Thor Ransomware is the newest version of the file-encryption virus. It comes from “Locky” ransomware family, that uses asymmetric cryptography (RSA-2048 and AES-128 encryption algorithms) and appends various file extensions to encrypted files. This family uses names of Thor comics character: .locky, .odin or some other random names. Now it uses .thor extension, and modifies the name to the set of 32 random letters and numbers. Technically, new virus uses same technology, but updated security keys, so old decryptors won’t work. Ransom amount is the same: 3 BitCoins. Thor ransomware substitutes desktop background with image with information about the infection and instructions to pay the ransom.
Bytefence Anti-Malware has some distribution issues, uninstallation problems and unwanted browser modifications. All this relates to behavior of potentially unwanted programs. Some users ask us to create uninstall guide for Bytefence Anti-Malware. This application can be removed manually, but in some cases it may result in error messages. So, here we prepared instructions to remove Bytefence Anti-Malware easily and solve problems with Bytefence Redirect.
Chumsearch.com is unwanted search engine for Safari, Google Chrome and Mozilla Firefox browsers running on Mac. It is installed by browser hijacker along with freeware. This webpage is associated with famous Safe Finder malware and search queries, that user types on Chumsearch.com are redirected to search.safefinder.com and then to search.yahoo.com. This website overrides search and homepage settings in browsers, and hijacker module does not allow user to revert this settings.
There are a lot of hijackers, that install Search.yahoo.com (Us.yhs4.search.yahoo.com) as default search engine and homepage. Search engines fight for the market and different companies use various ways to distribute their product. Along with their own browser add-ons Yahoo is partnering with thousands of software developers and webmasters, allowing them to earn by driving traffic and customers to search.yahoo.com website. Developers earn on user clicks on ads inside Yahoo Search or just per each installation of Yahoo search products in browsers.
Web-start.org is another malicious search engine from the series of hijackers for Google Chrome, Mozilla Firefox and Internet Explorer. This threat replaces default settings in this browsers, such as homepage, search engine and new tab and redirects search requests to plusnetwork.com. This website is related to Messenger Plus! software and notorious Reimage Repair. One of the tricks this hijacker does, is that its URL is written into browser shortcut properties.