Virus and Spyware Removal Guides, uninstall instructions

SUKA Ransomware

What is SUKA ransomware?

Discovered by Jakub Kroustek, SUKA is malicious software belonging to the Dharma ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption.

During the encryption process, all affected files are renamed following this pattern: original filename, unique IDs assigned to victims, cyber criminals' email address, and the ".SUKA" extension. For example, a file originally named "1.jpg" would appear as "1.jpg.id-C279F237.[kjingx@tuta.io ].SUKA" after encryption.

Once this process is complete, ransom messages are created in a pop-up window and "FILES ENCRYPTED.txt" text file.

   
Psalrausoa.com Ads

What is psalrausoa[.]com?

psalrausoa[.]com is often visited by users intentionally - these sites are opened when people click dubious, deceptive ads, visit other bogus websites, or have potentially unwanted applications (PUAs) installed on browsers and/or operating systems. There are many sites similar to psalrausoa[.]com including, for example, odrivicdriv[.]top, hilycover[.]top and urtheredevo[.]top.

   
OnlineStreamSearch Browser Hijacker

What is OnlineStreamSearch?

OnlineStreamSearch hijacks browsers by modifying settings. In this case, by assigning them to onlinestreamsearch.com, a fake search engine. Like most browser hijackers, OnlineStreamSearch is likely to also collect browsing data.

People often download and install apps such as OnlineStreamSearch (browser hijackers) unintentionally and, for this reason, they are categorized as potentially unwanted applications (PUAs).

   
Weui Ransomware

What is Weui?

Weui belongs to the Djvu ransomware family. It encrypts and renames victims' files, and creates a ransom message. Weui modifies the filenames of all encrypted files by appending the ".weui" extension.

For example, "1.jpg" is renamed to "1.jpg.weui", "2.jpg" to "2.jpg.weui", and so on. It also creates a ransom message within the "_readme.txt" file in all folders that contain encrypted files.

   
RestorFile Ransomware

What is RestorFile ransomware?

RestorFile is a malicious program belonging to the Matrix ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption.

During the encryption process, affected files are renamed with a random character string and the ".[RestorFile@tutanota.com]" extension (which contains the cyber criminals' email address). For example, a file originally named "1.jpg" would appear as something similar to "Dm1VcZ9U-DOAwLcvy.[RestorFile@tutanota.com]" following encryption.

Once this process is complete, ransom messages within "#Decrypt_Files_ReadMe#.rtf" files are dropped into compromised folders.

   
Starmode.biz Ads

What is starmode[.]biz?

starmode[.]biz and similar sites are generally opened due to potentially unwanted applications (PUAs). I.e., users do not often visit these pages intentionally. People also arrive at these websites by clicking deceptive ads or through other bogus websites. Some examples of other web pages that are similar to starmode[.]biz are odrivicdriv[.]top, hilycover[.]top and urtheredevo[.]top.

   
CoVideoSearch Browser Hijacker

What is CoVideoSearch?

CoVideoSearch promotes a fake search engine (covideosearch.com) by modifying web browser settings and is also likely to collect browsing data. Users often download and install browser hijackers inadvertently and, for this reason, CoVideoSearch is categorized as a potentially unwanted application (PUA).

   
StreamSearchWizard Browser Hijacker

What is StreamSearchWizard?

StreamSearchWizard is a browser hijacker. It operates by making alterations to browser settings to promote streamsearchwizard.com (a bogus search engine). In addition, most browser hijackers can gather browsing-related information. Therefore, it is likely that StreamSearchWizard also has these data tracking capabilities.

Due to the dubious methods used to proliferate browser hijackers, they are also classified as Potentially Unwanted Applications (PUAs).

   
ProConverterSearch Browser Hijacker

What is ProConverterSearch?

ProConverterSearch is rogue software categorized as a browser hijacker. It operates by making modifications to browser settings to promote proconvertersearch.com (a fake search engine). Additionally, most browser hijackers have data tracking capabilities, and it is likely that ProConverterSearch also has this functionality.

Due to the dubious techniques used to proliferate ProConverterSearch, it is classified as a Potentially Unwanted Application (PUA).

   
VodaFone Email Virus

What is VodaFone email virus?

Users are often tricked into installing malware when malspam emails are sent that contain malicious attachments or download links for rogue files. In most cases, cyber criminals disguise these emails as important, official messages from legitimate companies, organizations, and other entities.

Their main goal is to trick recipients into downloading and opening a file that installs malicious software.

   

Page 1206 of 2337

<< Start < Prev 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal