The Enjey Crypter Ransomware is a Trojan that locks your files through an encryption routine that reorders their data according to a specified algorithm. The rest of this Trojan's payload drops messages asking you to make payments for restoring your content, which should be treated as a last-resort option if you consider it at all. Along with keeping backups that make its attacks ineffectual, you can use updated, professional anti-malware software to detect and delete the Enjey Crypter...

The CryptoJacky Ransomware is a Trojan that blocks your files by encrypting their contents with an AES algorithm. Its attacks include fraudulent legal notifications implying that the data-blocking effect is a penalty for you breaking unspecified Internet regulations. Ignore the ransom-based recovery method and other information this threat provides and use anti-malware products to remove the CryptoJacky Ransomware, after which you may recover your files by other means. While ransom-based...

The KRider Ransomware is a Trojan that can lock your files by encrypting them, an attack that con artists may abuse for collecting ransom money. Since the Trojan is incomplete and its campaign has yet to launch, malware experts are unable to provide perfect predictions of its infection methods. Using security tools for detecting the KRider Ransomware ahead of time and backups for recovering afterward are standard, recommended defenses that are likely to retain effectiveness against this...

Earlier this month, Symantec published a new post on its official blog, which concerned the possibility of the CIA being behind a notorious hacking group that the cyber security company has been tracking for years. Symantec stated that it has managed to connect the exposed CIA files and tools to at least 40 attacks that were carried out across 16 countries around the world. The report focused on the techniques that were used in attacks carried out by a group that Symantec has named...

The FabSysCrypto Ransomware is a variant of the Hidden Tear family, a set of ex-public domain source code that lets software encrypt and lock files from opening. The FabSysCrypto Ransomware's authors are using these capabilities to collect ransoms, which malware experts recommend not paying, when possible. Use backups or free decryptors to recover your content, but only after uninstalling the FabSysCrypto Ransomware with a professional anti-malware product. Malware researchers can confirm...

Thesearchweb.net is a search engine that shares the same design and features as Urmare.ro. However, both domain names point to different IP addresses so that it is clear that the pages don't share the same hosting account and, therefore, might belong to different owners. Just like it's alternative version, Thesearchweb.net also relies on browser hijacking software to attract more visitors. Thesearchweb.net browser hijackers may be spread via various software propagation techniques, and they...

Adware applications are harmless programs whose installation might lead to some minor annoyances, such as the introduction of a large number of ads in all active Web browser windows. Often, adware might be installed without the user's knowledge, and the big number of ads might surprise the affected user. One example of an adware application that uses such methods is DragonBoost. When users install this software either unknowingly or not, they may end up being exposed to a large number of the...

The 'Antivirus Coupons' tech support scam is a new clever scheme that con artists may use to trick people out of their money. The elaborate tactic works by redirecting users to a phishing page that tells them that they've won a free anti-virus program and they can claim it immediately to enhance their computer's security. The 'Antivirus Coupons' tech support scam then asks the users to enter some personal information such as their name, address, and phone number. However, after submitting...

The 'Invite Friends' extension is a Web browser extension that is featured on the Chrome Web Store and has over 2,000 active users, yet it does not appear to offer any valuable utilities. When the extension is installed, it adds a new button to the Google Chrome menu, but when users opt to click it, it just takes them to the Chrome Web Store page of the 'Invite Friends' extension. Although the 'Invite Friends' extension appears to do nothing, it is important to note that when it is installed,...

The Vanguard Ransomware is a Trojan that can encrypt your files to block them, which it exploits for motivating you to pay a ransom for the decryption key. Unlocking your content via other means isn't always possible, and malware experts advise that you back up any files that you can't afford to lose during such attacks. Ideally, your anti-malware solutions should detect and remove the Vanguard Ransomware before it begins locking anything on your PC. Although threat actors using...

The 'avastvirusinfo@yandex.com' Ransomware is a new version of the Xorist Ransomware, a Trojan that uses a TEA or XOR-based method of encrypting and locking your local files. A significant missing feature from this family, including the 'avastvirusinfo@yandex.com' Ransomware, is the lack of the preservation of a decryption key for unlocking the damaged content. Use anti-malware programs to, hopefully, block and remove the 'avastvirusinfo@yandex.com' Ransomware, and backups to keep it from...

Faststartpage.com is a page that is meant to host a search engine that may provide users with access to some extended features and quick links. However, at the moment, Faststartpage.com redirects to Net-quick.com, another domain that serves a similar purpose by hosting a slightly customized Google Search feature. Both domain names appear to host legitimate content, but there is another reason why they were spotted by security researchers – both Net-quick.com and Faststartpage.com appear to be...

Searchis-cng.ru is a domain name that is associated with an aggressive browser hijacker that might diminish the Web browsing experience of users who opt to install it on their computers significantly. The installment of the browser hijacker in question may often happen without the user's knowledge since it may rely on dubious software propagation methods that aim to trick users into authorizing the installation of the Searchis-cng.ru hijacker unknowingly. The peculiar thing about this...

The Lock2017 Ransomware is a Trojan that extorts money from its victims after locking their files with a ciphering routine. The evidence that malware experts can gather indicates that this threat may be a part of the Crysis Ransomware family, which uses potentially unbreakable file-locking techniques. Backing up your files and having anti-malware products for eliminating the Lock2017 Ransomware upon its detection are the two critical defensive measures against this threat. With new...

The NoteHomepage Toolbar is a piece of software published by Mindspark Interactive Network. This browser toolbar is meant to provide users with a neat and convenient utility that will allow them to create shopping lists, keep notes, to-do lists, manage projects and tasks, and store other text-based information. Furthermore, all notes created and stored with the NoteHomepage Toolbar can have their font size and color changed, therefore allowing users to arrange their notes conveniently. While...

No-block.net is a browser hijacker site and one that may offer services for your web browser that supposedly make it easy to gain access to blocked services over the Internet. Use of the No-block.net site isn't harmful. Though, the No-block.net site may offer various links or advertisements that cause redirects to other sites that may be associated with the initial browser hijacker. In some cases, No-block.net will load automatically as either a default home page or new tab page for your...

Show Fanatic is a potentially unwanted program as deemed by computer security researchers mostly due to the questionable functions of Show Fanatic in changing web browser settings and such. Show Fanatic may offer computer users the ability to view movies or stream media content through the Internet. While the use of Show Fanatic may not be harmful to a PC, there are several unwanted actions performed by Show Fanatic that may cause redirects or load questionable sites. Moreover, Show...

The Wallet Ransomware is a new version of the Dharma Ransomware, a builder-generated Trojan that different threat actors can configure with the intent of locking various types of files for money. After encrypting your local data, the Wallet Ransomware creates messages asking for Bitcoin payments to give you the decryptor, which may or may not work as advertised. Using anti-malware products to protect your PC from the Wallet Ransomware is equally as important as possessing backups to give you...

The CYR-Locker Ransomware is a Trojan that blocks your screen with pop-ups threatening that it's encrypting your files, which it uses for extorting money. Current versions of the CYR-Locker Ransomware don't encode any data, although malware experts continue encouraging backing up your content, in case this Trojan receives updates. Software with traditional anti-malware features may identify and delete the CYR-Locker Ransomware without allowing it to block your screen. 'Ransomware' style...

Researchers from Heimdal Security report about a version of the notorious ransomware TorrentLocker that is currently spreading around through email attachments. Two large spam campaigns have been detected in the past few days carrying the TorrentLocker variant and they all target users in Denmark. This time around, the malware campaigns are extremely aggressive, so experts warn users to be watchful about what e-mails they receive. The best tip is never to open an attachment in an e-mail...