AnDROid Ransomware

The AnDROid Ransomware is a ransomware Trojan that was first observed on March 28, 2017, in attacks targeting countries in Southeastern Asia such as Indonesia, the Philippines, Vietnam, India and Thailand. The AnDROid Ransomware is a typical ransomware Trojan variant designed to attack computers using the Windows operating system. However, there may be some confusion because of the AnDROid Ransomware's name. The AnDROid Ransomware is not designed to infect systems using the Android operating system developed by Google (although there are ransomware threats designed to attack these devices). The AnDROid Ransomware belongs to a family of ransomware that includes such threats as the SADStory Ransomware and the EnkripsiPC Ransomware. This family seems to target computers located in Indonesia, although the attacks of threats in this family...

Posted on March 30, 2017 in Ransomware

Weatherly

The Weatherly software from Polarity Technologies Ltd. provides services by Eightpoint Technologies Ltd. that you can find at Myweathertab.com. The Weatherly software offers users access to a redesigned new tab page that is powered by Search.myweathertab.com. The Weatherly program supports versions for Google Chrome and Mozilla Firefox. The version for Chrome can be found at Chrome.google.com/webstore/detail/weatherly/jnjojkfdhkanegachhfjffkhahojbklk, and the version for Firefox can be found at the official site Myweathertab.com. The app can be found listed in the Add-ons/Extensions Manager on Chrome and Firefox simply as Weatherly with a description that says: 'Elegant and simple new tab page that displays the current time and weather.' The Weatherly extension may replace your default new tab page with a black page that includes a...

Posted on March 29, 2017 in Possibly Unwanted Program

Search.aquatoria.net

The Search.aquatoria.net site is presented to Web surfers as an alternative to search services like Google, Yahoo, Bing and DuckDuckGo. The Search.aquatoria.net site is perceived as an unreliable search aggregator that is a customized version of Google. Search.aquatoria.net is powered by a heavily modified Google engine that you can find at Cse.google.com/cse/home?cx=partner-pub-6762814118689665:1887625237, which features the name '147.' When you input keywords on Search.aquatoria.net, there are no suggestions in a drop-down menu as it is the case with the original version of Google. Additionally, Search.aquatoria.net offers only text-based results. Web surfers are provided with links to resources at Cse.google.com/cse/home?cx=partner-pub-6762814118689665:1887625237, which lacks quick access to services like Gmail, YouTube, Google...

Posted on March 29, 2017 in Browser Hijackers

PyCL Ransomware

Computer users have reported their files becoming inaccessible, and a suspicious message being displayed on their computers. This message reads as follows: 'Your Personal Files Are Encrypted Your documents, photos, databases and other important files have been encrypted with strongest encryption and unique key, generated for this computer. Private decryption key is stored on a secret Internet server and nobody can decrypt your files until you pay and obtain the private key. 1. Pay amount BTC (about of USD) to address: 2. Transaction will take about 15-30 minutes to confirm. Decryption will start automatically. Do not: power off computer, run antivirus program, disable internet connection. Failures during key recovery and file decryption may lead to accidental damage on files. Your files will be lost without payment through:' This...

Posted on March 29, 2017 in Ransomware

WannaCryptor or WanaCrypt0r Ransomware

WannaCryptor or WanaCrypt0r Ransomware screenshot

The WanaCrypt0r Ransomware is an encryption Trojan that features a worm-like attack tactic. The WanaCrypt0r Ransomware is recognized as one of the most threatening and widespread encryption Trojans up until May 12th, 2017. The WanaCrypt0r Ransomware managed to compromise more than hundreds of thousand systems across one hundred and forty countries on its first release to the real world. The brunt of the attack was taken by PC users in Russia and the National Healthcare System in Great Britain. The Trojan managed to block access to most of the computers connected to the National Healthcare System and nearly 70% of the cases that involve the WanaCrypt0r Ransomware are recorded in Russia....

Posted on March 29, 2017 in Ransomware

Verrouille Ransomware

The Verrouille Ransomware harks back to an earlier time in the ransomware history. While today lock screens and encryption ransomware are threatening particularly, a previous generation of ransomware tended to focus mostly on police hoaxes, making it seem as if the ransomware infection or lock screen was part of a police operation meant to punish the victim for visiting forbidden online content or downloading illicit content. The Verrouille Ransomware targets computer users in France, displaying a scary image and message that makes it seem as if the authorities in France are punishing the victim for alleged forbidden infractions. It is clear that the Verrouille Ransomware targets computer users located in France and other French-speaking countries. The police or any similar authority will never display messages like the ones associated...

Posted on March 29, 2017 in Ransomware

Free WiFi Hotspot

You can find the Free Wifi Hotspot software from FreeWiFiHotspot Co., Ltd. at Free-wifi-hotspot.com/#!prettyPhoto as an ad-supported program that is flagged as a Potentially Unwanted Program (PUP). The Free Wifi Hotspot is offered to users that own a laptop and a desktop PC that has a wired connection to the Internet and no WiFi modem. The Free Wifi Hotspot is said to help users share their Internet connection with mobile devices that support the 2G/3G/4G/USB tethering connectivity. However, users will need a 2G/3G/4G modem attached to the computer/laptop with access to the Internet if they intend to benefit from the Free Wifi Hotspot software. Security experts have looked into the Free Wifi Hotspot and determined that it performs as expected and allows users to connect their smartphone, PSP, iPad, iPod, iPhone, Kindle and Xbox to the...

Posted on March 28, 2017 in Possibly Unwanted Program

Search Dimension

Computer users that use the Search Dimension services provided at Searchdimension.com might want to remove the Search Control browser extension associated with Searchdimension.com from their browser. The Search Control (a.k.a. Search Dimension) extension by Search Dimension Ltd. is classified as a Potentially Unwanted Program (PUP) that is known to show many advertisements in the browser and lack security checks on the content displayed at Searchdimension.com. The Search Control program is promoted as a privacy-centric browser extension, which can protect your identity online and block search engines from tracking your activity. Search Dimension Ltd. uses the same marketing pitch employed by Privacy Switch and the Shield Plus Privacy Protector. However, their product is very similar to the ZenSearch add-on and fails to provide privacy...

Posted on March 28, 2017 in Adware

Safe Save Ads

Adware on your system may generate the ads by Safe Save in your browser, which appear as banners, ad boxes, pop-up windows, hyperlinks in bold and overlays. The Safe Save adware may have entered your system as an optional component to a free program installer, which many users may handle with the 'Express' and 'Typical' option that does not allow users to make a careful selection of the components they want to be installed. The Safe Save adware functions may drop its files to the Temp folder and works similarly to the Savings Play and the Browse to Save adware. The Safe Save adware may be compatible with modern Web browsers like Google Chrome, Opera, Mozilla Firefox, Pale Moon and Internet Explorer. Computer security experts alert that the Safe Save adware may inject insecure code into the browsers that employ the Trident, Gecko and...

Posted on March 28, 2017 in Adware

Eusearch.org

Eusearch.org is presented to users as a reliable search service that you can set as your default new tab page by installing the EUSearch add-on to your browser. The EUSearch add-on works similarly to the Super Search extension and may make changes to how your browser behaves. PC users may install the EUSearch add-on with a freeware bundle since the app is not available for download at Eusearch.org. When EUSearch is installed, it would make your browser load Eusearch.org as the default new tab and may invite you to set Eusearch.org as your start page and primary search provider. Eusearch.org is powered by a custom-built version of Yahoo and offers users the option to make changes to the look of the site. Web surfers can use the gear icon at the bottom right corner to make Eusearch.org load a random photo as a wallpaper or set one of...

Posted on March 28, 2017 in Browser Hijackers

Monument Ransomware

The Monument Ransomware is a ransomware Trojan that is also known as DarkLocker. There are two versions of the Monument Ransomware; one that locks the victim's screen and the other that encrypts the victim's files to demand the payment of a ransom. While one is more difficult than the other to deal with significantly, both versions of the Monument Ransomware pose a significant threat to computer users. The Monument Ransomware is delivered to the victims' computers through the use of corrupted spam email attachments and by installing the threat on the victim's computer directly through the use of a RAT (Remote Access Trojan) or by taking advantage of poor security measures. How the Monument Ransomware Encrypts the Victims' Computers The Monument Ransomware uses a combination of the RSA-2048 and AES-256 encryptions to make the victim's...

Posted on March 28, 2017 in Ransomware

SADStory Ransomware

Malware analysts have observed threat attacks linked to a group producing low-quality threats that are calling themselves 'Mafia Malware Indonesia.' This group has claimed responsibility for various threat attacks, including the SADStory Ransomware. The SADStory Ransomware is a ransomware Trojan that is designed to infect computers, encrypt files, and ask for the payment of a ransom from the victim. The SADStory Ransomware and Other Mafia Malware Indonesia Creations The group responsible for the SADStory Ransomware was first observed in March 2016 after various attacks targeting online retailers using Magento to came to light. These attacks had been associated with the email address 'tuyuljahat@hotmail.com.' Tracking this email address has been a way for PC security researchers to follow the activities of the group responsible for the...

Posted on March 28, 2017 in Ransomware

Yelloader

The Yelloader program is classified as an adware that belongs to the Adware Helpers family of programs. The Yelloader adware may be promoted as a video plug-in for your browser and a helpful search extension for Google Chrome, Internet Explorer, Mozilla Firefox, and Opera when you explore the 'Advanced' and 'Custom' option of a free software bundle. It may be hard for users to determine if they were infected with the Yelloader adware because it keeps a low profile and does not hijack system resources. The Yelloader adware may register a new background system service named 'windowsmanagementservice,' inject DLLs into the browser and make modifications to how Adobe Flash Player works. Computer security analysts report that the Yelloader adware is associated with the following folders and executable: C:\Program Files (x86)\cpx\cpx.exe...

Posted on March 27, 2017 in Adware

Pro Flip Ads

The Pro Flip browser extension is promoted at pro-flip.webstore-advisor.net/en/install as the best online shopping widget that helps you save money smarter and faster. PC users can install the Pro Flip extension to Google Chrome and benefit from suggestions by Pro Flip on the items they are interested in. The site pro-flip.webstore-advisor.net/en/install says that Pro Flip is designed to scan pages you visit on the Internet and provide the user with options on where to purchase a certain item cheaper. However, you may want to know that Pro Flip is adware, which is a re-branded version of Enhance Pro and Price Turtle. The Pro Flip adware pretends to be a legitimate extension but it does not offer information on its developer, company and there are no contact details listed on pro-flip.webstore-advisor.net/en/install. The Pro Flip adware...

Posted on March 27, 2017 in Adware

Super-search.org

The Super-search.org and Mysupersearch.net are associated with the Super Search browser add-on that may be distributed to users via freeware bundles. The Super Search browser add-on works with Super-search.org and Mysupersearch.net to deliver search results that are said to be spot on and rival services like Google and Yahoo. However, the Super Search browser add-on is classified as a browser hijacker since most installations of the software happen automatically. Additionally, Super-search.org and Mysupersearch.net do not offer information regarding their governing company and a feedback option. The Super Search browser hijacker may redirect users to Super-search.org and Mysupersearch.net when they begin an online session, open a new tab and input keywords on the Omnibox, URL bar and search bar. The aim of the Super Search browser...

Posted on March 27, 2017 in Browser Hijackers