Virus and Spyware Removal Guides, uninstall instructions

What is ElementaryType?

ElementaryType is an adware-type app with browser hijacker characteristics. This piece of rogue software operates by running intrusive advertisement campaigns and making alterations to browser settings to promote fake search engines.

Additionally, adware and browser hijackers usually collect browsing-related data. Since most users download/install ElementaryType unintentionally, it is also classified as a Potentially Unwanted Application (PUA).

What is ActivityElement?

ActivityElement displays advertisements and changes browser settings. Therefore, this app functions as adware and a browser hijacker. These apps often gather information relating to users' browsing habits and other data.

In most cases, users download and install apps like ActivityElement inadvertently when they are distributed using dubious methods. Note that ActivityElement is distributed using a fake Adobe Flash Player installer.

What kind of malware is the Snake keylogger?

Snake is a malicious program classified as a keylogger. As the classification implies, the primary function of this malware is keylogging. Therefore, Snake infections pose a threat to the privacy/safety of all typed information.

What is pointcaptchaspot[.]com?

pointcaptchaspot[.]com is a rogue website, which redirects visitors to other untrusted/malicious sites and presents them with dubious content. Check-me.online, holanews.biz, suggestive.com are just some examples of web pages similar to pointcaptchaspot[.]com.

Users seldom access these websites intentionally - most are redirected to them by intrusive ads or by Potentially Unwanted Applications (PUAs). This software does not require explicit user consent to be installed onto their devices.

What is SUMMON?

SUMMON encrypts victim's files, renames them, and displays a ransom message ("#ReadThis.HTA").

It renames each encrypted file by prepending the summonunlock@gmail.com email address, victim's ID, and appending the ".SUMMON" extension to the filename. For example, "1.jpg" is renamed to "[SummonunLock@gmail.com][id=C279F237]1.jpg.SUMMON", "2.jpg" to "[SummonunLock@gmail.com][id=C279F237]2.jpg.SUMMON", and so on.

What is PDFConverterSearchHD?

The PDFConverterSearchHD browser hijacker changes certain browser settings to promote a fake search engine (pdfconvertersearchhd.com). It can also read information relating to users' browsing activities.

Browser hijackers are often downloaded and installed by users unintentionally and, therefore, apps of this type are classified as potentially unwanted applications (PUAs).

What is StreamSiteSearch?

StreamSiteSearch is a browser hijacker. It operates by making modifications to browsers to promote streamssitesearch.com (a bogus search engine). Additionally, StreamSiteSearch monitors users' browsing activity.

Due to the dubious methods used to proliferate this browser hijacker, it is also classified as a Potentially Unwanted Application (PUA).

What is the Judge ransomware?

Discovered by xiaopao, Judge is a ransomware-type malicious program. Systems infected with this malware, experience data encryption and users receive ransom demands for decryption.

During the encryption process, files are renamed following this pattern: original filename, cyber criminals' email address and the ".judge" extension. For example, a file named "1.jpg" would appear as "1.jpg.[judgemebackup@tutanota.com].judge" following encryption.

After this process is complete, identical ransom messages are created in a pop-up window, desktop wallpaper, and "info.txt" text file.

What is support-service[.]space?

support-service[.]space is a deceptive website designed to trick visitors into believing that their devices are infected and into downloading potentially unwanted applications (PUAs), which will supposedly remove viruses. Typically, these scam websites are opened when people visit other untrusted pages, click deceptive ads, or when an installed PUA opens them.

Note that support-service[.]space is promoted via deceptive Calendar events.

What is the ViperSoftX RAT?

ViperSoftX is a JavaScript-based Remote Access Trojan (RAT). Malware of this type allows stealthy remote access and control over an infected machine. These Trojans can have a wide variety of dangerous functionality, which enables likewise varied misuse of the compromised device.

The primary purpose of ViperSoftX is stealing cryptocurrency transactions, however, it has other features as well. ViperSoftX RAT infections pose a significant threat to computer and user safety.