Virus and Spyware Removal Guides, uninstall instructions

What is Blast Search browser hijacker?

Blast Search is rogue software classified as a browser hijacker. Following successful infiltration, it makes alterations to browser settings to promote a fake search engine. Blast Search promotes blast-search.net in this way. Additionally, it has data tracking capabilities, which are employed to monitor users' browsing activity.

To ensure its persistence, this browser hijacker also adds the "Managed by your organization" feature to Google Chrome browsers. Due to the dubious tactics used to proliferate Blast Search, it is also classified as a Potentially Unwanted Application (PUA).

What is the Homer ransomware?

Discovered by Marcelo Rivero, Homer is a malicious program belonging to the Dharma ransomware family. This malware operates by encrypting the data of infected systems in order to demand payment for decryption.

During the encryption process, all affected files are renamed according to this pattern: original filename, unique ID assigned to the victim, cyber criminals' email address and the ".homer" extension.

For example, a file such as "1.jpg" would appear as something similar to "1.jpg.id-1E857D00.[homersimpson777@mail.fr].homer" following encryption. Once this process is complete, ransom-demand messages are created in a pop-up window and "FILES ENCRYPTED.txt" text file.

What is Easy Weather Today Promos?

Easy Weather Today Promos is rogue software endorsed as a tool for quick access to weather-related content and classified as adware. In fact, it operates by delivering intrusive advertisement campaigns. I.e., it delivers various unwanted and even harmful ads.

Additionally, Easy Weather Today Promos monitors users' browsing habits and gathers sensitive information relating to internet browsing. Due to the dubious methods employed to distribute this adware, it is also classified as a Potentially Unwanted Application (PUA).

What is Btc (JigSaw) ransomware?

Btc is a malicious program belonging to the Jigsaw ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, all compromised files are appended with the ".btc" extension.

For example, a file originally named something like "1.jpg" would appear as "1.jpg.btc" following encryption, and so on for all affected files. After this process is complete, a ransom message is created in a pop-up window.

What is "Salesforce Email Virus"?

"Salesforce" is the name of a spam email campaign designed to proliferate the Gozi Trojan. The term "spam campaign" refers to a large-scale operation, during which deceptive emails are sent by the thousand. The scam messages of this spam campaign are disguised as order confirmation notifications from the Salesforce company.

Salesforce.com, inc. is a cloud-based software company dealing in customer relationship management (CRM) services and sale of complementary enterprise applications (e.g. relating to customer service, marketing automation, analytics and software development). These fake emails are in no way associated to the genuine Salesforce company.

What is the .data (Dharma) ransomware?

Discovered by Jakub Kroustek, .data is a malicious program that is part of the Dharma ransomware family. It is designed to encrypt data and demand payment for decryption.

During the encryption process, all files are renamed following this pattern: original filename, unique ID, cyber criminals' email address and the ".data" extension (not to be confused with the ".data" extension of certain data files). For example, a file such as "1.jpg" would appear as something similar to "1.jpg.id-1E857D00.[data@recovery.sx].data" following encryption.

An updated variant of this ransomware appends the "[recoverydata@qbmail.biz].data" extension. After this process is complete, ransom-demand messages are created in a pop-up window and "FILES ENCRYPTED.txt" text file.

What is FunctionRecord adware?

FunctionRecord is dubious software classified as adware and also with characteristics typical of browser hijackers. Following successful installation, it runs intrusive ad campaigns, modifies browser settings and promotes fake search engines. FunctionRecord promotes Safe Finder through akamaihd.net. 

Additionally, most adware and browser hijackers track browsing-related information. Since most users download/install FunctionRecord unintentionally, this app is classified as a Potentially Unwanted Application (PUA).

What is Smpl ransomware?

Smpl is a malicious program, which is part of the Dharma ransomware group. It is designed to encrypt data and demand payment for decryption. During the encryption process, all compromised files are renamed following this pattern: original filename, unique ID, cyber criminals' email address and the ".smpl" extension.

For example, a file originally named "1.jpg" would appear as something similar to "1.jpg.id-9CFA2D20.[crimecrypt@aol.com].smpl" following encryption. After this process is complete, ransom messages are created in a pop-up window and "FILES ENCRYPTED.txt" text file.

What is Free Package Tracker Plus?

Free Package Tracker Plus is rogue software endorsed as a tool for easy access to package tracking services. In fact, it delivers intrusive ad campaigns and is therefore categorized as adware. Additionally, Free Package Tracker Plus monitors users' browsing activity.

Due to the dubious techniques used to proliferate Free Package Tracker Plus, it is also classified as a Potentially Unwanted Application (PUA).

What is Free File Converter Pro?

Free File Converter Pro is rogue software classified as adware. It is endorsed as a tool capable of and quickly converting and editing various files.

Free File Converter Pro can supposedly convert/edit more than one hundred file formats. In fact, this adware operates by running intrusive advertisement campaigns and collecting browsing-related information. Due to the dubious methods used to proliferate Free File Converter Pro, it is also classified as a Potentially Unwanted Application (PUA).