Pshcrypt Ransomware

The PshCrypt Ransomware is an encryption Trojan that emerged with PC security reports from Brazil on April 25th, 2017. Evidently, the threat is aimed at Windows users based in Brazil primarily. It is possible that we may register cases involving the PshCrypt Ransomware in neighboring countries since crypto-threats do not recognize international borders. It is still not disclosed who wrote the PshCrypt Ransomware Trojan, but it was reported that the threat invades systems via compromised remote desktop connections. Servers and Web portals are the primary targets for the PshCrypt Ransomware, and you may want to make sure your ports are protected, and remote desktop accounts feature strong login credentials. Initial threat analysis showed that the PshCrypt Ransomware is an independent program that behaves similarly to well-documented...

Posted on April 26, 2017 in Ransomware

‘Error # 3658fa2deb39539’ Pop-Ups

The 'Error # 3658fa2deb39539' pop-ups are bogus error messages that are part of a known tactic. The 'Error # 3658fa2deb39539' pop-ups take the form of a message presented over a black background, alerting the victim of a supposed 'suspicious activity' on the affected computer. However, the 'Error # 3658fa2deb39539' pop-ups are not generated by an anti-malware or security service. Rather, the reason for the 'Error # 3658fa2deb39539' pop-ups is the promotion of bogus technical support services, a known tactic that works by tricking computer users into calling a phone number where they will be asked to purchase fake security software or allow the con artists to have remote access to their computers. What you need to understand about the 'Error # 3658fa2deb39539' pop-ups is that these messages are not legitimate and they are part of a...

Posted on April 25, 2017 in Adware

‘Your Hard drive will be DELETED’ Pop-Ups

The 'Your Hard drive will be DELETED' pop-ups may be displayed by insecure Web pages, and are part of known online tactics. The 'Your Hard drive will be DELETED' pop-ups may be accompanied by an audio track that may add to the feeling of panic that computer users may get from encountering these messages. The 'Your Hard drive will be DELETED' pop-ups are designed to trick computer users into falling for a known tactic entirely, by causing them to panic and make poor decisions. How the 'Your Hard drive will be DELETED' Pop-Ups Hoax Works The 'Your Hard drive will be DELETED' pop-ups contain a scary message that is designed to convince computer users to call a 'technical support center.' In fact, this supposed technical support is a tactic, which will try to make money off of inexperienced computer users. The 'Your Hard drive will be...

Posted on April 25, 2017 in Adware

Track Packages Online

The Track Packages Online software is a product of Eightpoint Technologies Ltd. that provides services by Polarity Technologies Ltd. The software product can be found on trackpackages.online and chrome.google.com/webstore/detail/track-packages-online/ajmmhfnbcgmglcdddiidgfellfpnjngb where users are offered help with tracking the delivery of their packages, parcels and letters. The Track Packages Online program is designed to work as a browser extension, which customizes your new tab page and start page. PC users can install the Track Packages Online extension on Google Chrome, Mozilla Firefox and Internet Explorer for free. The services at trackpackages.online are available for free as well, but you should read the Terms and Conditions Agreement on trackpackages.online/pages/terms/ carefully. Track Packages Online is deemed as a...

Posted on April 25, 2017 in Possibly Unwanted Program

‘855-442-0666’ Pop-Ups

The '855-442-0666' pop-up alerts that may appear on your screen while surfing the Internet should be ignored. The '855-442-0666' messages are associated with compromised pages, phishing pages, and fake computer support services. Cyber security researchers report that the '855-442-0666' messages are known to be hosted on compromised sites and untrusted domains. The '855-442-0666' pop-up windows are used to direct users to call toll-free phone lines like 855-442-0666 and ask for a computer technician to take a look at their systems. Web surfers may be suggested that they can find help from a certified Apple/Microsoft support agent by calling the 855-442-0666 phone number listed on the '855-442-0666' warning. However, we strongly advise against following the instructions shown on your screen. The '855-442-0666' phone line is not...

Posted on April 25, 2017 in Adware

Search.hr

Search.hr is presented to Web surfers as a search service that employs the same color scheme you may be familiar with on Google.com. The Search.hr site is not associated with Google Inc. and appears to be an independent service that is provided by a company under the name of Cro-bit Ltd. Search.hr is not a real search engine and it functions as a redirect-gateway to Search.yahoo.com where users will find links to resources and services by Yahoo. Computer users reported cases of browser hijacking that involved the Search.hr site, which was loaded as the default start page, new tab page and search provider. Affected users may have installed a free program that was developed in partnership with Cro-bit Ltd. The company is involved in Web development, Internet marketing, computer repair and mobile phone development. Free software...

Posted on April 25, 2017 in Browser Hijackers

JeepersCrypt Ransomware

The JeepersCrypt Ransomware is a ransomware Trojan that con artists use to force computer users to pay large amounts of money. To do this, the JeepersCrypt Ransomware will encrypt the victim's files using a strong encryption algorithm. The JeepersCrypt Ransomware is being used in attacks against computer users in Brazil and other countries in South America. This conclusion comes from the spam email campaign that is being used to spread the JeepersCrypt Ransomware, which impersonates email messages from companies working in these regions. The spam email campaign will use corrupted email attachments that use compromised scripts to download and install the JeepersCrypt Ransomware on the victim's computer. These scripts will use some exploit or pop-up to trick computer users into allowing the JeepersCrypt Ransomware to bypass UAC (User...

Posted on April 25, 2017 in Ransomware

Shifr Ransomware

The Shifr Ransomware is a threat that is designed to encrypt the victims' data, making it inaccessible. This is done by these Trojans to force victims to pay a ransom to recover the affected data. After encrypting the victim's files, the Shifr Ransomware delivers a ransom note in the form of an HTML file named 'HOW_TO_DECRYPT_FILES,' demanding that the victim pays 0.1 BitCoin (approximately $130 USD at the current exchange rate) if they ever want to recover their files. Malware Trojans like the Shifr Ransomware use strong encryption algorithms such as the RSA 2048 and AES 256 encryptions to make the victim's files inaccessible to anyone without the decryption key. There was a marked rise in the number of ransomware Trojan attacks since 2015 and the sophistication of these threats. You can't Access the Files Compromised by the Shifr...

Posted on April 25, 2017 in Ransomware

‘Important Security Alert From Windows’ Pop-Ups

The 'Important Security Alert From Windows' pop-up windows that users may experience at 4xt-setup.win should not be trusted. The 4xt-setup[.]win domain is part of a network of sites that are used to promote computer support services on the 866-995-5065 phone line. However, the 866-995-5065 phone line is not associated with a legitimate company. The services advertised via the 'Important Security Alert From Windows' are provided by con artists who pretend to be employees at Microsoft Corp. and offer help to users who can't remove the 'Important Security Alert From Windows' alerts. The warnings on your screen may be loaded by a browser hijacker that has entered your system. Also, Web surfers may be redirected to pages like 4xt-setup[.]win that are designed to cause navigation problems and suggest the users that their PCs may be infected...

Posted on April 24, 2017 in Browser Hijackers

‘Windows 7 Support – Case ID’ Pop-Ups

The 'Windows 7 Support – Case ID' pop-up windows in the browser that refer to the (844)-624-2338 phone line should not be perceived as security alerts by Microsoft. The 'Windows 7 Support – Case ID' alerts are classified as fake security warnings that are designed to look as though they are delivered by the Microsoft Copr. to your screen. We have received reports that the 'Windows 7 Support – Case ID' messages may be displayed via pages like: browseclean[.]bid browseclean[.]space/Final-Notice/tito2.php# nimbleland.co[.]in/bb/www.usaa.com.inetent_logon-signon/home/pin.php realtimescan.flu[.]cc stop-immediately[.]club system-error-found.flu[.]cc/5mp-can-not-proceed/ag2lbxv5M.php The domains listed above are registered to the 108.167.146.95 IP address and have been found to host images, text, audio, and videos that are used for the...

Posted on April 24, 2017 in Browser Hijackers

‘Firewall Detected Suspicious Network Connections’ Pop-Ups

The 'Firewall Detected Suspicious Network Connections' pop-up windows that say Microsoft has detected "suspicious" activity on your machine are not legitimate security warnings. The 'Firewall Detected Suspicious Network Connections' messages might feature the Microsoft Corp. logo and appear as custom pages on Support.microsoft.com but you should not call the phone numbers listed on your screen. The 'Firewall Detected Suspicious Network Connections' notifications are used to lure users into calling toll-free phone lines that are operated by con artists. The operators associated with the 'Firewall Detected Suspicious Network Connections' notifications might claim they are certified Microsoft technicians who can help you remove the virus that is the reason for the 'Firewall Detected Suspicious Network Connections' pop-up. Security experts...

Posted on April 24, 2017 in Adware

Adblocker For Youtube

The Adblocker For YouTube (also known as 'Clean YouTube') extension claims to do what its name suggests—block ads that are placed on videos at YouTube.com. Web surfers that favor the YouTube video platform due to its large user-base and quality content providers may be interested in blocking aggressive advertisements that some channels may incorporate in their video products. Many users may not like the sponsored commercials and search results on YouTube and seek to install the Adblocker For YouTube extension. The Adblocker For YouTube app is not associated with the projects uBblock Origin and AdBlock Pro, which many perceive as the "industry leaders." We have received reports that the Adblocker For YouTube is not doing its job and some ads may lack information on their source, which suggests that adware on the system may generate...

Posted on April 24, 2017 in Possibly Unwanted Program

Microcosm New Tab

The Microcosm New Tab extension that you may install with a free software bundle choosing the 'Express' option is deemed as a Potentially Unwanted Program (PUP). The developer of the Microcosm New Tab extension designed the app to substitute the default new tab and start page on Google Chrome. Moreover, the Microcosm New Tab app's icon is identical to the 'Homepage' icon on Google Chrome and users need to hover over it to distinguish both buttons. Needless to say, if the users install the Microcosm New Tab extension with a software package they may wonder why the start and new tab pages look different. The official page of Microcosm New Tab can be found at microcosmtab.com, and the Web store page can be found at chrome.google.com/webstore/detail/microcosm-new-tab/nagnmfhgkjkplbhplkbicmpkfopmnefp. The developer of the program advertises...

Posted on April 24, 2017 in Possibly Unwanted Program

Search.searchquicks.com

The Search.searchquicks.com site is presented to Web surfers as a free search service that provides search results via a customized Yahoo engine. Search.searchquicks.com is not among the Top 10 or the Top 20 search services on the Web, and many users may not be familiar with Search.searchquicks.com. The portal is associated with the 'Quick Search' browser extension that is a product of Eightpoint Technologies Ltd. which you may know for apps like Easy Television Access and Directions Express. The generic name of the 'Quick Search' extension may be intended to fool users into thinking that it is part of their browser's native features. The Eightpoint Technologies Ltd. is known to participate in the development of an ad-supported program, which aims to reroute users to unreliable search engines. The 'Quick Search' app is not an...

Posted on April 21, 2017 in Browser Hijackers

Yousearch.io

The Yousearch.io site is offered to users as a search service with a clean and straightforward interface. The Yousearch.io site does not provide ownership information, and there is no company name listed on any of its pages. Also, the news and image search functionality does not work. Only the text and video search are somewhat operational. If you are looking to change your primary search provider to Yousearch.io there are better alternatives. The Yousearch.io service is an ad-supported portal, and it is designed to pull results from a limited number of pages when you type keywords that are listed on yousearch.io/get/index. The connection to Yousearch.io is encrypted by default but that does not mean the results shown on Yousearch.io are clean. The portal does not appear to partner with initiatives like the Google Safebrowsing, Mozilla...

Posted on April 21, 2017 in Browser Hijackers
1 2 3 4 5 6 7 8 9 10 11 12 1,144