Viro Ranasomware

Viro Ranasomware

A new HiddenTear-based ransomware infection has been spotted in the wild by malware researchers. It has been given the name Viro Ranasomware. At the time of writing, it does not encrypt any files, so it is believed that it is still in development. No matter you have discovered your files encrypted or not, you must still immediately delete this infection from your system because there is a huge possibility that it one day will be updated and then will lock your personal files without mercy. Ransomware infections usually target the most valuable files like pictures, documents, text files, and videos. Then, they demand a ransom in exchange for the decryption tool. Although Viro Ranasomware does not encrypt personal files, it still asks money from users, so it has been categorized as ransomware not without reason. Since Viro Ranasomware is still in development, it is impossible to purchase the password that has to be entered in the pop-up window opened on Desktop. Specifically speaking, no information about the payment is provided even though it tells users to send money. Luckily, the pop-up window opened can be easily closed and the new wallpaper set changed at the time of writing, so you do not even need this password. The new updated version of this threat might provide the step-by-step instructions explaining how to send the money required, but, in this case, our piece of advice for you remains the same – you must delete Viro Ranasomware from your computer. Yes, you are right – we are strictly against making payments to malicious software developers. Read more »

Checkspeedsearch.com

Checkspeedsearch.com

Checkspeedsearch.com is a search engine that comes bundled with a browser extension named Check Speed Search. Its promotional campaign claims that it can allow you to test your Internet speed but that is thanks to the search engine because this extension does almost nothing. Nevertheless, we have classified Checkspeedsearch.com as a browser hijacker because its accompanying extension replaces the homepage address of a browser without the user’s consent. Therefore, you ought to remove it. Apart from that, it can collect information about you and then use is to present you with advertisements presented as search results. Read more »

Movie-Hub

Movie-Hub

Movie-Hub may sound like a fun and handy tool, but soon after downloading it, you might realize it is not exactly what you have expected. In such case, it would be advisable not to waste any time with this extension and erase it from either with the removal steps available below or a legitimate antimalware tool you trust. Apparently, the plugin is thought to be a potentially unwanted program (PUP). It does not mean the application is harmful, however; it warns the user it could introduce him to possibly malicious content. For more information about Movie-Hub and the ways it may affect your browsing users should read the rest of our report. Also, provided you have more questions about the PUP or need more assistance with its deletion, you can contact us via social media or leave a comment below the article. Read more »

Unknown System Failure Scam Tech Support Scam

Unknown System Failure Scam Tech Support Scam is the most recent tech support scam currently on the web. Its creators want to convince you that your computer has been infected with spyware and a virus, and call their promoted tech support phone number to receive assistance. However, you will not get anything useful out of that call because the techies on the other end of the line are most likely incompetent and can offer you useless fake anti-virus programs as well as charge for their services even though the number should be toll-free. In any case, you should remove this scam from your PC, provided that it is shown by a malicious browser extension. Nevertheless, malicious websites can redirect you to this scam page as well. Read more »

Pdfconvertsearch.com

Pdfconvertsearch.com

Pdfconvertsearch.com is a browser hijacker that poses as a file converter. It should be able to convert PDF files to other formats and vice versa; however, it does not do that. If you try to convert files, you are introduced to a server error suggesting that the storage on LockBytes cannot be opened. This means that the hijacker serves you as a search tool, and, unfortunately, it is not one you could trust. According to the analysis conducted by our Anti-Spyware-101.com malware researchers, the hijacker can record personal information, and the search results it shows can be unreliable. These are the two main reasons we recommend removing Pdfconvertsearch.com from your browser. At the time of research, this threat was targeted at Chrome, Firefox, and Internet Explorer browsers, but things could change in the future. If a different browser got hijacked, we will help you remove the infection, but you have to inform us so that we could provide you with the appropriate instructions. You can also use the comments section to ask questions related to this infection. Read more »

Ransed Ransomware

Ransed Ransomware

Ransed Ransomware is a relatively new threat that can infiltrate your computer and try to encrypt your personal files. Luckily, this ransomware program may not be the deadliest hit to your PC. Our malware researchers at anti-spyware-101.com say that this infection may not even work properly as there seems to be no connection with the C&C (Command and Control) server. This becomes quite obvious as even a pop-up error window claims it. This ransomware program was programmed in .Net, which let our researchers have a peep into its functions and operations. Since this threat could encrypt your important files, it should be regarded as a warning for you to keep a backup somewhere safe. A lot of ransomware attacks end with victims losing their files because there is no free file recovery tool appearing on the web or even if they pay the ransom fee, the criminals do not deliver the decryption key. In this case, your files seem to be untouched, but we cannot take responsibility for the future; if this connection issue gets resolved, this ransomware may as well encrypt your files. Therefore, it is vital that you remove Ransed Ransomware ASAP from your PC. Read more »

Quakeway Ransomware

It looks like Quakeway Ransomware might be currently inactive, but users may still come across this malicious program. The malware’s sample our researchers at Anti-spyware-101.com tested did not encipher any files located on the computer, although the infection’s shown warning message claimed the complete opposite. However, it does not mean the threat cannot encipher data since the further research revealed it should be capable of doing so. In such case, the encrypted files should be marked with a second extension called .org, e.g. photograph.jpg.org. It seems to us the best course of action after encountering Quakeway Ransomware is removing the malicious program from the system as soon as possible. It would probably be easier to erase it with an antimalware tool, but you can try the manual deletion instructions available below the text too. Read more »

Aubamy Downloader

Aubamy Downloader is an untrustworthy add-on targeted at users who browse with Google Chrome. The extension might be distributed through suspicious pop-up ads found on unreliable web pages. Our researchers report such pop-ups might seem to be difficult to close and users could install the add-on only because they believe it is the only way to leave the entered website. If this is how you received Aubamy Downloader and now you regret adding in onto your browser we encourage you to use the deletion instructions located at the end of the article and eliminate the threat. The program was categorized as a potentially unwanted program, and it does not look like it has any useful features, so we doubt you will miss it. As for more information on the extension, we urge you to read the rest of the report. Read more »

Scorpio Ransomware

Scorpio Ransomware

There are no good things that we can say about a program that goes by the name of Scorpio Ransomware. If you are not intimately familiar with these types of applications, you can consider yourself lucky and should take all possible action to avoid them. That is so because programs classified as ransomware are created for a single purpose - to lock vast amounts of data on the affected operating system. This might have disastrous outcomes if you use your computer for work or otherwise important activities. In some instances, files affected by this malware might be corrupted once and for all. It goes without saying that such functionality cannot be tolerated under any circumstances. To have a full understanding of the intricate inner workings of this malicious program and to learn how you can protect your PC from it, be sure to read our report. Besides all of that, we also present a detailed removal guide that you must use immediately if you already have Scorpio Ransomware up and running on your PC. Read more »

Search.hemailloginnow.com

Search.hemailloginnow.com

Search.hemailloginnow.com is a hijacker that can take over your Mozilla Firefox, Google Chrome, or Internet Explorer browser, most likely, when you install “Email Login Now.” This is a browser extension that is officially represented via emailloginnow.com/Email?, as well as the Chrome web store at chrome.google.com/webstore/detail/email-login-now-v11/mjkcdpcenfkkhlcbfeddiannpeenpilh (only for Chrome users, of course). If you install this add-on from either of these sources, it should be clear that it comes bundled with the hijacker. Unfortunately, there is no option to reject the hijacker, and so some users might be pushed into accepting it without even meaning to. Overall, the extension could be spread via unreliable installers, and users could acquire the hijacker unknowingly. Also, there is always a possibility that it will be spread on its own. Regardless of the situation, Anti-Spyware-101.com research team strongly recommends removing Search.hemailloginnow.com right away. Hopefully, you can get rid of his hijacker by deleting “Email Login Now.” Read more »