Virus and Spyware Removal Guides, uninstall instructions
What is Scarabey?
Discovered by Jirehlov Solace, Scarabey prevents victims from accessing their files unless a ransom is paid. It encrypts files, changes their filenames and creates ransom messages. Scarabey renames encrypted files by changing the filenames to a string of random characters and appending the ".scarry" extension.
For example, it might rename a file called "1.jpg" to "0umONHjNTEOdyQ.scarry", and so on. Scarabey drops "Инструкция по расшифровке файлов.TXT" ransom messages in all folders that contain encrypted data. Note that this ransomware prevents victims from using Task Manager by immediately closing it when attempts are made to open it.
What is Sadogo?
Discovered by dnwls0719, Sadogo encrypts files, changes filenames by appending the ".encrytped" extension (e.g., it renames "1.jpg" to "1.jpg.encrypted", and so on), and generates ransom messages within text files named "readme.txt".
These ransom messages can be found in all folders that contain encrypted data and they include instructions about how to contact Sadogo's developers.
What is AimSearch?
AimSearch is designed to function as adware and a browser hijacker. It serves advertisements and promotes the address of a fake search engine. Typically, people download and install apps of this type inadvertently. Research shows that this particular app is often installed via a fake Adobe Flash Player installer.
Apps that are installed by people in this way (unintentionally) are classified as potentially unwanted applications (PUAs).
What is Lezp?
Lezp belongs to a ransomware family called Djvu. Like most other programs of this type, Lezp encrypts files, modifies their filenames and creates a ransom message. It renames encrypted files by appending the ".lezp" extension.
For example, it changes "1.jpg" to "1.jpg.lezp", "2.jpg" to "2.jpg.lezp", and so on. Lezp also creates a ransom message within a text file named "_readme.txt".
What is "Winners of the new iPhone 11 Pro"?
There are many websites claiming that a well-known company has chosen visitors to complete a survey and provide personal information to win a prize. This deceptive scam page claims that visitors have won the new iPhone 11 Pro.
The main purpose of this scam is to trick unsuspecting visitors into answering questions and providing sensitive information, which scammers can then misuse to generate revenue. Note that, in most cases, these web pages are opened through deceptive ads, other dubious pages, or by installed potentially unwanted applications (PUAs).
What is Maps & Directions by QuestForDirections?
Maps & Directions by QuestForDirections is a browser hijacker designed to promote srchbar.com (a fake search engine) by modifying browser settings. It is very likely that this app also operates as an information tracking tool.
Few users download and install browser hijackers intentionally and, therefore, apps of this type are categorized as potentially unwanted applications (PUAs).
What is Easy Email Plus?
Easy Email Plus is a browser hijacker which assigns certain browsers settings to easyemailplus.com (the address of a fake search engine). Easy Email Plus is distributed together with another potentially unwanted application (PUA) called Protect My Search App.
These apps are categorized as PUAs, since users often download and install them inadvertently. Note that apps such as Easy Email Plus and Protect My Search App often gather various information.
What is DisplaySuccess?
DisplaySuccess is a rogue app classified as adware. It operates by running intrusive ad campaigns, however, DisplaySuccess also possesses browser hijacker characteristics. It modifies browser settings and promotes Safe Finder through akamaihd.net (a fake search engine).
Additionally, most adware-type programs and browser hijackers have data tracking capabilities, which are employed to monitor users' browsing activity. Since most users download/install DisplaySuccess unintentionally, it is also classified as a Potentially Unwanted Application (PUA).
What is Love$?
Discovered by Jakub Kroustek, Love$ is a malicious program that belongs to a family of ransomware infections named Dharma. This ransomware renames encrypted files by adding the victim's ID, im.online@aol.com email address and appending the ".love$" extension to filenames.
For example, it renames "1.jpg" to a filename such as "1.jpg.id-1E857D00.[im.online@aol.com].love$", and so on. It also drops the "FILES ENCRYPTED.txt" ransom message in all folders that contain encrypted files and displays another ransom message in a pop-up window.
What is .notfound?
.notfound is another version of Clown ransomware, which was discovered by Amigo-A. This ransomware renames all encrypted files and drops ransom messages in all folders that contain encrypted data. It renames files by using the "[Heeeh98@tutanota.com][id=victim's_ID]original_filename.notfound" pattern.
For example, it renames a file named "1.jpg" to "[Heeeh98@tutanota.com][id=1E857D00]1.jpg.notfound", "2.jpg" to "[Heeeh98@tutanota.com][id=1E857D00]2.jpg.notfound", and so on. Note that .notfound ransomware generates ransom messages named "!!! READ THIS !!!.hta" and "HOW TO RECOVER ENCRYPTED FILES.txt".
More Articles...
Page 1381 of 2329
<< Start < Prev 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 Next > End >>