FrozrLock Ransomware

The FrozrLock Ransomware is a Ransomware-as-a-Service (RaaS) provider that is being advertised on the Dark Web. The FrozrLock Ransomware is being sold for $220 and marketed with the message 'great security tool that encrypts most of your files in several minutes.' The first vestiges of the FrozrLock Ransomware have been traced back to Russia, delivered through corrupted Java scripts. PC security researchers have been following the development of the FrozrLock Ransomware for some time, but its home page and name was uncovered only recently. Some Features of the FrozrLock Ransomware The following features have been associated with the FrozrLock Ransomware: The FrozrLock Ransomware is coded in C# and is multi-threaded. The FrozrLock Ransomware supports .NET > 4.5. The FrozrLock Ransomware loader is deleted automatically after the...

Posted on May 10, 2017 in Ransomware

‘Error Hard Drive Safety Delete’ Pop-Ups

Some computer users have reported the presence of the 'Error Hard Drive Safety Delete' pop-ups on their computers. Computer users should disregard the content of the 'Error Hard Drive Safety Delete' pop-ups since they are part of a well-known tactic. The 'Error Hard Drive Safety Delete' pop-ups may appear when computer users visit websites with unsafe advertising content. The 'Error Hard Drive Safety Delete' pop-ups also may be associated with unwanted components installed on a computer, such as (Potentially Unwanted Programs) (PUPs) or adware. The 'Error Hard Drive Safety Delete' pop-ups cannot be closed easily and are designed to harass computer users to trick them into calling a fake technical support number. To bypass the 'Error Hard Drive Safety Delete' pop-ups, it will be necessary to close the Web browser using the Windows Task...

Posted on May 9, 2017 in Adware

System.donation-tools.org

The System.donation-tools.org domain is reported by users who are redirected to the site and related pages whenever they open a new tab and start an online session. Web surfers that experience redirects via System.donation-tools.org may have installed adware or a browser hijacker that transmits data to the 104.45.213.51 IP address where System.donation-tools.org is registered. A program on your PC may have made mortifications to the parameters of the shortcuts for your Internet browser and forced you to load System.donation-tools.org by default. We should add that the System.donation-tools.org site has a clone hosted on the same IP address but with a different name—irh-system.cloudapp.net. Both portals refer to the following links: h[tt]p://irh-system.cloudapp(.)net/SearchPage.aspx?n=irh-system...

Posted on May 9, 2017 in Browser Hijackers

mixGames Search

The mixGames Search browser plug-in by Mixplugin.com is promoted as a helpful addition to your Google Chrome that can help you search for "FREE unlimited" games as advertised on their Chrome Webstore page at Chrome.google.com/webstore/detail/mixgames-search/kcboafodfidhkjhhagekcbeepegnccha. The mixGames Search plug-in can be found under the name 'mixGames Start' at Mixplugin.com as well. The mixGames Search app is designed to make several alterations to your Internet settings as a way to customize your browser experience and deliver the promised functionality. PC users are not required to pay for installing and using the mixGames Search app, but they will need to provide mixGames Search with the following privileges: Ul> Read and change all their data on the websites they visit. Change their search settings to games.searchalgo.com The...

Posted on May 9, 2017 in Browser Hijackers

Searchy.online

Searchy.online is presented to visitors as a simple and straightforward search service that employs the same color theme as Google.com. Moreover, the search results page appears to be a near-perfect replica except for the app drawer in the top right corner and search lenses that allow users to explore results by category. Some users may think that Searchy.online may be a creation of Google Inc. that is aimed at users with a limited Internet connection. However, Searchy.online has nothing to do with Google except its blatant copy of the company's color theme. The Searchy.online site is operated and maintained by Search Engage Ltd. that is the company behind several clones of searchengage.com, which include: bitcro.com sugabit.net search.hr searchy.online The Searchy.online portal is a clone of Searchengage.com that does not differ from...

Posted on May 9, 2017 in Browser Hijackers

BitKangoroo Ransomware

The BitKangoroo Ransomware is a ransomware Trojan that, as part of its attack, will delete the victim's files completely. PC security researchers first received news of the BitKangoroo Ransomware in early May of 2017. The BitKangoroo Ransomware represents a real threat to victims' files and data due to the extreme nature of its attack. While many ransomware Trojans threaten the victim with deleting data, the BitKangoroo Ransomware follows through and deletes the victims' files if the ransom is not paid in a certain time. This may be in part to disguise the fact that there exists a decryption application that can help PC users recover from the BitKangoroo Ransomware infection, which is not the case with most ransomware Trojans that are active today. The Attack of this Kangaroo is Severe but Can be Defeated The BitKangoroo Ransomware...

Posted on May 9, 2017 in Ransomware

Media Player Air

The Media Player Air is not considered as a threat but as a Potentially Unwanted Program (PUP) that may travel bundled with freeware installers or may be installed by the computer users due to its description since it is advertised as a very useful tool: 'Air Media Player is a powerful media player designed with simplicity and efficiency in mind. As a media player intuitive enough for the everyday user, Air Media Player flawlessly plays every media format, from MP3 and MP4 to FLV and MKV. Besides its versatile support for playing different media formats, Air Media Player is also extremely light on CPU and memory usage, providing you with a rich and responsive experience. Speaking of experience, Air Media Player supports playing extremely high definition videos from 1080p to 4K and 8K qualities. Standard DVDs are also supported, as well...

Posted on May 8, 2017 in Possibly Unwanted Program

ComboTab

The ComboTab is a Google Chrome extension is associated with a rather severe browser hijacker that may use the Combotab.com domain to show numerous advertisements, redirect users to online stores and show pop-up windows occasionally. The ComboTab is advertised as a tool that can provide computer users with an easy search, 'A simple new tab page for your Chrome with Weather, Search and Quick Apps' but its browser hijacker may manipulate the settings of Google Chrome to show pop-ups by ComboTab and open several tabs loaded with advertisements every time you start an online session. Browser hijackers and adware applications may use shareware or free games to penetrate a computer without the user knowledge. Additionally, the ComboTab browser hijacker may use a Registry key to obstruct you from changing your default search provider and...

Posted on May 8, 2017 in Browser Hijackers

Kolytorelflbe.ru

The Kolytorelflbe.ru domain is deemed as suspicious by security analysts and is associated with a browser hijacker and adware. The Kolytorelflbe.ru hijacker is designed to perform occasional redirects to kolytorelflbe.ru/?token=5ao3q and may promote optimization utilities, harmful software, browser toolbars and similar suspicious content. Users affected by the Kolytorelflbe.ru browser hijacker may want to know that it may have arrived on their PCs as a browser assistant enclosed with a free software bundle. The Kolytorelflbe.ru browser hijacker can manipulate Google Chrome, Mozilla Firefox, and Internet Explorer and divert users when they print a URL address, click on links on a Web page or do a search on Google. Moreover, the Kolytorelflbe.ru domain may be used by third-parties to deploy cyber threats Security analysts strongly advise...

Posted on May 8, 2017 in Browser Hijackers

Beautify Desktop Wallpaper

Users who are experiencing the rotation and changes of their desktop wallpapers by an application named Beautify Desktop Wallpaper may want to know that Beautify Desktop Wallpaper is associated with adware and Potentially Unwanted Programs (PUPs). The Beautify Desktop Wallpaper serves as a gateway to connections with various websites that may share information about your machine and get instructions from its developers. When Beautify Desktop Wallpaper is running on an affected computer, it may connect to the sites https://servicehost.cf, https://svc-host.net, https://nvda.cf, https://svc-host.net,https://moz-update.cf and https://ms-dev.cf. The Beautify Desktop Wallpaper is not considered as harmful, but the applications and websites linked to it may slow down your computer and display unwanted advertisements. If you have Beautify...

Posted on May 8, 2017 in Possibly Unwanted Program

Carrerafun.club

The Carrerafun.club domain is used by adware developers to show pop-ups that resemble the 'Blue Screen of Death' (BSOD) messages on Windows to promote fake technical support services. The BSOD messages warn that the affected computer was blocked due to suspicious activities and the crooks behind it may try to convince users to call the phone number 844-575-3213 for help. The people that are on the other side of the phone line, according to the message, are Microsoft associates that will solve the problems that are affecting the user's computer. You should keep in mind that the BSOD pop-ups by Carrerafun.club in your Web browser are propelled by adware. The adware associated with Carrerafun.club may have arrived on your PC as a plugin for your Web browser that was part of a freeware bundle. Most computer users that install freeware via...

Posted on May 8, 2017 in Browser Hijackers

News1fr.org

News1free.org is a suspicious website that may appear to be a genuine and trustworthy search service website. However, in truth, News1free.org may be connected with browser hijackers and adware that may hijack the PC user's Web browser and lead to disturbing diversions to potentially advertising websites involving News1free.org. Browser hijackers and adware associated to News1free.org also may replace the default start page and search provider with News1free.org on the Web browser, or open News1free.org in a new tab window. Adware and browser hijackers linked to News1free.org may make modifications to the default browser settings on the PC. Browser hijacker and adware applications also may gather information of the PC user, such as browsing habits, preferences and similar data with the intent of showing pop-up advertisements from...

Posted on May 8, 2017 in Browser Hijackers

Hpwombat

HPWombat is an adware that may affect Web browsers such as Mozilla Firefox, Google Chrome and Internet Explorer. HPWombat may modify the default settings on the PC, which may result in annoying browser diversions to unreliable websites related to this adware. HPWombat may make modifications to the browser and the DNS settings without the PC owner's acknowledgment. When the computer user is trying to do an online search in any popular search provider, HPWombat may change or fill the search results with unwanted pop-up advertisements. If the PC users click on a search result that includes random pop-up advertisements, they may get diverted to questionable websites associated to HPWombat unwillingly. The websites that involve pop-up advertisements were created with the aim of possibly making a profit from clicks on advertisements and...

Posted on May 8, 2017 in Adware

Measuring.online

Measuring.online is a questionable website that with the help of related browser hijackers and adware may display unwanted pop-up ads and messages on the affected PC. Measuring.online may be compatible with the Web browser of your choice, no matter if you choose Mozilla Firefox, Internet Explorer, Google Chrome or other trustable search engines. Measuring.online is advertised as an application that will give the computer users the possibility of 'contribute to a wealth of knowledge' by allocating their browsing preferences. Measuring.online also may be used by adware creators to promote their services and products. Websites associated with Measuring.online may display annoying advertisements promoting various paid bogus security tools and other Potentially Unwanted Programs (PUPs). Once installed on the computer, adware and browser...

Posted on May 8, 2017 in Browser Hijackers

CryptoMeister Ransomware

The CryptoMeister Ransomware is a ransomware Trojan that seems to be targeted to French speakers. The CryptoMeister Ransomware carries out a typical ransomware attack, encrypting the victims' files and then asking for a ransom to come up with the decryption key needed to recover the affected files. Threats like the CryptoMeister Ransomware take the victims' files hostage and then demand the payment of a ransom. PC security experts strongly counsel affected users to refrain from paying the CryptoMeister Ransomware ransom, because there is no assurance that the people responsible for this threat will keep their word and deliver the decryption key. Furthermore, paying the CryptoMeister Ransomware ransom allows con artists to continue developing and releasing threats like the CryptoMeister Ransomware. The CryptoMeister Ransomware – A...

Posted on May 8, 2017 in Ransomware