Author Archives: Max Lehmann

Kronos Ransomware

Kronos Ransomware shows a note through which the malware’s creators try to convince their victims to pay a ransom. In exchange, the hackers promise to send a decryptor that could decipher the threat’s affected files. They even promise to prove that they have the needed decryptor by allowing their victims to send one file for free decryption. Even so, we would not recommend agreeing to pay a ransom if you do not want to risk losing your money in vain. It is possible because even if the cybercriminals have the promised recovery tools, it does not guarantee they will send them to you. In any case, it is up to you to decide what you should do. If you choose to eliminate Kronos Ransomware, we advise using the instructions available at the end of this article or a chosen antimalware tool. In case you want to get to know the threat better, we invite you to read our full article. Read more »

Erenahen Ransomware

Erenahen Ransomware

Have you ever been infected with ransomware? If you have, you know what to expect from Erenahen Ransomware. This is not a new player in the field because this program comes from a notorious group of similar infections. It is a dangerous infection that has quite a few tricks up its sleeves, and it can do a lot to prevent you from restoring your files.

Nevertheless, you should work hard to remove Erenahen Ransomware from your computer as soon as possible. For the manual removal instructions, please scroll down to the bottom of this description, and then terminate the infection for good. Read more »

Sherminator Ransomware

Sherminator Ransomware

Sherminator Ransomware appears to be a new variation of Mr.Dec Ransomware. Same as its early version, it encrypts files and shows a ransom note. The note does not ask for a ransom as it only claims a user needs to email the malware’s developers. However, based on our experience with such threats, we believe the demands for payment could be delivered later on via email. It is vital to understand that the hackers may promise anything to convince their victims to put up with their demands, but there are no guarantees they will hold on to their promises. Meaning, even if you do as told, you might not get your files decrypted. Thus, we advise thinking twice before putting up with any demands. If you decide it is not an option, we recommend removing Sherminator Ransomware with no hesitation. To learn more about it and its deletion, we invite you to read our full article and check the instructions available below. Read more »

Li Ransomware

Li Ransomware

Childhood photos, wedding videos, work or school documents, and other personal files can be corrupted by Li Ransomware if the conditions are right. These conditions include the Windows operating system being unprotected, users being careless/uneducated, and/or vulnerabilities being exposed. Although hundreds and thousands of file-encrypting infections are active as you read this, cybercriminals successfully find new victims. Of course, with more and more information being available, fewer and fewer Windows users are attacked. That being said, cyber attackers adapt quickly, and they learn new tricks to perform successful attacks, and so you must not let your guard down. If the malicious ransomware got into your operating system, you might believe that your personal files will be restored the moment you remove it, but that will not happen. Although you must delete Li Ransomware, it is likely that only the creator of the infection can restore your files, and, unfortunately, they are unlikely to do it. Read more »

365Stream

365Stream

According to its description, 365Stream is “the best way to browse.” However, in reality, it does not look like the application can offer any advanced tools that would make it better than Google or Yahoo search engines. It seems like the extension’s provided search tool uses a modified version of search.yahoo.co to gather results. Also, users ought to know that the application may require permission to read the user’s browsing history. Such behavior might be unwelcome by users who consider viewing their history a violation of their privacy. Consequently, the extension falls under the classification of potentially unwanted programs. If you come across it, we encourage you to learn more about it by reading the rest of this article. If you decide to erase 365Stream, you can learn how to get rid of this potentially unwanted program by following the instructions available below, or you could employ a legitimate antimalware tool. Read more »

AwayTab

AwayTab

AwayTab is a traveling application, or so it claims to be. According to the information presented on the official download website (awaytab.com) and the Chrome web store – where the installer can be found (chrome.google.com/webstore/detail/awaytab/homnophpjlhlpaglnfpomcambjmgceem) – this extension can help Google Chrome users discover new travel destinations, beautiful images, and the cheapest flights. Obviously, if you are interested in saving money when planning your next trip, this extension might sound pretty useful. That being said, at the time of research, only 311 users were counted by the Chrome web store, and so it is unlikely that this potentially unwanted program (PUP) is spreading actively. It is possible that it will remain pretty unpopular, but it is also popular that it could see a surge of users. In any case, this PUP is not an extension we can ignore, and we are sure that many users will choose to remove AwayTab. Are you one of them? If you are, we can help you delete this add-on. Read more »

Travel Deals Center

Travel Deals Center

Do you love to travel? Do you love to snatch good deals for your upcoming vacations? If you do, Travel Deals Center might seem like the perfect addition to your Google Chrome browser. This extension is supposed to provide you with useful travel-related information as well as introduce you to some amazing deals. Although all of this sounds amazing, you also need to think about the extension’s ability to place cookies, track information about your activity, as well as hijack your browser’s New Tab page to expose you to a highly questionable search engine. This is why this seemingly beneficial extension is classified as a potentially unwanted program and why our research team recommends removing it. If you have already decided to delete Travel Deals Center, scroll down to the last section of the article. If you want to learn more about it before you can make a decision about what to do with it, keep reading. Read more »

PyLock Ransomware

PyLock Ransomware

When PyLock Ransomware encrypts your personal files, the “.locked” extension is added to their names to make sure that you can identify the corrupted ones right away. The attackers behind the malicious threat do not want to hide what they have done because they hope that the damage is big enough to convince you that you need their help. Nearly 200 different types of files can be corrupted by this malicious infection, and that includes images, documents, videos, and other files that you might have no way of replacing. The threat does not corrupt system files because it needs the system to run smoothly so that the attackers could make their demands clear and that the victims would understand what is expected of them. If the system was crashing, the victims would not be able to do what the attackers want. Unfortunately, if your files cannot be replaced, you might be willing to obey the demands of these attackers. That is a bad decision, and we recommend focusing on the removal of the threat. Do you know how to delete PyLock Ransomware? Read more »

Catelites: Android Malware That Faked Login Pages to Hijack Accounts

Reports suggesting that banking malware is on the rise once again keep coming out, and so it is important to remind ourselves how this malware operates. In this report, we analyze Catelites, an infamous banking malware that used fake apps on Android to attack unsuspecting users. This malicious threat was used primarily as a data stealer, and while it was, most likely, used to steal login credentials from banking apps, it could have stolen logins from any app that the user was opening. The only condition was that the infection could create an overlay for this app. Read more »

Movies123 Ads

Movies123 Ads

Have you been bombarded by random pop-ups that try to convince you to purchase something? Maybe you see Movies123 Ads every day and you don’t know how to get rid of them? You must have been affected by a potentially unwanted program that generates commercial advertisements.

Potentially unwanted programs and adware are not downright malicious infections but it would be a good idea to remove Movies123 Ads and anything similar from your system as soon as possible. While you can’t remove the ads themselves (they are generated online), you can remove the programs that utilize them and restore your browser settings to default. Read more »