iLock Ransomware

PC security analysts have observed attacks involving the iLock Ransomware in January 2017. The first versions of the iLock Ransomware were observed in March 2016 carrying attacks in the wild, often with variants possessing different names. Earlier variants of the iLock Ransomware seemed to target computer users in Russian-speaking locations only. This is the opposite of many ransomware Trojans that are designed to avoid attacking computers where the Russian language is set as the default system language. This newer version of the iLock Ransomware, released in January 2017, includes English and Russian versions of the ransom note, named ‘WARNING OPEN-ME.txt’ and ‘ВНИМАНИЕ_ОТКРОЙТЕ-МЕНЯ.txt.’ The iLock Ransomware uses a strong encryption method that prevents computer users from recovering their files after they...

Posted on January 10, 2017 in Ransomware

Nemesis Ransomware

The Nemesis Ransomware is an encryption ransomware Trojan that uses a strong encryption method to prevent computer users from accessing their files. The Nemesis Ransomware is just one of the countless ransomware Trojans that use email addresses in the @india.com domain. Like other ransomware Trojans, the Nemesis Ransomware is designed to encrypt the victim’s files and then demand the payment of a ransom in exchange for the decryption key that is necessary to recover the affected files. Countless variants of the Nemesis Ransomware were released in the last year. One of the reasons why threats like the Nemesis Ransomware are so successful in their attacks is the use of a combination of AES and RSA encryption to make the victim’s files completely inaccessible. Even if the Nemesis Ransomware is removed from the infected...

Posted on January 10, 2017 in Ransomware

Reg TuneUp

The Reg TuneUp software is marketed as a reliable Registry cleaner that can remove bad Registry entries, which will result in an overall better computer performance. Reg TuneUp is developed by Jawego Partners LLC, which claims its product is equipped with an advanced scan engine that finds Registry errors and ensures smooth functionality of the computer. Computer users that run Windows 7, 8.1 and 10 can download Reg TuneUp at regtuneup.com and affiliated software distribution platforms. Reg TuneUp is offered with a trial period during which users can test the scan engine of Reg TuneUp and identify problems with their OSes. You will need to head over to regtuneup.com and buy a commercial license if you want Reg TuneUp to fix problems on your PC. The license is priced at 39,95 USD/37.74 EUR and allows you to benefit from the complete...

Posted on January 10, 2017 in Possibly Unwanted Program

Startnewtab.info

Startnewtab.info was listed in reports for browser hijacking that came in the second week of January 2017. Computer users submitted complaints that their browser loaded Startnewtab.info automatically and their new tab page included content from Startnewtab.info. Researchers had a look into the registration of Startnewtab.info and reported that the site is registered to the 104.27.182.7 IP address. Evidently, the Startnewtab.info site is related to suspicious domains like Egkee.xyz, Mrtzc2.net and Atrakcje-swiata.pl that are known to offer access to cracked versions of licensed programs. Startnewtab.info is presented to users as a search portal that benefited from steady Internet traffic in April 2016 and experienced a significant drop in popularity as of July 2016. Network analysis from the following months reveals that...

Posted on January 9, 2017 in Browser Hijackers

SearchFormsOnline

The SearchFormsOnline software is developed by Mindspark Interactive Network, Inc. and functions as a browser add-on. The SearchFormsOnline browser add-on may support Google Chrome, Internet Explorer and Mozilla Firefox. SearchFormsOnline can be found at Searchformsonline.com and may be promoted to users via freeware distribution platforms and legitimate advertisements. The SearchFormsOnline program is marketed as a tool that can help users find free printable forms for the United States government or state governments. The SearchFormsOnline add-on is not likely to be of much use to users living in other countries since it is aimed at Web surfers based in the United States of America. Computer users are welcomed by Mindspark to install the SearchFormsOnline extension to their browser of choice and access printable forms for free. The...

Posted on January 9, 2017 in Possibly Unwanted Program

‘Error Code : 062-050-117’ Pop-Ups

The ‘Error Code : 062-050-117’ pop-up alerts that may interrupt your online activity are not legitimate security alerts. The ‘Error Code : 062-050-117’ pop-ups are generated from content on Web pages hosted on sites like search.moviecorner.com. Fake search engines and corrupted ads may bring up the ‘Error Code : 062-050-117’ dialog boxes on your screen. The message on the ‘Error Code : 062-050-117’ pop-ups serves as advertisement for fake computer support agencies. We have seen the ‘Error Code : 062-050-117’ pop-up promote services on the 0800-098-8835 toll-free phone line, which you can dial in Skype by Microsoft. Cyber security experts note that the ‘Error Code : 062-050-117’ alerts are associated with legitimate services by Microsoft, and you should not trust...

Posted on January 9, 2017 in Adware

Ocelot Locker Ransomware

The ‘Ocelot Locker’ Ransomware was first observed on January 9, 2017. The ‘Ocelot Locker’ Ransomware is being distributed probably by disguising a corrupted executable file as a popular free application available on low-quality websites. The ‘Ocelot Locker’ Ransomware also may be linked to various exploit kits. The ‘Ocelot Locker’ Ransomware does not have an encryption engine or any advanced features that, despite its appearance, emulates encryption ransomware Trojans; the ‘Ocelot Locker’ Ransomware is simply a screen locker that seems to have an educational purpose. Although the ‘Ocelot Locker’ Ransomware prevents computer users from accessing their machines by locking its screens, the ‘Ocelot Locker’ Ransomware does not affect the victims’...

Posted on January 9, 2017 in Ransomware

Globe3 Ransomware

The Globe3 Ransomware is a variant in the Globe Ransomware family that is themed after the popular movie ‘The Purge.’ The Globe3 Ransomware uses a ransom note, and Desktop picture themed after this movie and appends the extension ‘.purge’ to each file affected during the attack. The Globe3 Ransomware is a typical encryption ransomware variant. The Globe3 Ransomware encrypts the victims’ files using a strong encryption method. The Globe3 Ransomware then displays a ransom note that demands that the victim pays a large sum in exchange for the decryption key needed to recover the affected files. Fortunately, PC security analysts have released a decryption utility that can help computer users recover their files after a the Globe3 Ransomware infection. It is likely that the Globe3 Ransomware spreads using...

Posted on January 9, 2017 in Ransomware

Advanced File Optimizer

The Advanced File Optimizer is a tool that is marketed to help the user manage file types and programs on their PC more efficiently. According to its official page at Advancedfileoptimizer.com the Advanced File Optimizer software is able to provide advanced functionality regarding identifying unknown data formats and finding the proper program you need to open them. The Advanced File Optimizer software by Systweak Software Inc. is built around three modules: Handling file associations Easy scanning for unknown formats Fix problems related to file formatting The Advanced File Optimizer program has a trial version that is free for personal use. The trial version of Advanced File Optimizer allows users to identify conflicts on the system that stem from bad file associations. You will need to open Advancedfileoptimizer.com and...

Posted on January 9, 2017 in Possibly Unwanted Program

‘Error # DW6VB36’ Pop-Ups

‘Error # DW6VB36’ Pop-Ups is a misleading and potentially unwanted pop-up notification that is associated with a troubled computer fix service. ‘Error # DW6VB36’ Pop-Ups may display at random when you are surfing the internet. In some instances, ‘Error # DW6VB36’ Pop-Ups may load as a result of having adware or unwanted browser components installed on your computer. Use of the ‘Error # DW6VB36’ Pop-Ups instructions or provided phone number may connect you with a representative that may claim they can fix the error message on your computer but may require a substantial payment for doing so. The removal of ‘Error # DW6VB36’ Pop-Ups for computer users who find the pop-up to be annoying may be done by using an antimalware tool. Allowing ‘Error # DW6VB36’ Pop-Ups to...

Posted on January 9, 2017 in Adware

‘Search whatever you’re looking for!’ Browser Hijacker

‘Search whatever you’re looking for!’ Browser Hijacker is a misleading notification and web page that may lead computer users into an Internet search feature that is unwanted due to the questionable results that it may return. The ‘Search whatever you’re looking for!’ Browser Hijacker may be part of a survey scheme that attempts to get users inputs and rack up several impressions and clicks on advertisements for the purpose of generating advertising revenue. Removal of ‘Search whatever you’re looking for!’ Browser Hijacker may be left to using an antimalware tool or the manual process of finding any related browser plugins or extension add-ons that have loaded. In some circumstances, ‘Search whatever you’re looking for!’ Browser Hijacker will load due to...

Posted on January 9, 2017 in Browser Hijackers

Zwhip Ads

Zwhip is part of a questionable site and adware that may be part of causing a web browser to load an alternative Internet search site as the default home page or default new tab page for most popular web browsers. Zwhip, as a potentially unwanted program, may be loaded through the download of bundled applications or freeware from the Internet. The associated website of Zwhip may be presented as a generic search engine site where results that are rendered may be accompanied with several advertisements or sponsored links. Computer users wanting to eliminate Zwhip may do so through removal of the associated plugins or add-on extensions within their web browser applications. Moreover, removal of Zwhip may be done automatically by the use of an antimalware program.

Posted on January 9, 2017 in Adware

MafiaWare Ransomware

The MafiaWare Ransomware is a ransomware Trojan that is used to force computer users to pay large sums after taking their files hostage. The MafiaWare Ransomware uses an attack method that is typical of these attacks. Ransomware Trojans like the MafiaWare Ransomware take victim’s files hostage by encrypting them with a strong combination of encryption algorithms. Once the victim’s files have been encrypted, they become completely inaccessible without the decryption key (which the con artists hold in their possession). The MafiaWare Ransomware delivers a ransom note, threatening the victims with the permanent loss of their files unless the ransom is paid. PC security researchers consider threats like the MafiaWare Ransomware a powerful and severe threat to the computer’s security. You should take preemptive measures...

Posted on January 6, 2017 in Ransomware

‘hnumkhotep@india.com’ Ransomware

The ‘hnumkhotep@india.com’ Ransomware is a ransomware Trojan that is used to force computer users to pay large sums to recover their files, which are taken hostage by this threat. The ‘hnumkhotep@india.com’ Ransomware belongs to the same family as the Globe Ransomware , a family that is notable for leaving very short ransom notes and for carrying out a simple, but effective ransomware attack. The ‘hnumkhotep@india.com’ Ransomware first appeared in the initial days of 2017. There is little to distinguish the ‘hnumkhotep@india.com’ Ransomware from other members of the Globe Ransomware family of encryption ransomware Trojans. The ‘hnumkhotep@india.com’ Ransomware may spread using corrupted email attachments that use macros to download and install corrupted content on the...

Posted on January 6, 2017 in Ransomware

Hidden-Peach Ransomware

The Hidden-Peach Ransomware is an encryption ransomware Trojan. Con artists use the Hidden-Peach Ransomware to force computer users to pay large sums. These threat infections carry out their attacks by taking the victims’ computers hostage, demanding that the victim pays a ransom to restore access. There are different approaches that ransomware Trojans can take to lock computers users out of their machines. For example, some ransomware Trojans will use a lock screen that prevents computer users from accessing their Desktop. Encryption ransomware Trojans like the Hidden-Peach Ransomware are among the most threatening ransomware since the damage they cause may be irreversible. Threats like the Hidden-Peach Ransomware are designed to encrypt the victim’s files using a strong encryption algorithm, making the files inaccessible....

Posted on January 6, 2017 in Ransomware