Antario Phelps – Malware Board

May 24

Beware! Hackers steal users’ financial data by scamming Game of Throne streaming free

The Popular TV series, Game of Thrones came to an end. Fans from different countries rushed to watch the finale the epic fantasy saga. The serial however telecast on HBO TV network, however, its premium cost $15 a month which is too high for many and many users did not want to pay the for the premium service and the last option that they had and what they choose to download/stream the series online. Despite of the high price, the views of the 8th season broke earlier records, triggering a surge of posts on social media that encouraged the people who did not want to pay to join the ranks. Multiple scam sites started claiming to provide the full Game of Thrones episode for free, reported by Kaspersky security researchers: “As soon as season 8 premiered, hordes of people began looking for it online. No legitimate options existed — if Read more

May 24

Easy steps to delete SppExtComObjHook.dll Virus

How to remove SppExtComObjHook.dll Virus SppExtComObjHook.dll is a file that is associated with various illegal software activation tools. Such a tool activates the Microsoft Windows or Office products even without having pay for it. When such a tool is opened, antivirus tool detects SppExtComObjHook.dll as a malicious virus. More about SppExtComObjHook.dll Virus SppExtComObjHook.dll could be a legitimate file- a Dynamic Link Library file which is require by software to store data, link and resources, running inside for good reason. It is usually located in C:\Windows\Temp folder. The main problem is that antivirus tools detect it as a threat under such names as Tool_c.DV or Trojan Patched4_c.CHQT and even after the removal of the file, security program detects it again. Users have also reported about several PC issues inside their PC preventing them to operating it. Researchers say this file has activation tools such as KNSAuto, AutoKMS, Re-Leader are its component Read more

May 24

How to remove Exploit.MSOffice.Gen from the system

Easy steps to delete Exploit.MSOffice.Gen Exploit.MSOffice.Gen is huge risk Trojan infection that is able to intrude in any Window and Mac PCs without users’ permission. It is distributed by the common distribution method. This includes the combination of spam emails and malicious sites containing payload that initiates the scripts of the virus. It causes lots of unwanted ads and fake notifications and warning alerts which would be dangerous for your PC. It also promotes fake software and convinces the users to download to its recommended software for the safety which in turn will not going to do any such behavior as recommended rather cause many more issues and could create the false positive case inside the PC. How does it affect the system? Exploit.MSOffice.Gen is a very harmful Trojan which conducts various fraudulent activities inside the PC. Once infiltrates, it will modify registry key, PC arrangements DNS configurations and other Read more

May 24

Remove Torlock.com from the system

Complete Torlock.com removal instructions Torlock.com is a questionable torrent website. Initially, it might seem legitimate and handy. However, it asks each user to enable notifications which would allow this website display ads, scams and other commercial contents. This function is however legitimate and now a day many a legitimate website use it. However, the problem with Torlock.com site is that it is often use the notifications to promote other malicious sites. It can cause several system infections. More about Torlock.com The bad actor of Torlock.com site abuses the function of the push notifications to promote other websites. The amount of the ads and pop-ups display is excessive and is increasing more while users surfing the internet. This disturbs the web browsing experiences the system performances. The ads and pop-ups that it displays are generally attached with some tools that enable third parties’ products and services. Such promoted components might be Read more

May 24

.rectot Files Virus (Stop Ransomware) –remove it (files retrieval method included)

All you should know about .rectot Files Virus (Stop Ransomware) Personal files inside a computer get renamed with “.rectot” extension name without users’ approval and become inaccessible, when users have STOP ransomware in their device. This is a ransomware type of virus that intrudes by stealth when the users get tricked by some phishing scam emails and make a click somewhere on the emails presenting harmful executable or suspicious hyperlinks. It is delivered for the sole motive to urge the victims to pay ransom fee. To achieve this goal, the ransomware locks the files stored on the system by using AES and RSA 1024-bit military grade encryption, making directly files decryption almost impossible. Ransom note is then dropped on the screen to demand money as a ransom to allegedly get the files recovered. .rectot Files Virus (Stop Ransomware)– way of infiltration A payload dropped that initiates malicious scripts of the Read more

May 23

Windows 10 Zero-day Vulnerability in Task Scheduler

SandboxScaper, a security researcher and revealer of exploits has released details of a Window 10 zero-day that affects Task Scheduler. This time the exploit could enable the attacker to grab the full control of Window 10 or Window server files. The findings were shared on GitHub also on the Blogspot blog of the SandboxEscaper. For the one who has not known heard about zero days, here is short detail what it is: “Zero-day is nothing but a flaw in software or hardware or firmware. It may be termed as vulnerability or an attack that has zero days between the time the vulnerability is discovered and the first attack. It is known by the company or the party responsible for patching or fixing that flaw.” This is the fifth time the hacker releases a Windows zero-day. This time, the zero day vulnerability is located in Task Scheduler which enables users to Read more

May 23

How to remove ONYC ransomware from the system

Easy steps to delete ONYC ransomware ONYC ransomware is a type of ransomware that is created by Cybercriminals with a sole motive to pressurize the victims into paying ransom money. In order to fulfill this task, they deliver this malware which upon getting install, will encrypts the all personal files stored on the system, making them inaccessible. ONYC ransomware is mostly distributed by using the common phishing scam emails. Such an email attaches with a payload that initiates the malware scripts of the ransomware. The message on the emails encourages or sometimes pressurize the recipients to click somewhere on the emails containing some executable files or hyperlinks with the payload. Once clicked, the payload activates and starts running inside the PC. More about ONYC ransomware Before starting the encryption process and after intruding the PC, ONYC ransomware downloads several executable for altering the Window registry, compromising security end, MBR modifications, Read more

May 23

How to remove SocialDownloadr from the IE, Firefox and Chrome browsers

All you should know about SocialDownloadr SocialDownloadr is a browser hijacker application. It has its official website. The description of the software tells that it offers backing up the photos. However, its claiming is wrong. Most of the users have reported that this software intruded in their device without their permission. SocialDownloadr install on the browsers such as Google Chrome, Internet Explorer and Mozilla Firefox as an extension. Soon after that, you will notice the presence of the module search.SocialDownloadr.com on their browsers’ default homepage, search engine and tab pages. The unwanted programs install other helper objects in the affected PCs without users’ permission to prevent the settings to be restored. This makes the people forced to surf the Internet with the malicious module till the malicious app present inside the PC. Risk associated with SocialDownloadr SocialDownloadr set the questionable website on the search engine that always redirects the search Read more

May 23

Easy ways to remove Search.filecompressorpro.com

How to delete Search.filecompressorpro.com The searches get redirect to Search.filecompressorpro.com website is an indication that your browser has been hijacked by some potentially unwanted program or a browser hijacker. The PUP could intrude with some other software download when you did not use the correct download and installation method. Do not need to be panic. Here we have got the solution. Read the article throughout and see how you can easily get rid of the Search.filecompressorpro.com redirect on your browser. What is Search.filecompressorpro.com? Search.filecompressorpro.com is a fake search engine, is injected on the browsers when some unwanted app gets inside the PC. The malicious module takes the place of the active browsers’ homepage, search engine and tab page and alters the web browsing session. Being a search engine, it should show its own search result. However, it has seen that this module shows the search result by redirecting the search Read more

May 23

Complete guide to remove Sanliverto.com

How to delete Sanliverto.com Sanliverto.com is an adware program that appears on the browser screen to trick people into allowing it to push notifications or redirect links. The program itself is not that harmful as its components. The pop-ups continuously appear on the browser screen and will make the session difficult. They can deliver third party applications and affect the security of the device. Initially, Sanliverto.com is injected on the browser by some potentially unwanted program upon getting inside by stealth. The intrusion of PUP of this type generally occurs when users download and install some third party software and fail to use the correct installation moment. The PUP then injects the questionable module, in particular, to the active browsers. Then, the module displays numerous advertisements, scams on the browser screen. It shows push notification pop-ups to allow it to show ads and pop-ups directly to the desktop. Any such Read more