Author Archives: Max Lehmann

Gelup

Gelup is another Trojan like FlowerPippi that targets victims from Japan, Argentina, and the Philippines. The threat might put a user’s privacy at risk as it may gather various private and sensitive information. Also, our researchers at Anti-spyware-101.com believe the malware could be able to download more malicious data once it enters a system. Thus, it is safe to say, the Trojan should be eliminated as fast as possible. To get rid of it manually we invite you to use our deletion guide located at the end of this report. You can also pick a legitimate antimalware tool if you prefer erasing Gelup with automatic features. Should you have more questions about this malicious application, do not hesitate to leave us a comment below. Read more »

Plurox

In this text, we discuss a malicious application called Plurox that falls under the category of backdoor. The research shows it may allow attackers not only to gain access to a victim’s computer but also to its network and other devices on it. However, our researchers say the malware looks for systems vulnerable to a particular exploit that was first misused a couple of years ago. Since this weakness has been patched already, we do not think a lot of computers could be still vulnerable to such attacks. Naturally, if you do encounter it, we recommend reading our report so you would know how it works and what you should do to erase Plurox from your system. As for step by step removal instructions, we offer the instructions placed at the end of this page. Read more »

Scarab-Skype Ransomware

Scarab-Skype Ransomware has nothing to do with Skype, and it is not after its users in particular. The only reason why the malicious application has the popular telecommunications program’s title in its name is that it uses a .skype extension to mark all files it encrypts. Such data becomes unusable and to extort money from users who have no backup copies, the malware should show a message saying it is possible to decrypt affected files for a particular price. Needless to say, there are no guarantees when dealing with cybercriminals and doing so is always risky. If you do not want to risk losing your money in vain for data that got encrypted, we advise closing ransom note and erasing Scarab-Skype Ransomware. The instructions available at the end of this article show how to remove this threat manually, although it can be deleted with the help of a legitimate antimalware tool too. To learn more about its removal and the malware’s working manner, we invite you to read our full article. Read more »

NOT_OPEN_LOCKER Ransomware

NOT_OPEN_LOCKER Ransomware

NOT_OPEN_LOCKER Ransomware is a computer infection that was released quite a while ago. It means that there should already be a public decryption tool available for this intruder. Also, it is very likely that the main server for this infection is down, so there is no use in paying the ransom fee. Not that you should ever do anything like that.

You need to remove NOT_OPEN_LOCKER Ransomware from the infected system, and then make sure that such infections do not enter it again. Aside from investing in a licensed antispyware tool, you should also educate yourself about ransomware distribution patterns. Read more »

Nanocore malspam

Nanocore malspam is a Trojan infection that can be active on your system for quite a while before you even notice that you have this program on-board. Depending on what the owners of this infection intend to do; Nanocore malspam can perform quite a few tasks, from collecting private information to boosting a DDoS (Distributed Denial of Service) attack. Thus, it is crucial to detect this infection as soon as possible, and then remove Nanocore malspam from your system. For the most efficient malware removal, do not hesitate in a licensed antispyware tool. Read more »

Dodger Ransomware

Dodger Ransomware

Dodger Ransomware locks your files and then shows a note blaming you for it. Our researchers say it is strange that the message does not ask to pay for getting decryption tools, but since it provides email address belonging to the hackers behind it, we suspect victims might be asked to pay a ransom if they email the cybercriminals. Of course, it would be risky to put up with any of their demands as there is a chance you could get scammed. If you do not want to risk it, we encourage you to get rid of Dodger Ransomware with the instructions placed below or a legitimate antimalware tool. As for discovering more about the malicious application, we invite you to read the rest of our report. Read more »

Trojan.HyperBro

If Trojan.HyperBro appears on a system, its developers might be able to spy on the computer’s owner and record particular information related to his browsing. Naturally, the longer the malicious application manages to hide from the user, the more details it might record, which is why it is vital to remove it immediately. If you have no experience and do not want to waste any time, we recommend employing a legitimate antimalware tool that could deal with this malware for you. Experienced users could try to remove it manually, and the instructions located below this article may help with it. As for the rest of the article, it can tell you more about Trojan.HyperBro, for example, where it could come from or how does it work. Feel free to place a comment at the end of the article if you wish to know anything else about this malicious application or if you need assistance while eliminating it. Read more »

Sodinokibi Ransomware

Sodinokibi Ransomware

Sodinokibi Ransomware encrypts files on an infected device to make them unusable and shows a ransom note claiming the malware’s developers can recover all of them. Needless to say, in return, they should ask to make a payment, so getting your files back may not be as easy as it might seem. The hackers might say they guarantee you will get your data back, but in reality, there is not knowing if they mean to keep up with their promises. If you do not want to risk losing your money in vain, we advise deleting Sodinokibi Ransomware with the removal steps available at the end of this article or a legitimate antimalware tool of your choice. Naturally, if you wish to learn more about the malicious application first, you should read the rest of our article before checking the removal instructions. Read more »

Poop Ransomware

Poop Ransomware

Poop Ransomware is a threat that shows a message threatening victims to pay a ransom, or else cybercriminals promise to leak user’s private data. Our specialists do not think there is a need to worry about such threats as the malicious application does not seem to be gathering the information that its creators threaten to leak. Another reason, we advise against paying it that you cannot be sure the cybercriminals will hold on to their end of the bargain. Whether you pay or not, they may not bother sending decryption tools that are needed to decrypt data locked by the threat. In some cases, hackers start asking for more money or victims never hear from them again. If you do not want to take any chances, you could remove Poop Ransomware from the system. It will not decrypt any data, but it will allow you to start anew with a malware-free computer. To learn how to erase the malicious application manually, you should have a look at the last paragraph and the instructions placed below it. Read more »

0day Ransomware

If you do not take care of your operating system, 0day Ransomware could slither in and destroy your personal files. Although this infection does not remove them, it locks them up. The threat encrypts them using a unique encryption key, and, as a result of that, the files cannot be read. Unfortunately, only a unique decryption key can “unlock” your files, and we cannot provide you with it. A free decryptor that would work did not exist at the time of research either. If you find a tool that claims to restore your files, make sure you research it first because you do not want to let in more threats by accident. All in all, the only ones who appear to have the decryptor are the creators of the infection, and they are unlikely to let it go, even if you agree to all of their conditions. We talk more about that in this report. Of course, we want to focus on deleting 0day Ransomware, and if you too want to eliminate this malware from your Windows operating system, please continue reading. Read more »