Virus and Spyware Removal Guides, uninstall instructions

What is Best Searcher?

The Best Searcher browser hijacker promotes tailsearch.com, a fake search engine. Like most apps of this type, it changes browser settings without users' permission.

Best Searcher can also read browsing history. Note that, in most cases, users download and install browser hijackers inadvertently and, for this reason, they are categorized as potentially unwanted applications (PUAs).

What is GlobalAsset?

GlobalAsset is rogue software categorized as adware, which also possesses browser hijacker characteristics. Following successful infiltration, GlobalAsset delivers intrusive advertisement campaigns and modifies browser settings to promote fake search engines.

In addition, most adware-type apps and browser hijackers collect browsing-related information. Due to the dubious methods used to proliferate GlobalAsset, it is also classified as a Potentially Unwanted Application (PUA).

What is ZaToN ransomware?

ZaToN is malicious software belonging to the Xorist ransomware family. Systems infected with this malware experience data encryption and filenames are changed in order to demand payment for decryption.

During the encryption process, all compromised files are appended with the ".ZaToN" extension. For example, a file originally named "1.jpg" would appear as "1.jpg.ZaToN" after encryption.

Following the completion of this process, ZaToN ransomware creates a pop-up window, drops the "HOW TO DECRYPT FILES.txt" text files into affected folders, and changes the desktop wallpaper. The text presented in all contains identical ransom-demand messages.

What is Ruralvía Seguridad email scam?

Typically, cyber criminals send phishing emails such as this one to trick recipients into providing personal, sensitive information such as login credentials, credit card details, social security numbers, and other details. Attackers masquerade as well-known or at least existing entities (e.g., companies, organizations), real or plausibly real persons, etc., to make their emails seem legitimate. Despite this, none of these emails can be trusted.

What is LogarithmicBalance?

LogarithmicBalance is an adware-type application with browser hijacker characteristics. Following successful installation, this app runs intrusive advertisement campaigns and modifies browsers to promote fake search engines.

Additionally, most adware and browser hijackers monitor users' browsing activity. Due to the dubious methods used to proliferate LogarithmicBalance, it is also classified as a Potentially Unwanted Application (PUA).

What is Deathfiles ransomware?

Deathfiles is a type of malware that encrypts victims' files and appends the ".deathfiles" extension to the filenames of all encrypted files. For example, "1.jpg" is renamed to "1.jpg.deathfiles", "2.jpg" to "2.jpg.deathfiles", and so on.

Deathfiles provides contact information and various other details in a ransom message ("Recovery_Instructions.html" file), which can be found in all folders that contain encrypted files.

Note that Deathfiles belongs to the MedusaLocker ransomware family.

What is the "Tienes una multa pendiente" email?

"Tienes una multa pendiente" refers to a spam email campaign designed to proliferate the Mekotio Trojan. The term "spam campaign" is used to define a large-scale operation, during which thousands of deceptive/scam emails are sent. This Spanish-language spam campaign distributes messages claiming that recipients have a fine pending payment.

Note that none of the information provided by the "Tienes una multa pendiente" scam emails is true. When opened, the link present in these messages initiates the infection process of Mekotio malware.

What is GenerationUpdater?

Adware is a type of software that displays ads. GenerationUpdater also changes browser settings (to promote a fake search) engine and might also collect browsing data (and other) information.

In summary, GenerationUpdater functions as adware and a browser hijacker. In most cases, users download and install apps such as GenerationUpdater unintentionally and, therefore, they are categorized as potentially unwanted applications (PUAs).

What is the "TikTok Followers Hack"?

"TikTok Followers Hack" refers to a scam run on various deceptive sites. This scheme offers the bogus service of generating followers, fans and 'likes' for users' content on TikTok, a video-sharing social networking platform owned by the ByteDance Ltd. company.

Note that the "TikTok Followers Hack" cannot operate as advertised and is in no way associated with ByteDance Ltd. It simply redirects users to other untrusted, deceptive, phishing and malicious websites.

Therefore, you are strongly advised against using the fake services offered by "TikTok Followers Hack", as it poses a threat to device and user safety. Typically, access to web pages that promote scams is gained via mistyped URLs, redirects caused by intrusive ads or by Potentially Unwanted Applications (PUAs) already installed on systems.

What is CNH?

Discovered by 0x4143, CNH encrypts files and appends the ".cnh" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.cnh", "2.jpg" to "2.jpg.cnh", and so on. It also creates the "README.txt" file, a ransom message with contact information.