Virus and Spyware Removal Guides, uninstall instructions

What is RustyBuer malware?

RustyBuer is the name of a new variant of the Buer loader. The main difference between the new and the original variants is that one is written in Rust multi-paradigm programming language, and another one is written in C programming language. Both RustyBuer and Buer function as loaders - they infect computers with other malware.

What is Hive ransomware?

Hive is a ransomware-type program. It operates by encrypting data and demanding ransoms for the decryption. In other words, this malware renders files inaccessible and demands payment for access recovery.

During the encryption process, affected files are renamed following this pattern: original filename, random character string, and ".hive" extension.

For example, a file initially titled "1.jpg" would appear as something similar to "1.jpg.3FTVjumqQ4OHTCZxlHTlF1jniMpLRvMkH4T62rsHFwY.hive" - after encryption.

Once the encryption process is complete, ransom notes - "HOW_TO_DECRYPT.txt" - are dropped into compromised folders.

What is ThePDFConverterSearch browser hijacker?

ThePDFConverterSearch is a potentially unwanted application (PUA), a browser hijacker designed to change a browser's settings to thepdfconvertersearch.com (to promote a fake search engine). It is worth mentioning that this application can read browsing history and possibly other browsing-related or even sensitive information.

What is MacRunnerDaemon?

MacRunnerDaemon, or simply MacRunner, is a rogue piece of software belonging to the Pirrit adware family. It operates by running intrusive advertisement campaigns, i.e., delivering various ads. Additionally, adware usually has data tracking abilities, which are used to collect sensitive information.

MacRunnerDaemon may also display pop-ups offering fake software updates. It is noteworthy that fraudulent updaters are used to proliferate adware, browser hijackers, and other PUAs (Potentially Unwanted Applications). Furthermore, fake updates have been observed being used to infect systems with trojans, ransomware, cryptocurrency miners, and other types of malware.

What is Access to this pc has been blocked for security reasons scam?

There are many deceptive websites designed to look like official Microsoft (or other company's) pages and display fake virus and (or) error notifications with telephone numbers. Websites of this type are called technical support scams. Scammers behind these pages attempt to trick users into paying money for unnecessary services, programs or providing remote access to their computers.

What is Miis ransomware?

Belonging to the Djvu ransomware family, Miis is a malicious program designed to encrypt data and demand ransoms for the decryption tools. In other words, victims cannot access the files affected by Miis ransomware, and they are asked to pay - to restore access to their data.

During the encryption process, files are appended with ".miis" extension. For example, a file originally titled "1.jpg" would appear as "1.jpg.miis", "2.jpg" as "2.jpg.miis", and so on.

Following the completion of the encryption process, a ransom note named "_readme.txt" is created.

What is Leex ransomware?

Leex ransomware variant belongs to the Djvu ransomware family. It encrypts files, appends its extension (".leex") to their filenames and creates the "_readme.txt" file as its ransom note. Leex renames encrypted files in this manner: it renames a file named "1.jpg" to "1.jpg.leex", "2.jpg" to "2.jpg.leex", and so on.

What is NetworkSync?

NetworkSync is a rogue app. It is classified as adware and has browser hijacker qualities. Following successful installation, this piece of software runs intrusive advertisement campaigns and promotes fake search engines by making modifications to browser settings.

Additionally, adware and browser hijackers usually have data tracking abilities. Hence, NetworkSync likely has such functionalities as well.

Since most users download/install NetworkSync unintentionally, it is categorized as a PUA (Potentially Unwanted Application).

What is Crackonosh malware?

It is popular among cybercriminals to distribute malware by hiding it inside cracked software. It is known that Crackonosh is distributed alongside cracked popular games and other software. The main purpose of Crackonosh is to install the XMRIG miner and mine cryptocurrencies for the attackers.

What is Neer ransomware?

Neer is a piece of malicious software belonging to the Djvu ransomware family. Systems infected with this malware experience data encryption (files are rendered inaccessible) and receive ransom demands for the decryption (access recovery).

During the encryption process, affected files are appended with the ".neer" extension. For example, a file initially titled "1.jpg" would appear as something similar to "1.jpg.neer", "2.jpg" as "2.jpg.neer", "3.jpg" as "3.jpg.neer", and so forth.

After the encryption process is complete, a ransom note - "_readme.txt" - is created.