Author Archives: Max Lehmann - Page 105

DetoxCrypto Ransomware

Posted by on August 24, 2016 No comments
DetoxCrypto Ransomware

DetoxCrypto Ransomware is a release variant of PokemonGo Ransomware, but it has some slight differences that set it apart it from its predecessor. Our security experts suggest that you remove this before it encrypts your files because testing has shown that, currently, it does not work. Still, our researchers have analyzed it because it can spring into life at any time. It can infect your PC and say that your files have been encrypted, but will not encrypt any files. Yet, it is set to offer you to purchase a decryption key for a substantial sum of money. Please continue reading to learn more. Read more »

UPortal

Posted by on August 23, 2016 No comments
UPortal

UPortal is a browser hijacker that users might download with bundled installers. This application could hijack user’s browser and replace the default homepage or search engine. As a consequence, instead of your favorite web page, the browser might start loading greenet.xyz. The main problem is that the search engine may show you third-party advertising, which could promote malicious web pages or unreliable software. Thus, if you do not want to expose the system to threats, it is highly advisable to get rid of the application. If you take a look at the instructions below, you will see that UPortal could be removed while resetting the hijacked browser. However, if more doubtful programs managed to enter the system, you may want to use a security tool that would deal with all possible threats. Read more »

Searchinvietnam.com

Posted by on August 23, 2016 No comments
Searchinvietnam.com

Searchinvietnam.com is a browser hijacker. Even if you let it in yourself, it is classified as a browser hijacker because it provides users with false information. When installing this search provider, you might be made believe that it is the best search tool on the market, when, in reality, it is not. In fact, it does not even work as a search provider. Instead of scanning the web for useful results, it redirects your search queries to a third-party search engine. Sure, Yahoo Search – which is the provider you will be exposed to – is not considered malicious, but the hijacker might use this engine to showcase sponsored links. According to Anti-Spyware-101.com researchers, it is likely that this hijacker will be spread bundled with an extension created by Imali Media. In that case, the hijacker could take over your browsers unexpectedly. In any case, we recommend removing Searchinvietnam.com right away, and this report includes all the information you need to eliminate this hijacker. Read more »

Funnysiting.com

Posted by on August 22, 2016 No comments
Funnysiting.com

We can assure you that you have a browser hijacker installed on your computer if you see Funnysiting.com in the place of your default search engine when you open your browser. Specialists have managed to find out that the Funnysiting.com browser hijacker is targeted at users whose default browsers are Mozilla Firefox or Google Chrome; however, there is a small possibility that you might notice that the settings of your Internet Explorer have been changed too. Either way, you should hurry to get rid of Funnysiting.com despite the fact that it looks like an ordinary search engine. It will not be easy to remove the browser hijacker that belongs to the Elex family, especially when they have started using .bat files to open particular websites they promote. Of course, you will find more detailed information about the deletion of this browser hijacker here, so, we hope, it will be clearer for you what you need to do to erase this threat after reading the article. Read more »

Purge Ransomware

Posted by on August 22, 2016 No comments
Purge Ransomware

Purge Ransomware is a threat that encrypts user’s private data after opening an infected file, which could be downloaded from malicious file-sharing web pages or Spam emails. The ones who created the malware demand their victims to contact them via powerbase@tutanota.com email address and pay the ransom in seven days. The ransom note even says that the more you wait, “the higher the payment gets.” By saying so, the cyber criminals are probably trying to scare users into paying the money. However, we advise you not to give in to this pressure. The best course of action is to read the article and learn more about the malware before deciding what to do. On the other hand, if paying the ransom is not an option to you, we advise you to erase the threat with the removal instructions below the text. Read more »

USB Locker

Posted by on August 19, 2016 No comments
USB Locker

USB Locker is a strange application that our research team at Anti-Spyware-101.com recognizes as a potentially unwanted program, o PUP. According to our research, an official website that would represent this program does not exist, which is a bad sign. Legitimate and authentic programs usually rely on their official websites for representation. Because the PUP is not represented, we cannot review the privacy policies and other legal information associated with it. Even illegal, malicious programs might have misleading sites representing them, and so the inexistence of a representative site is truly worrying. On top of that, this poses a serious question regarding the distribution of the program. We have tested this PUP in our internal lab, and we can answer all of your questions regarding it. The most important of these questions, of course, is how to remove USB Locker, and we talk about this in the report as well. If you want to discuss further anything mentioned in this report, you can start a discussion in the comments area below. Read more »

Smrss32 Ransomware

Posted by on August 19, 2016 No comments

Smrss32 Ransomware is a dangerous ransomware infection that seems to be all over the place. It encrypts a whooping 6,674 file types, so one would think that with this infection on-board, the affected computer could be rendered inoperable. However, the program still leaves the basic system files because it still needs to extort your money out of you, right? Before that happens, you have to close all the notifications delivered by this infection, and then look for other potential intruders. Malicious programs seldom travel on their own, so you have to do everything in your power to protect your system from a severe infection that never ends. Read more »

**Your Computer has been blocked** +1-(888)941-3234

Posted by on August 19, 2016 No comments
**Your Computer has been blocked** +1-(888)941-3234

The **Your Computer has been blocked** +1-(888)941-3234 notification will pop into your screen when you expect it the least. In our case, this fake alert is generated by a browser hijacker, but it is very likely that it could be used by other unwanted programs, too. Although there is no particular way to get rid of just this fake alert alone, you can seriously stop **Your Computer has been blocked** +1-(888)941-3234 from appearing by resetting your browser settings and by deleting all the potentially harmful programs that are installed on your PC. These annoying nuisances might not seem dangerous, but they could seriously damage your system if you do nothing about it. Read more »

Search.gomaps.co

Posted by on August 18, 2016 No comments
Search.gomaps.co

Users who download the Go Maps by SaferBrowser extension are bound to face Search.gomaps.co. This search engine is represented via the New Tab page that the extension takes over. Although it might seem as if the extension represents links to Google Maps, Yahoo Maps, Bing Maps, and Traffic, all of these links are part of the search engine interface, and you do not need to download the extension to access it. All that you need to do is enter the URL of this search tool into your address bar, and the same links will be displayed for you. The extension is set up only to represent the search tool, which is why it is considered useless. Although it is a good enough reason to remove Search.gomaps.co and the extension associated with it, our research team warns that there are other reasons to delete this threat from your PC. If you are curious about these reasons, you should keep reading. Read more »

PokemonGo Ransomware

Posted by on August 17, 2016 No comments
PokemonGo Ransomware

PokemonGo Ransomware has nothing to do with the popular game as it is a malicious program created to extort money from its victims. Apparently, it targets user’s private data that could be enciphered while using the AES encryption algorithm. Unfortunately, the malware might encrypt not only your private data but also gain access to the system. Thus, it is advisable to delete the infection as soon as possible. Luckily, our researchers tested the malicious application and learned how to erase it manually. Accordingly, we prepared a manual removal guide that is available below the text. However, if you want to understand fully how the ransomware works or how it is distributed, you should read the rest of the article. Read more »