iMedia Start

The iMedia Start, also seen as the iMedia Search, is an application that you can find at ienjoyapps.com/utilities/imedia/. The iMedia Start (iMedia Search) software by ienjoyapps.com is promoted as a useful addition to the browser of users that like to browse media on their online sessions more than anything. The iMedia Start supports a version for Google Chrome only. PC users that are interested in the iMedia Start (iMedia Search) may need to do a transition from another browser to benefit from the iMedia Start extension. The official page of the iMedia Start says that the extension can enable users to download media files on their drives easy and fast. The statement on ienjoyapps.com/utilities/imedia/ reads: ‘Get all the media you want directly to your hard drive using iMedia, the best free tool available! This professional...

Posted on January 17, 2017 in Possibly Unwanted Program

Extminooop Ads

If there are too many pop-up windows titled ‘Ads Powered by Extminooop’ on your screen, there is a chance you are infected with the Extminooop adware. The Extminooop adware is a program that is designed to flood the user’s desktop with marketing materials from promoters and advertisers. The Extminooop adware may be bundled with free browser extensions and media players to reach a greater number of users. The Extminooop adware may alter the way your browser works and behaves. For example, the Extminooop adware might change the layout of your new tab page and generate a list of promotions whenever you open a new tab. The Extminooop adware may add parameters to the shortcut for Google Chrome, Internet Explore, Edge and Mozilla Firefox. The parameters set by the Extminooop adware may cause redirects to suspicious pages...

Posted on January 16, 2017 in Adware

‘Your Connection Is Not Safe’ Pop-Ups

The ‘Your Connection Is Not Safe’ alerts in your browser may make you think that a third-party is trying to collect data on your PC. The ‘Your Connection Is Not Safe’ alerts are styled after the ‘Your Connection Is Not Safe’ notifications by Google Safebrowsing and many users may consider calling the phone line listed on their screen. However, the ‘Your Connection Is Not Safe’ messages are phishing messages that may be presented on your display by a browser hijacker. The browser hijacker associated with the ‘Your Connection Is Not Safe’ pop-ups may run as an extension, add-on and a Browser Helper Object depending on your browser of choice. You may have installed a fake browser plug-in that can redirect you to the ‘Your Connection Is Not Safe’ messages whenever you...

Posted on January 16, 2017 in Adware

LambdaLocker Ransomware

The LambdaLocker Ransomware is a ransomware Trojan that was uncovered in January 2017. The LambdaLocker Ransomware will use a combination of the AES-256 and SHA-256 encryption to make the victim’s files inaccessible. The files encrypted using the LambdaLocker Ransomware will be identified by the file extension ‘.lambda_l0cked.’ The LambdaLocker Ransomware then drops a ransom note in the form of an HTML file named ‘READ_IT.hTml’ on the victim’s Desktop. The LambdaLocker Ransomware’s ransom note delivers a message that is both in English and Chinese. This makes it likely that the LambdaLocker Ransomware infection is designed to target computer users in China. According to the LambdaLocker Ransomware’s ransom note, the victim’s must pay 0.5 BitCoin (approximately $450 USD) to...

Posted on January 16, 2017 in Ransomware

HakunaMatata Ransomware

The HakunaMatata Ransomware is a ransomware Trojan that is used to take the computer users’ files hostage and then demand the payment of a large ransom in exchange for their recovery. The HakunaMatata Ransomware is similar to countless other ransomware Trojans that are active in the wild currently. PC security researchers advise computer users to take preventive steps to ensure that their files are well protected from these attacks. Some important steps to take include installing a reliable security program that is fully up-to-date and having backup copies of all files on an external memory device or the cloud. The files infected by the HakunaMatata Ransomware will be marked with the file extension ‘.HakunaMatata,’ a philosophy that became popular in Walt Disney’s ‘The Lion King’ and its...

Posted on January 16, 2017 in Ransomware

CryptoSweetTooth Ransomware

The CryptoSweetTooth Ransomware is a ransomware Trojan that is used to force computer users to pay large sums of money. The CryptoSweetTooth Ransomware is identical to various other ransomware Trojans that are active in the wild and belongs to a large family of ransomware Trojans based on HiddenTear, an open source ransomware engine project that is the basis for a large number of encryption ransomware Trojans released in 2016 and 2017. The CryptoSweetTooth Ransomware may be distributed via corrupted email attachments, in the form of corrupted documents attached to spam email messages that use some social engineering tactic. The CryptoSweetTooth Ransomware uses exploits involving macros and JavaScript to infect the victims’ computers. The current version of the CryptoSweetTooth Ransomware seems only to exist in a Spanish...

Posted on January 16, 2017 in Ransomware

Kaandsona Ransomware

The Kaandsona Ransomware is an encryption Trojan that was discovered on January 16th, 2017 when users reported strange files with the ‘.kencf’ extension. The Kaandsona Ransomware may be referred to as the RansomTroll Ransomware on some cyber security blogs considering the logo of the Trojan is a green troll glancing at a laptop. There are security experts suspecting that the Kaandsona Ransomware is developed in Estonia considering that the name can be pronounced as ‘Käändsõna’ in Estonian, but there is no evidence to support a thesis for the origin of the Kaandsona Ransomware. Trojans such as the Kaandsona Ransomware are developed in a ‘clean environment’ that is a virtual PC that has limited access to the Internet and serves as a proxy. When the Kaandsona Ransomware is packed, it undergoes a...

Posted on January 16, 2017 in Ransomware

Adobe Issues Emergency Update to Flash Due to Cerber Ransomware Attack

Ransomware has been a major nuisance in the computer security community in the recent years making history has one of the most dangerous types of malware. Ransomware has propagated to the point that Adobe is having to release an emergency update to its Flash application due to a security flaw that is being exploited to deliver ransomware to Windows PCs. If you are not all familiar with ransomware, it is wise to know that such threats will infect your system usually from a malicious spam email attachment where it will then load and encrypt several files on your computer. From there, ransomware is known to display a notification demanding payment from $200 to $1,000 to obtain a decryption key, which is claimed to decrypt and restore all encrypted files so they can then be accessible again. In the recent months, ransomware has evolved...

Posted on January 13, 2017 in Computer Security

Search.rapidserach.com

Search.rapidserach.com is a generic site that may appear as a search provider with links to popular services like Facebook, IMDB, Netflix, Instagram and YouTube, and include widgets related to shopping, news and media streaming. Search.rapidserach.com is owned by Stepitapp LTD., which operates a platform that enables advertisers and software developers to monetize their work. Search.rapidserach.com is associated with a browser extension that may be distributed to users via software bundles. The extension linked to Search.rapidserach.com may feature the name RapidSearch and claim to enhance your online experience. It may not be a good idea to install software related to Search.rapidserach.com because the site is reported in cases of browser hijacking. Search.rapidserach.com is not a legitimate search provider and acts as a gateway to...

Posted on January 13, 2017 in Browser Hijackers

TrojanDropper:JS/Exjaysee.A

TrojanDropper:JS/Exjaysee.A is a detection name used by security scanners. TrojanDropper:JS/Exjaysee.A refers to a computer Trojan that is written in the JavaScript programming language that is mostly found on Web servers. The technical detection name can change with time since the author can modify the code and release the Trojan again. Thus, security researchers work with names that can adapt. The root name is Exjaysee followed by the version identifier ‘A.’ The root name is preceded by two prefixes—the threat type and primary programming language. Trojans like Exjaysee and Febipos may include code written in other languages to expand their capabilities and send commands to various peripheral devices and modules. The author of the Exjaysee Trojan may have decided to write the program in JavaScript since it is a...

Posted on January 13, 2017 in Trojans

DirectionsBuilder

DirectionsBuilder is software that is promoted as a navigation tool, which requires integration with the Internet browser to work best. DirectionsBuilder works as a browser add-on that can be used to compile routes to desired destinations and export them as directions guides. Computer users that want to explore new commute routes, optimize their trips, and create a useful digital map for their vacation may be willing to give the DirectionsBuilder add-on a try. DirectionsBuilder has an official page that you browse at Directionsbuilder.com and determine if it meets your needs. DirectionsBuilder is published by Mindspark Interactive Network, Inc. DirectionsBuilder feels, looks and behaves nearly identically to a few extensions released by Mindspark in the past, which include DirectionsWhiz , FindYourMaps Toolbar , and FreeMaps...

Posted on January 13, 2017 in Possibly Unwanted Program

Marlboro Ransomware

A new ransomware family known as Marlboro Ransomware was reported recently. Fortunately, in less than 24 hours, malware researchers tracked down the Marlboro Ransomware infection, analyzed it, and released a decryption program. The Marlboro Ransomware was first observed on January 12, being spread through spam email messages. These messages include a corrupted Microsoft Word attachment that downloads and installs the Marlboro Ransomware on the victim’s computer. If your machine has been exposed to the Marlboro Ransomware, malware researchers recommend using the available decryption utility to restore the affected files after removing the Marlboro Ransomware completely with the help of a reliable security application. The Marlboro Ransomware exists in two versions currently, targeting 32-bit and 64-bit versions of the Windows...

Posted on January 13, 2017 in Ransomware

Hackers Turning Large Profits Selling Zero-Day Exploits to Attack Computers and Networks

Have you ever wondered where some hackers get the tools to attack and compromised other computers and networks over the Internet? Well, as it turns out, there is a massive market where hackers are turning large profits to sell off zero-day exploits, which are known as a vulnerability or a hole in software known to others. With the nearly endless vat of computers connected to the Internet, which all run some form of software that may have known security holes, hackers are inclined to take advantage of those zero-day vulnerabilities actively. Zero-day exploits have long been known to be a major profit area for hackers and there is a massive underground society devoted to marketing and selling off these zero-day exploit packages. All in all, hackers are motivated to earn hundreds of thousands of dollars in active campaigns to sell off...

Posted on January 12, 2017 in Computer Security

Search.tagadin.com

Search.tagadin.com is registered as a site dedicated to business and economy. However, Search.tagadin.com appears to host a search service and resemble Google.com in many ways. The Search.tagadin.com site features what is known as ‘doodles ‘ on Google.com, which is a 500×200 pixel image that may appear hand-drawn and is usually related to an important event during the day. The design of Search.tagadin.com has similarities with the layout of Google back from 2010 when we had a black bar at the top and quick links to video, news, and images. Search.tagadin.com is owned by Resoft Ltd. that you may know for the TappyTop browser and the Safe Finder extension that are classified as riskware. Also, Resoft Ltd. operates the Snap.do search portal that is associated with more than a few cases of browser hijacking....

Posted on January 12, 2017 in Browser Hijackers

MovieCorner (Search.moviecorner.com)

MovieCorner is advertised as a multi-platform software that can help users find the best movie for a night with their friends and family. MovieCorner is developed by Findinfo Ltd. with the aim to provide users around the world and all platforms with easy access to movies. MovieCorner can be incorporated to Internet Explorer, Safari, Google Chrome and Mozilla Firefox. The official site for MovieCorner is Search.moviecorner.com/movies where you can find a link to Search.moviecorner.com/movies/films/list-all that includes the list of titles available on MovieCorner. However, you may be surprised to find that all movies provided via MovieCorner were uploaded on the same date—September 6th, 2016. The movies at Search.moviecorner.com/movies/films/list-all date as far back as 1944 to 2008. The extensive library of movies you may be promised...

Posted on January 12, 2017 in Browser Hijackers