Virus and Spyware Removal Guides, uninstall instructions

What is the Berbew malware?

Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as, for example, other Trojans, ransomware, and cryptominers. Therefore, the potential issues caused by Berbew malware can be varied and especially severe.

What is Screen Dream?

Screen Dream is advertised as an application which provides quick links to the latest movie trailers and upcoming movies. In fact, it is a browser hijacker that promotes hp.mysearch.com, a fake search engine. Like most apps of this type, it promotes this address by changing browser settings.

Note that people often download and install browser hijackers unintentionally when they are tricked. Therefore, apps of this type are categorized as potentially unwanted applications (PUAs).

What is Azor?

Azor was discovered by dnwls0719 and is a variant of Garrantydecrypt ransomware. Like most programs of this type, Azor encrypts files, changes their filenames and generates ransom messages with instructions about how to contact the developers. It renames encrypted files by appending the ".azor" extension.

For example, it changes "1.jpg" to "1.jpg.azor", "2.jpg" to "2.jpg.azor", and so on. It also drops the "!read_me!.txt" ransom message in each folder that contains encrypted files.

What is BasicSearchPlatform?

BasicSearchPlatform is an adware-type application that delivers intrusive advertisement campaigns. Additionally, BasicSearchPlatform modifies browser settings and promotes fake search engines, which is behavior common to rogue software classified as browser hijackers.

Furthermore, most adware programs and browser hijackers have data tracking capabilities, and it is highly likely that this includes BasicSearchPlatform. Due to the dubious proliferation methods used to spread BasicSearchPlatform, is also classified as a Potentially Unwanted Application (PUA).

One method used to distribute BasicSearchPlatform is via fake Adobe Flash Player updates. Note that bogus software updaters/installers are often used to proliferate PUAs as well as Trojans, ransomware and other malware.

What is Easy File Converter Plus Promos?

Easy File Converter Plus Promos supposedly converts files such as images, video, documents, audio and more to other formats, however, it also serves advertisements and might collect data. Typically, users do not download or install adware intentionally and, therefore, adware-type apps are categorized as potentially unwanted applications (PUAs).

What is WannaRen?

Discovered by Petrovic, WannaRen is a malicious ransomware-type program. This malware is designed to encrypt data and demand payment for decryption. During the encryption process, all affected files are appended with the ".WannaRen" extension. For example, a file originally named something like "1.jpg" would appear as "1.jpg.WannaRen" following encryption.

After this process is complete, a pop-up window is displayed, which contains a ransom message in Chinese. Furthermore, WannaRen ransomware has the capability to spread itself to the infected device's network, thereby infecting the machines connected to it. This is especially relevant for malware that targets companies.

What is DriverMax?

DriverMax is designed to ensure that the drivers installed onto the system are up to date (i.e., the software detects missing and outdated drivers). In fact, DriverMax is classified as a Potentially Unwanted Application (PUA) due to its dubious distribution methods, which can lead to inadvertent installation.

Apps that fall within this classification are typically distributed using the "bundling" method, deceptive/scam websites, or they are stealthily installed by intrusive advertisements.

What is Joker malware?

Joker (also known as SysJoker) is a malware Trojan that targets Android users. It was packaged in at least two dozen applications that were downloaded from Google Play store over 400,000 times. The main purpose of Joker is to generate revenue for the cyber criminals responsible through fraudulent advertising activities.

If an application installed on an Android device contains Joker malware, remove it immediately.

What is Luminosity?

Luminosity (also known as LuminosityLink) is a Remote Access Trojan (RAT), which was developed some years ago. At that time, cyber criminals could purchase Luminosity from its developers for $40, however, this RAT is no longer for sale. Note that many cyber criminals still use its 'cracked' versions.

RATs such as Luminosity are employed by cyber criminals with malicious intent to infect systems with other malware, steal sensitive information by logging keystrokes, and so on.

What is SpyMax?

SpyMax (also known as SpyNote and CypherRat) is malicious software classified as spyware. It targets devices using the Android OS (Operating System). This malware possesses various capabilities/features that enable its users (i.e., cyber criminals) to monitor the infected device. SpyMax can infect devices under the guise of other, legitimate applications.

It has been observed being distributed through a fake pharmacy website as an application called "COVIDTZ", however, this might not be the only app used to disguise SpyMax.