Virus and Spyware Removal Guides, uninstall instructions

What is BlackMamba?

BlackMamba was discovered by S!Ri. Ransomware is malware that encrypts files and generates ransom messages. It often renames encrypted files (e.g., appends an extension to filenames), however, this particular ransomware only encrypts files (it does not rename them) and displays a pop-up window (the ransom message).

What is yourwownewz[.]com?

yourwownewz[.]com is similar to many other bogus websites including, for example, webquizspot[.]com, enhesita[.]online and dozki[.]pro. If visited, these pages open other untrusted sites or load dubious content.

People often visit these sites unintentionally. Typically, browsers open these pages when potentially unwanted applications (PUAs) are installed on them.

What is doswinuba[.]com?

doswinuba[.]com is a rogue website sharing many similarities with oritychiev.top, redpush.name, ritishdeliv.top and thousands of others. This web page operates by presenting visitors with dubious material and/or redirecting them to other untrusted or possibly malicious sites.

Most users access doswinuba[.]com and similar web pages via redirects caused by intrusive advertisements or by Potentially Unwanted Applications (PUAs) already infiltrated into their devices. This software does not need explicit user consent to be installed onto systems. PUAs cause redirects, run intrusive ad campaigns and collect browsing-related information.

What is cuteRansomware?

cuteRansomware was discovered by S!Ri. This ransomware is designed to encrypt and rename files, and display a ransom message. It renames files by replacing their filenames with a string of random characters and appending ".jgy" as the extension. For example, "1.jpg" might be renamed to "GOJpAJhrOs3.jgy", "2.jpg" to "JUBmDKfdPd4.jgy", and so on.

What is kersatur[.]online?

Users do not often visit pages such as kersatur[.]online intentionally - they are opened by potentially unwanted applications (PUAs) that are installed on browsers and/or operating systems, via dubious ads or various other bogus web pages. There are many websites similar to kersatur[.]online on the web. Some examples are enhesita[.]online, npolicito[.]online and roboverify[.]xyz.

What is amazing-dating[.]com?

Websites such as amazing-dating[.]com are commonly promoted via potentially unwanted applications (PUAs), which most users download and install on their browsers and/or computers inadvertently. I.e., they do not visit these bogus pages intentionally.

More examples of similar websites designed for the same purpose are webquizspot[.]com, enhesita[.]online and dozki[.]pro.

What is Gac?

Gac was discovered by Jakub Kroustek and belongs to the Dharma ransomware family. Gac renames encrypted files by adding the victim's ID, the getacrypt@tuta.io email address, and appending the ".gac" extension to filenames.

For example, "1.jpg" is renamed to "1.jpg.id-1E857D00.[getacrypt@tuta.io].gac", "2.jpg" to "2.jpg.id-1E857D00.[getacrypt@tuta.io].gac", and so on. Gac also displays a pop-up window and creates the "FILES ENCRYPTED.txt" text file, both of which are the ransom messages.

What is Cyberpunk 2077 virus?

Cyberpunk 2077 is a 2020 action role-playing video game, one of the most anticipated games of the year that was released on 10 December 2020. Cyber criminals commonly exploit the popularity of games to distribute malware, and Cyberpunk 2077 is no exception.

In this particular case, cyber criminals promote supposedly pirated versions of the Cyberpunk 2077 game. These 'cracked' versions are bundled with Raccoon stealer, which is Trojan-type malware.

What is aldiscret[.]online?

Web pages such as aldiscret[.]online are usually opened by browsers automatically - when they have potentially unwanted applications (PUAs) installed on them. I.e., users do not often visit these bogus sites intentionally, and neither do they install (or even download) PUAs intentionally.

There are many pages similar to aldiscret[.]online on the web. Some examples are dozki[.]pro, webquizspot[.]com and enhesita[.]online.

What is directsearchapp.com?

directsearchapp.com is a fake search engine which appears in browser settings after installation of a browser hijacker (browser hijacking extension). Commonly, apps of this type collect browsing-related and other information.

In most cases, users download and install browser hijackers inadvertently and, for this reason, they are categorized as unwanted applications.