Author Archives: Max Lehmann

Pro Search TIp

Pro Search TIp

Pro Search Tip is meant to be the “best search assistant,” but it is a useless program, and Anti-Spyware-101.com research team classifies it as a potentially unwanted program (in short, PUP). If you install it, your default search provider on Google Chrome will be replaced with search.prosearchtip.com, and if you think that this search tool is beneficial or trustworthy, you need to think again. Our research team recommends that you remove Pro Search Tip from your web browser, but do not take our word for it blindly. Keep reading this report to learn about this strange extension, and you will find all the motives to eliminate it from your own browser. Of course, we understand that not every single Chrome user has the same level of experience, and so if you find anything mentioned in this report unclear, or if you have questions about deleting the PUP, you can always post a comment below. Our malware and PUP experts are ready to assist you as soon as possible. Read more »

VegaLocker Ransomware

VegaLocker Ransomware

VegaLocker Ransomware is a malicious program that enciphers files with a robust cryptosystem. The purpose of doing so is to lock files the user might want to get back at all costs, e.g., photos, various documents, and so on. Soon after encryption, the malware should show a ransom note demanding to pay for decryption. The hackers do not name the price for their decryption tools, but whatever it is, we would not recommend paying it if you hate the idea your savings could be lost in vain. It could happen as cybercriminals cannot be trusted, and there is a possibility they might scam you. Therefore, we believe the safest option is to eliminate the malware. To erase VegaLocker Ransomware manually, you could follow the removal instructions provided below. As for users who prefer automatic features, we would advise deleting the threat with a legitimate antimalware tool. For more details about the malicious application, we invite you to read our full report. Read more »

One Click Booster

One Click Booster

One Click Booster is supposed to boost your Windows operating system by fixing errors in the Windows Registry and by deleting certain things, such as malware, PUPs, temporary files, cache, etc. While it is possible that this potentially unwanted program could clear your browsing history and eliminate the temp files successfully, you do not want to rely on it to clear your entire operating system from malware. This is not a security tool, and the best it can do is eliminate the components you can easily eliminate yourself. This is why we classify it as a PUP (potentially unwanted program) too. Do you know what you should do about PUPs? You should get rid of them. The instructions our researchers at Anti-Spyware-101.com created below will help you remove One Click Booster without much trouble, but we advise reading the report first to understand how risky it might be to trust untrustworthy programs. Please take note of any questions that might come up, and use the comments section to present them to our malware experts. Read more »

tRat

tRat

tRat is a malicious application created by a group of hackers who call themselves TA505. The same cybercriminals are responsible for malicious programs known as Dridex and Locky Ransomware. It is not a new threat since the first time it was noticed was a few months ago. It might still be active at the moment of writing, and if you have not heard of it yet, we highly recommend reading our full report. This Trojan can collect data about the infected device and then download malicious files to complete specific tasks given to the threat by its creators. In other words, the malicious application could be highly capable, and for your computer’s and privacy’s safety it would be wise to get rid of it without any delays. Users who feel up to the task could use the instructions located below. Of course, tRat can be removed with an antimalware tool too, so if you prefer using such a tool, all that is left to do is make sure it is legitimate. Read more »

Bestdecoding@cock.li Ransomware

Bestdecoding@cock.li Ransomware

If we had to name one threat that Windows users need to avoid, Bestdecoding@cock.li Ransomware could be it. Although it is pretty unoriginal, it is a file-encrypting threat, which makes it very dangerous. Every file affected by this infection is modified to ensure that it can be read only using a special decryptor. Where is it? We do not know if it is a real thing at all, but if it is, cyber criminals must have it hidden somewhere out of research. If you were able to obtain the decryptor for free, there would not reason for malware attackers to create ransomware and communicate with victims. Read more »

SmartPackageTracker

SmartPackageTracker

SmartPackageTracker is a browser extension targeted at users who are looking for tools that could help them track various packages. Our researchers tell the application might change the user’s homepage, default search engine, or new tab page with a website of its own. Plus, it is possible it could display unreliable advertising content. Because of this, the add-on falls under the classification of potentially unwanted programs or PUPs in short. As you continue reading our article, we will explain to you more about this extension. Those who choose to eliminate it should have a look at the instructions available below too. Of course, if you prefer using automatic features instead you could employ a legitimate antimalware tool. Read more »

FCrypt Ransomware

FCrypt Ransomware

FCrypt Ransomware is a threat that can encrypt files, but it is unlikely that it spreads and that it encrypts files in reality. First of all, our Anti-Spyware-101.com research team has not found any victims of this malware. Second, the tested sample of the threat did not request a ransom, which is what most file-encrypting ransomware request. It appears that maybe someone created this malware just for fun or to educate themselves. In any case, even if this malware does not invade real operating systems that belong to regular Windows users, we cannot ignore it. Just in case the threat attacks, we have created a removal guide that shows how to get rid of it. More important, the guide explains how to protect the system and personal files to ensure that ransomware cannot invade in the first place. Note that the same security tips can be applied to avoid other kinds of malware too, and so you should continue reading. If you have questions – post them in the comments section. Read more »

FORMA Ransomware

FORMA Ransomware

If you run your Windows operating system using Polish, or you live in Poland, FORMA Ransomware is the threat you need to beware of, amongst thousands of others. While most infections are pretty versatile, and they use English to deliver messages intended for victims, once in a while, we see a threat that has a very specific target. That is how the threat we are discussing in this report works too. The distribution of this malware is still very mysterious, but it is likely that attackers could use spam email attacks to spread the launcher. The threat could be bundled with unreliable programs that might be available on Polish file-sharing websites too. The attackers could also spread malware randomly, but set it to attack only those systems whose IP addresses link to Poland. In any case, if this malware got in, you need to eliminate it as soon as possible, and Anti-Spyware-101.com research team is ready to help you. We have created a guide that should help you remove FORMA Ransomware, and we also discuss other options you have when deleting this dangerous infection. Read more »

Scarab-Apple Ransomware

Scarab-Apple Ransomware

No doubt Scarab-Apple Ransomware belongs to the Scarab Ransomware family. Same as other threats from it, the malware encrypts user’s files and shows a note with instructions on how to receive a decryptor. This version has its own extension called .apple, which means data that get affected should be marked with it, for example, picture.jpg.apple. It is true the decryption tool the hackers may have should be able to unlock enciphered files, but there are no guarantees they will deliver it even if you meet all of their demands. In other words, paying the ransom could leave you not only with encrypted data but also with a lighter wallet. Therefore, we do not recommend contacting the malicious application’s developers if you do not want to take any risks. To clean the system and stop it from showing the threat’s ransom note after each restart, we advise deleting Scarab-Apple Ransomware with the instructions available below or your chosen antimalware tool. Read more »

FilesLocker Ransomware

FilesLocker Ransomware

FilesLocker Ransomware is a threat that enciphers files and places .[fileslocker@pm.me] extension at the end of each damaged file’s title. Unfortunately, even if you remove the extensions, the data will still be unreadable. The safest way to restore it is to replace locked files with backup copies. It is true, the hackers behind the malware offer their decryption tools in exchange for a payment, but needless to say, you cannot be sure they will keep up to their promises. Because of this, we advise not to take any chances and get rid of FilesLocker Ransomware. If you think it is the best course of action too, we encourage you to erase the malicious program with the instructions located at the end of the article or a legitimate antimalware tool of your choice. Read more »