The Brotherhood Ransomware

The Brotherhood Ransomware

The Brotherhood Ransomware is a file-encrypting threat our researchers encountered recently. According to them, it is doubtful the malicious application is being distributed yet as they believe it is still in the development stage. If you read the rest of our article, we will explain to you why we think the malware is not finished yet and how it works at the moment. What’s more, at the end of this article you should find our prepared deletion instructions. They might help users to get rid of The Brotherhood Ransomware if the hackers start distributing it. However, it is essential to understand the given steps might not necessarily work because if the malicious application ever gets finished, its working manner could change as well, for example, it could place data on the system that we would not expect to see at the moment of writing. Therefore, it might be safer to use a legitimate antimalware tool instead. Read more »

PlayThunder Offers

PlayThunder Offers

Do you want to see ads on any website you visit? Probably, you do not, but that is what you are likely to face if you download PlayThunder Offers. The word “offers” in the name reveals that advertising is an integral part of the service. Sure, the adware (advertising-supported program) does not hide the fact that it delivers ads, but this transparency should not make you think of it as a trustworthy tool. Instead, Anti-Spyware-101.com research team suggests looking at it as a potential threat. Can we guarantee that you would face security issues if you interacted with this adware? We certainly cannot, but it is our duty to warn you about the bad and the ugly of every questionable service and program. In this report, we review the suspicious extension, and that should help you make an informed decision regarding its removal. If you are not sure you want to delete PlayThunder Offers, we strongly recommend that you keep reading. On the other hand, if your mind is made up already, the removal guide is waiting for you. Read more »

Scarab-Bin Ransomware

Scarab-Bin Ransomware

Scarab-Bin Ransomware could change your Desktop picture with an image that should have a text on it saying: “Hello my friend! For instructions for decrypting files, please write here: mrbin775@gmx.de mrbin775@protonmail.com.” Unfortunately, users who encounter this malicious application might need decryption tools since the infection locks various private files with a secure encryption algorithm. Nonetheless, we would still recommend against contacting the malware’s creators as it could lead to them asking for a ransom and if you pay it, you might find you have lost the money in vain. That is because there is always a possibility the hackers will not bother to send decryption tools even if they promise or guarantee it. Therefore, if you do not like the idea of being tricked, we would advise erasing Scarab-Bin Ransomware with the instructions located at the end of the article or a legitimate antimalware tool. Read more »

Gollum Ransomware

Gollum Ransomware, also known as Bitshifter Ransomware, is a malicious application that locks files on victims’ computers. It is a typical ransomware infection that has been designed to encrypt data. There is only one thing that distinguishes it from other ransomware-type infections – it has been observed that it might also try to steal cryptocurrency wallets and some other personal information. In other words, it makes files unusable and, on top of that, it works as an info-stealer. If you have opened this report because you have encountered this malicious application, make sure you erase it from your system because it might be launched again incidentally and lock all your new files. It will not need your permission to do this. Ransomware infections are one of the nastiest malicious applications that are available on the market, but, luckily, Gollum Ransomware does not seem to be anywhere near sophisticated malicious software, i.e. it does not block system utilities, does not drop a bunch of different components, and it does not make any changes in the Run registry key, so you should be able to delete it from the system manually quite easily. Unfortunately, none of your files will be decrypted. Read more »

Mobsuite.site

Mobsuite.site is presented as “the world smartest Mobile Advertising platform.” Specialists say that it is mainly used for monetization purposes, so do not be surprised if it presents you with commercial advertisements one day. It might also be responsible for various redirections. According to researchers, it should target only Android users, but it does not mean that you can click on ads it shows if you are presented with them while surfing the Web on your Windows computer. It is not likely at all that users open this website consciously. Instead, they experience an immediate redirection to it after clicking on an untrustworthy link, or they simply have untrustworthy software that automatically opens it on their devices. Usually, advertising networks are closely related to adware or potentially unwanted software. We do not say that Mobsuite.site is malicious, but it might still diminish your browsing experience by showing all those ads and causing automatic redirections, so it would be best to get rid of it. Some users will no longer see any ads coming from Mobsuite.site when they quit an old habit of clicking on suspicious links/visiting dubious websites, whereas others will have to remove untrustworthy software from their devices to make it gone. Which group do you belong to? Read more »

Search.searchjsmtmp.com

Search.searchjsmtmp.com

Search.searchjsmtmp.com is considered to be a browser hijacker that might alter homepage and default search engine preferences. As a result, the affected browser may start loading this site every time it is launched or when the user begins a new search. The thing users should know about it is that together with the displayed search results there could be doubtful advertisements from various third parties. Our researchers say they cannot be one hundred percent sure, but they believe some part of such material could be possibly malicious, which is why they advise against the browser hijacker’s usage. We will talk more about it further in the article so if you are interested in learning more about Search.searchjsmtmp.com; we invite you to read the rest of this text. Additionally, users will find instructions showing how to erase it manually just slightly below the article. Read more »

AnimusLocker Ransomware

AnimusLocker Ransomware

AnimusLocker Ransomware is a newly-discovered malicious application you might encounter if you keep your system completely unprotected, i.e. security software is not installed on it. Ransomware infections are one of the nastiest malicious applications available because they target the most valuable user’s asset – personal files. If this infection ever slithers onto your computer, you will find a bunch of files, including your documents, images, and music, completely encrypted. Additionally, the ransomware infection will kill Windows Explorer. The process should restart automatically, but you will need to launch it yourself if it does not revive. Technically, AnimusLocker Ransomware is not sophisticated malware, but it might still cause a lot of problems, so it would be best not to encounter it. As mentioned, you can prevent malicious software from entering your computer by installing a security application. If it is already too late for prevention, i.e. the ransomware infection has infiltrated your computer and locked your files, you must delete this infection as soon as possible so that it could not encrypt your new files. Unfortunately, you will not unlock your files even if you delete the ransomware infection fully. Most probably, you could not find a free decryptor either. Read more »

Patagonia92@tutanota.com Ransomware

Patagonia92@tutanota.com Ransomware

Patagonia92@tutanota.com Ransomware is a malicious file-encrypting program that employs a secure cryptosystem called RSA to lock all of their victims’ personal files. The worst part is the malware is set to restart with the operating system so if the user turns the computer off and then on again the threat might start encrypting his files once more. In which case, data that you might have added or created after the computer got infected would be damaged as well. Because of this, our researchers at Anti-spyware-101.com urge users to remove Patagonia92@tutanota.com Ransomware before it ruins more of their files. The malware can be eliminated manually and if you have a look at the instructions available below you can learn how to get rid of it. As for learning more about the threat you could review our full text. Read more »

PDF Convert Tab

PDF Convert Tab

It seems that PDF Convert Tab is becoming more and more popular, but you should not be one of those users who install it on their computers even if it promises to enable you to “convert PDF files directly on your new tab page” because it is considered a potentially unwanted program (PUP). Potentially unwanted applications are not dangerous at all if compared to Trojans, worms, or other threats considered malware, but we are not going to lie – it has drawbacks, so it is not a very good idea to keep it installed on the system, especially if it has slithered onto your computer without your knowledge. 13 489 users have already installed PDF Convert Tab from the Chrome Web Store, but the total number of users who have it installed on their computers must be higher because it can be downloaded directly from its official website (http://www.pdfconverttab.com) as well. It seems that not all users install it consciously. Some people say they have nothing to do with its installation, which suggests that this potentially unwanted application might be distributed differently as well. If you know nothing about its installation too, you must delete it today. This should not be too difficult if you let us help you. Read more »

Scarab-Bomber Ransomware

Scarab-Bomber Ransomware

Scarab-Bomber Ransomware is a tricky infection because it has at least two versions, but it is certain that this program is a ransomware infection that encrypts user’s files and then demands that the victims paid a ransom fee. We always say this when we deal with ransomware: paying is not an option because you would only encourage these criminals to continue committing the same cybercrimes. Therefore, you need to remove Scarab-Bomber Ransomware, and then look for ways to either restore your files or you simply start anew. Please remember that ransomware infections are really dangerous, and sometimes it is impossible to decrypt the affected data. Read more »