Virus and Spyware Removal Guides, uninstall instructions

What is Parasite?

Parasite ransomware encrypts victims' files and appends the ".parasite" extension to filenames. For example, "1.jpg" is renamed to "1.jpg.parasite", "2.jpg" to "2.jpg.parasite", and so on. Parasite also creates the "@READ_ME_FILE_ENCRYPTED@.html" file (ransom message) in all folders that contain encrypted files.

What is Sz40 ransomware?

Sz40 is malicious software categorized as ransomware. Systems infected with this program have their data encrypted and users receive ransom demands for decryption. There are two variants of this ransomware: one appends affected files with the ".sz40" extension, whilst the other does not alter filenames.

In the first variant, a file named something like "1.jpg" would appear as "1.jpg.sz40", "2.jpg" as "2.jpg.sz40", and so on. After this process is complete, a ransom-demand message is created in the "HELP_SECURITY_EVENT.html" file.

What is the EURO MILLIONS INTL. LOTTO COMMISSION email scam?

Generally, email lottery scams such as this one are used to trick people into believing that they have won a certain sum of money in a lottery. They then attempt to persuade people to pay "processing fees" or "transfer charges" so that the winnings can supposedly be distributed.

People who fall for these scams never receive any lottery payments. On the contrary, they lose all money that they send to scammers. In many cases, lottery scams are disguised as lotteries organized by legitimate companies or other entities, however, none of these are involved with these bogus schemes.

What is SportsSearchHD?

SportsSearchHD is rogue software classified as a browser hijacker. It operates by making changes to browser settings to promote sportssearchhd.com (a fake search engine). Additionally, SportsSearchHD monitors users' browsing habits, which makes it a serious privacy concern.

Due to the dubious methods used to proliferate browser hijackers, they are also classified as Potentially Unwanted Applications (PUAs).

What is EnCryp13d?

EnCryp13d is typical ransomware, which encrypts and renames files and demands ransom payments. It renames files by appending the ".EnCryp13d" extension. For example, "1.jpg" is renamed to "1.jpg.EnCryp13d", "2.jpg" to "2.jpg.EnCryp13d", and so on.

EnCryp13d also displays a pop-up window and creates the "HOW TO DECRYPT FILES.txt" file in all folders that contain encrypted files. The pop-up window and text files contain instructions about how to pay the ransom and various other details.

Note that EnCryp13d belongs to the Xorist ransomware family.

What is go-mp3[.]com?

go-mp3[.]com is a dubious website offering YouTube video conversion to MP3 file services. It allows users to convert and then download MP3 files from YouTube video URLs.

Note that go-mp3[.]com infringes copyright laws and also uses rogue advertising networks. Therefore, visitors to such websites are presented with misleading/malicious ads and are redirected to various other untrusted and even dangerous websites.

What is LTC ransomware?

LTC is a malicious program belonging to the Dharma ransomware family. This malware is designed to encrypt data and demand payment for decryption.

During the encryption process, files are renamed following this pattern: original filename, unique ID assigned to the victims, cyber criminals' email address, and the ".LTC" extension. For example, a file originally named "1.jpg" would appear as something similar to "1.jpg.id-C279F237.[leeza@keemail.me].LTC" after encryption.

Once this process is complete, ransom messages are created in a pop-up window and "FILES ENCRYPTED.txt" text file.

What is DigitalRecord?

The DigitalRecord app displays unwanted advertisements and changes browser settings to promote a fake search engine address. This app functions both as adware and as a browser hijacker.

These apps often gather browsing-related (and other) information. Typically, users download and install DigitalRecord and similar apps inadvertently and, for this reason, they are categorized as potentially unwanted applications (PUAs).

What is SearchPDFConverter?

Like most browser hijackers, SearchPDFConverter changes web browser settings without users' permission. In this case, it assigns them to searchpdfconverter.com (the address of a fake search engine). Furthermore, SearchPDFConverter collects browsing-related information.

Generally, users do not download or install browser hijackers intentionally and, for this reason, they are classified as potentially unwanted applications (PUAs).

What is CheckEmailsQuicker?

CheckEmailsQuicker is software endorsed as a tool for easy access to email accounts also capable of storing log-in credentials (i.e. usernames and passwords). Since it runs intrusive advertisement campaigns, however, CheckEmailsQuicker is classified as adware.

Many users download/install this program unintentionally, and thus it is also classified as a Potentially Unwanted Application (PUA).