Author Archives: Max Lehmann

Pabluk Locker Ransomware

Pabluk Locker Ransomware

Pabluk Locker Ransomware is a seemingly dangerous malware infection that seems to mostly target Polish computer users. Generally, ransomware programs are considered to be one of the most dangerous threats that can hit your computer; however, this particular infection is similar to Ransoc Screenlocker and TowerWeb Ransomware in the sense that it only locks your screen. In other words, this malicious program does not actually encrypt your important files to demand a ransom fee for the decryption key or software. Instead, these criminals ask money for a code that you could use to unlock your computer; well, if you were to get one at all for your money. Our malware specialists at Anti-Spyware-101.com say that you should not even bother to think about paying this fee this time since we have found a way to remove Pabluk Locker Ransomware from your PC without any collateral damage. Read more »

Chipopo

Chipopo

Even though Chipopo can be downloaded from the Chrome Web store, it does not mean that it is an extension that can be completely trusted. Of course, users do not know that it is a potentially unwanted program, or a PUP, so we cannot blame them for downloading and installing this browser extension. Chipopo is a piece of software working on Google Chrome only. It should enable users to access Wallpapers in HD quality for free, conveniently browse the list of these Wallpapers and set them, and even share them with friends through Facebook, email, Twitter, and MMS. On the basis of the information provided in https://chrome.google.com/webstore/detail/mefgljidkdaapgnfgkoffgodejejpnkf, it is an application that should enable users to personalize their home screens. Unfortunately, it has turned out quickly it is not as beneficial as it claims to be. All it does is go to set a new default search engine on a Google Chrome browser after the installation. Yes, it might be possible to change the background of this page, but that is it. Users who do not find this piece of software very useful or cannot explain how it has ended up on their PCs should go to remove Chipopo without mercy. Let’s find out more about this potentially unwanted program first and only then go to get rid of it. Read more »

XAMPP Ransomware

XAMPP Ransomware

XAMPP Ransomware is a new malware threat on the web that means real danger for those who work with PHP, such as software developers. As a matter of fact, this ransomware may not be a final version since it only seems to attack one directory specific to PHP development and encrypts a few extensions only. Of course, this could be a terrible loss for you if you are a programmer and do not have a backup on a removable drive. Another strange thing about this Italian language malware program is that it only demands a few euros in return for the decryption key. In any case, we do not advise you to pay up because there is no guarantee that you would get this key and that you could recover your files. But, if you want to use your computer without security threats, we suggest that you act now and remove XAMPP Ransomware ASAP. Read more »

Erebus 2017 Ransomware

Erebus 2017 Ransomware

Erebus 2017 Ransomware is a new malicious application encrypting files. Some specialists say that it is a new updated version of Erebus Ransomware, which was spotted some time ago by malware analysts, but it is more likely that it belongs to another creator. Even if it turns out to be true that it is a new version of Erebus Ransomware, Erebus 2017 Ransomware does not share many similarities with this old version. Of course, just like all threats that fall into the category of ransomware, it also encrypts users’ files. Judging from a long list of filename extensions it targets, users could no longer access Word documents, pictures, text files, slides, and other valuable files after this threat performs the file encryption process. Even though this file-encrypting threat does not have an extension it appends to all encrypted files, original extensions of the encrypted data are still changed using the ROT-23 method. It is a simple letter substitution cipher, so, for example, the icon_128.sqj file receives a new extension the icon_128.png. Ransomware infections rarely use this method to change original extensions of those files they encrypt, which makes Erebus 2017 Ransomware quite a unique ransomware infection. Of course, it does not mean that this file-encrypting threat is not harmful even though it is quite new and unique, so your top priority now should be to delete this infection fully from the system. Read more »

+1-800-236-1513

+1-800-236-1513

If you are seeing a pop-up claiming the computer was blocked due to a security breach and urging you to contact Microsoft Certified Technicians through this specific telephone number +1-800-236-1513, you most likely encountered a fake system alert. This threat may not do any damage to the computer, but it might disturb your browsing. On the other hand, the false warning can cause a lot of trouble if the user does not realize it is a scam. However, we will talk more about the possible outcomes later in the article. As for now, we want to emphasize how it is important to erase the threat that shows this fake alert. If you leave it unattended, the message might continue to appear, not to mention it could be potentially dangerous. To help users with the deletion part, we are placing instructions explaining how to close the +1-800-236-1513 pop-up, restore the affected browser, and remove suspicious add-ons from it. Read more »

Uncrypte Ransomware

Uncrypte Ransomware

Uncrypte Ransomware is a malicious program that not user should have active on their personal computer. It has been classified as a ransomware program due to its intrusive functionality. Just like any other malicious program of this category, it is fully capable of locking your personal files without any warning or authorization. It is quite obvious that such functionality of can have devastating outcomes. To understand how this devious application works in detail, make sure to read the rest of this article as we present comprehensive information discovered by our malware experts during their in-depth research. We also present a few precautionary steps since users infect their computer with this ransomware because they lack basic understanding about the importance of virtual security. Finally, we present a detailed removal guide that you should use to delete Uncrypte Ransomware if it is ever found active on your personal computer. Read more »

Digisom Ransomware

Digisom Ransomware

Digisom Ransomware is a vicious infection that encrypts files and demands a payment in return of their release. In a sense, this infection takes your files hostage, and the worst part is that you might have enabled this yourself. The ransomware is most likely to spread via spam emails (just like Padcrypt 3 Ransomware, Polski Ransomware, and others), in which case, you have opened and executed the infection yourself. According to Anti-Spyware-101.com malware analysts, cyber crooks are very inventive, and they can create highly misleading spam email attacks. For example, the launcher could be introduced to you as a document attached to an email from your bank inquiring to check your latest statement. One click is all that it takes to bring the ransomware to life. If the infection is executed successfully, it immediately encrypts your files. It adds the “7xV.x” extension to their names, which should make it easier for you to spot these files. Unfortunately, you cannot resolve the issue by removing Digisom Ransomware. Despite this, eliminating this infection is crucial. Read more »

Search.volfind.com

Search.volfind.com

Search.volfind.com is a questionable search engine that usually comes with Snap.do, a malicious application we covered some time ago. If its infiltration is successful, it immediately sets itself as a homepage. Since it is compatible with all browsers, except Edge, it has, most probably, already shown up to hundreds of users. Search.volfind.com pretends to be a decent search engine that can improve the web searching experience; however, in reality, it is just a browser hijacker which hijacks browsers and then starts generating the revenue for its author. There is no doubt that it has not been released to help users search the web more efficiently, so there is no point in keeping it set as a homepage too. Luckily, it is far from being a malicious application, so its removal should not be that complicated. Of course, you will still have to put some effort into removing it because it enters computers and immediately modifies the Start Page Value in the registry key HKCU\Software\Microsoft\Internet Explorer\Main, the prefs.js file keeping preferences of Mozilla Firefox users, and three separate files (Preferences, Web Data, and Secure Preferences) of Google Chrome so that Search.volfind.com could be set as a homepage. Read more »

Search.getfitnow.co

Search.getfitnow.co

We at Anti-spyware-101.com have recently analyzed a search engine that was reported to promote shady links in its search results. Our cyber security specialists took a look at Search.getfitnow.co and concluded that it is indeed a highly unreliable and possibly malicious search engine. Therefore, we recommend that you remove it from your PC as soon as you can because there is no telling what might happen if you continue using this search engine. If you want to find out more about this shady search engine, please read this whole article. Read more »

Ghostify

Ghostify

We highly advise you to avoid a program entitled Ghostify as its functions in a questionable way. Upon further investigation malware experts at Anti-Spyware-101.com have classified this application as a potentially unwanted program that should not be active on any users computer. Even though it is advertised as a tool that should allow you to access various web content from all around the globe, you should know that its overall functionality is questionable, to say the least. In some instances, this program could prove to be the reason other suspicious applications might already be active on your personal computer. While this potentially unwanted program does not act in a malicious way itself, we highly advise you not to take any chances with it Ghostify and conduct its complete removal. To find out more about this devious application make sure to read the rest of this article. Read more »