WhiteRose Ransomware is dangerous encryption virus from InfiniteTear family. It uses AES algorithm to encode user files. After this it appends complex suffix _ENCRYPTED_BY.WHITEROSE, and modifies the filename to random set of letter and numbers. Then, ransomware creates text file HOW-TO-RECOVERY-FILES.TXT, containing ransom-demanding message with contact information and instructions. Usually, viruses of this type ask for $500 – $1000 in BitCoins. To reсover data, users must contact WhiteRose’s developers via Tox chat.
SavingsCool (sometimes presented as CoolSavings) is potentially unwanted program, that can be classified as browser hijacker and adware. It was developed to display ads, pop-ups and banners on different websites. This can be realized via installing extensions in Google Chrome and Mozilla Firefox. However, latest version of SavingsCool uses proxy hijack to drive traffic through servers controlled by the developers. SavingsCool modifies transmitted data to show advertising.
My-search.com by Pinch of Awesome, LP is malicious search engine, that has become widespread lately. It replaces default search engine and homepage in Google Chrome, Mozilla Firefox or Internet Explorer. Depending on users location My-search.com can redirect user queries to search.yahoo.com or google.com. Hijacker protects modified settings, so users are anable to get rid of My-search.com and every time they open newtab unwanted search engine is loaded. Using third-party websites with unknown origin is dangerous and may lead to privacy issues.
Laserveradedomaina.com is domain used for browser redirects an pop-ups that lead to tech support scams, advertising browser extensions, surveys, adult or dating websites or other type of unwanted landing page. It may appear in Google Chrome, Mozilla Firefox and Internet Explorer. This domain is somehow related to well-known adware called Wizzcaster. There are also similar website Ladomainadeserver.com, that has almost identical behavior.
Search.hmytemplates.co is objectionable website, used by hijackers to replace browser settings in Google Chrome, Mozilla Firefox, Safari and Internet Explorer. It replaces search engine, homepage and new tab settings to search.hmytemplates.co and then to search.yahoo.com. It is done by the means of My Templates V 1.1 add-on that installs in browsers. Until this extension is removed and corresponding application is uninstalled, users won’t be able to revert changes back. Search.hmytemplates.co can not only redirect user queries, but also collect private browser data like history, bookmarks, cookies and other parameters of online behavior.