BugsFighter

Smart Mac Tuneup is a rogue optimization program for Mac, that gets stuck in your system, consumes resources and displays annoying alerts and pop-ups about viruses and errors. It looks like a typical application of its kind but generates scan results filled with false positive detections and exaggerated amount of issues. Actually, Smart Mac Tuneup finds problems even on brand new Mac computers. Due to those facts, it is classified as a rogue or potentially unwanted application (PUP), and it is recommended to get rid of it. Smart Mac Tuneup runs on system startup and may not be removed in a regular way.

Aurora Ransomware (sometimes called OneKeyLocker Ransomware) is new crypto-virus, that started circulating the web since the end of May, 2018. The virus mostly aims Western countries, however, some versions were spread in Turkey. It uses DES algorithm to encode files and adds .aurora extension, after which it got its name. Since that, malware had multiple updates and modifications. Ransomware now also adds following extenions: .nano, .cryptoid, .peekaboo and .isolated. After encryption ransomware creates different text files (depending on version), containing ransom note with contact information and instructions.

Ouo.io is a bogus website, that is a part of a huge advertising network. It displays fake pages of Adobe Flash updates, streaming sites, download portals and claims to provide access to restricted content after allowing notifications. Push-notifications is a feature in modern browsers, that allows users to get announcements about important information from online newspapers, Youtube or social networks. This function is exploited by adware to push promotional information via this channel. If you see ads, pop-ups or notifications from Ouo.io, there is a high possibility of malware infection or browser's settings hijack.

Dharma virus, unlike similar types of ransomware, does not change desktop background, but creates README.txt or Document.txt.[amagnus@india.com].zzzzz files and places them in each folder with compromised files. Text files contain message stating that users have to pay the ransom using Bitcoins and amount is approximately $300-$500 depending on ransomware version. The private decryption key is stored on a remote server, and there currently impossible to break the encryption of the latest version.

Searchmine.net (a.k.a. SearchMine) is low-quality search engine related to notorious webcrawler.com developed by InfoSpace Holdings LLC, that provides irrelevant search results filled with ads and sponsored content. Hijacker replaces default browser settings, such as the search engine, the home page, new tab, with new values. All user's searches will be redirected to http://www.webcrawler.com, that delivers results drastically different from familiar Google.com, Yahoo.com, Bing.com. WebCrawler is offering search solutions to monetize audience via a search-based advertising revenue stream and shares revenue with software developers and website owners, that compulsively spread Searchmine.net and other similar malware. The main danger of such services is the loss of online privacy and using gathered data by the malware to send ads and pop-ups.

Ecosia.org or Ecosia is contradictory search engine and browser add-on, that can override default settings of search, homepage and new tab in Google Chrome, Mozilla Firefox or Safari on Windows or Mac OS. On their website, it is stated, that Ecosia is Germany-based internet search engine. It donates 80% of revenue to ecological companies focusing on planting trees. From a technical point of view, this is Bing-affiliated search, that provides results almost identical to Bing.com. The search engine is accompanied by extensions for Google Chrome and Mozilla Firefox with more than 2 million users. It is difficult to verify whether the statements of developers are true or false, but actions of Ecosia fall into the category of browser hijackers. Many users complained that Ecosia.org appeared in browsers out of nowhere, without their agreement.

Dharma-Html Ransomware is one of the types of encryption viruses based on the code of the family of Crysis-Dharma-Cezar ransomware. Version, that is under review today has certain differences. It adds .html extension to encrypted files and uses other e-mail addresses for communication. Dharma-Html Ransomware, as well as other latest Dharma variations, doesn't have decryptor, that can automatically decrypt encoded data. However, using instructions below can help you recover some files. Dharma-Html Ransomware creates suffix, that consists of several parts: prefix "id-", identification number (alphanumeric and unique for each computer), developer's e-mail address and .html extension. The pattern of the filename after encryption looks like this: file called 1.doc will be converted to 1.doc.id-{8-digit-id}.[{email-address}].html.

Jamper Ransomware is a nasty file-encryption virus, that uses AES algorithm to encrypt your files and extorts a ransom of 1 to 3 BTC (Bitcoins). This malware is the successor of VegaLocker (Vega Ransomware) and predecessor of Buran Ransomware. Jamper Ransomware, depending on the version, may add .jamper, .jumper or .SONIC extensions to files it affects. After ransomware activity, your files become inaccessible and unreadable. Malware creates ransom note file called ---README---.TXT after it finishes. Jamper Ransomware removes shadow copies of files (VSS), disables recovery features of Windows, which makes it difficult to recover encrypted files.