert video/audio files, some people might be willing to take the ads, but some users might choose to install the extension simply because of the ads. Yes, there are people in this world who seek out ads, and it is most likely that they do that because they want to save money or find better deals. Whatever your reasoning might be, if you have decided to install the extension, you want to think very carefully if it is not better for you to remove it from your Google Chrome browser. If you have already decided to delete MediaConverterOnline Promos, the Anti-Spyware-101.com research team has created a guide that should assist you below. If you want to get more information about the suspicious PUP, you should continue reading. Read more »

Ekans Ransomware

Ekans Ransomware

If Ekans Ransomware enters your system, you might notice that one by one, your files are becoming unreadable until your computer crashes. However, you may not have to fear it if you are a regular home user because from what we have learned about this threat, it looks like its creators might be after businesses or other organizations. It appears the malware was created for money extortion as the note it creates mentions about users having to pay in order to receive decryption tools. Of course, since an infected device might crash soon after the threat gets in, its user might be unable to view this ransom note. If you want to know what your options are after receiving Ekans Ransomware or you are interested in more details about it, you should have a look at the rest of this report. Read more »

Devil Ransomware

Devil Ransomware

Devil Ransomware is a malicious computer infection. This program was designed to swindle you out of your money, but it is up to you to decide whether you give your savings away or not. Needless to say, you should not follow this program’s instructions. You have to act swiftly and remove Devil Ransomware immediately.

The truth is that removing ransomware infections from our computers is not that complicated. It is a lot more difficult to recover all the files that were affected by encryption. You shouldn’t rule out the possibility that you may need to start building your file library from scratch. Read more »

Pysa Ransomware

Pysa Ransomware

It is important to notice when Pysa Ransomware slithers in because it is your best chance of removing the infection and stopping it from encrypting your personal files. If you do not notice the threat, it encrypts files and then erases itself. Yes, Pysa Ransomware deletes itself, and that means that you might not need to worry about clearing your system from malware, but, just in case, you should employ a trusted malware scanner. Do it now to learn whether or not there is anything that you need to pay close attention to. Hopefully, threats no longer occupy your operating system, and you can focus on your personal files and, of course, the security of your Windows system. Note that even if you end up losing all encrypted files, you need to secure your system because there are hundreds and thousands of other infections that could invade it next. The ball is in your court. Read more »

FlowerPippi

If you are informed about the existence of FlowerPippi, you need to make sure that you remove this threat as soon as possible. You also need to inspect your operating system for other threats because this backdoor malware is unlikely to exist on its own. In the summer of 2019, this malicious threat was found to spread via spam emails along with Gelup, another Trojan that, of course, requires elimination as well. These two infections are believed to belong to the TA505 group, which has been sending its malware in many different directions. Its activity has been recorded in Morroco, the Middle East, and also Australia, Japan, and the Philippines. If you live in these three countries, you are more likely to need to delete FlowerPippi from your operating system. So, how can you get rid of this malware and, more important, how can you ensure protection against it in the future? Read more »

VeePN

VeePN

In this report, we are discussing the VeePN Chrome extension that the users of this browser can acquire from the popular Chrome web store at chrome.google.com/webstore/detail/veepn-unlimited-free-fast/majdfhpaihoncoakbjgbdhglocklcgno. The extension is free, and so it is no surprise that over 11,300 Chrome users have downloaded it already. The program also has a shinning 4.5/5 star rating (from 49 users), but it has a mixed bag of reviews. Some of them make the extension sound amazing, while others might create doubts and make you question its versatility and usefulness. According to Anti-Spyware-101.com research team, the extension works, and although it has a limited number of free VPN servers (at the time, we had six to choose from), it offers more for those willing to pay for the Premium service. Despite this, some Chrome users choose to remove VeePN from their browsers. Are there specific reasons for that, or do these users find better tools? Continue reading to find out, and note that a guide showing how to delete the potentially unwanted program (PUP) from Chrome is available below. Read more »

SaveTheQueen Ransomware

SaveTheQueen Ransomware is a recently created file-encrypting threat. It is possible that we encountered a test version, which means the malware could still be in development. Our researchers think so because the malicious application does not drop a ransom note. Showing a ransom note is typical behavior for ransomware as such programs are mostly used to extort money from regular home users, businesses, or institutions. Further, we explain how our encountered variant works, how it could be distributed, and how it could be erased if it enters a system. At the end of this text, we also provide deletion steps that show how to remove SaveTheQueen Ransomware manually, although we cannot guarantee the instructions will still work if hackers release a new version of the malware. Read more »

CStealer Threatens the Security of Google Chrome Users by Stealing Passwords

Do you use Google Chrome on a daily basis? Perhaps you use it at work, or maybe you only use it at home. Whatever the case is, we are sure that you want to be safe while using this web browser. Unsurprisingly, Google Chrome is the most popular browser, with more than 69% of people using it all around the world. Unfortunately, the most popular services are usually the ones that are targeted by schemers and cybercriminals in most cases too. CStealer is a dangerous Trojan that was created to go after Google Chrome users specifically, and if it is successful, it can steal sensitive passwords stored on this browser. Read more »

Trojan.PyXie.A

Trojan.PyXie.A is a malicious computer infection that can remain hidden in the target system for a long time before the infected users does anything about it. It is a Trojan that works as a Remote Access Tool (RAT), and so it has a pretty wide functionality, which allows other cybercriminals to make use of this infection. In some cases, Trojan.PyXie.A can also be used to distribute ransomware, so the sooner you remove it from your system the better. The best way to find out whether you have this threat on-board is to run regular system scans with a reliable security tool. Read more »

Msop Ransomware

Msop Ransomware

Msop Ransomware is not the kind of threat that you would ever consider to be harmless. It does not try to disguise itself because that is not something that cybercriminals behind this malware need to do. Sure, they need to execute this malware silently, so that your personal files could be corrupted without disturbance, but once that is done, the threat needs to reveal itself. The purpose of this threat is to push victims into paying a ransom in return for a tool that, allegedly, could be used to decrypt files. Therefore, once files are corrupted, the infection immediately introduces you to a file named “_readme.txt.” We discuss the contents of this text file further in the report. We also discuss how the infection spreads, and how to keep your operating system protected against it in the future. Most important, we discuss how to delete Msop Ransomware, and we are almost certain that you have found this article because you already know just how important the removal of this threat is. Read more »