Virus and Spyware Removal Guides, uninstall instructions

BDDY Ransomware

What is BDDY?

BDDY is a part of the Matrix ransomware family. It encrypts files and renames them using this pattern: "[Buddy@criptext.com].[random_string]-[random_string].BDDY".

For example, "1.jpg" might become "[Buddy@criptext.com].xQ4uk8Vz-KAFJcwKX.BDDY", and so on. BDDY stores the "#BDDY_README#.rtf" ransom message in all folders that contain encrypted files and on the victim's desktop. It also stores five random files on the desktop.

   
Nvux.xyz Redirect

What is nvux.xyz?

nvux.xyz is the address of a fake search engine. Typically, these bogus sites are promoted by browser hijackers - Potentially Unwanted Applications (PUAs) that change certain browser settings. This fake search engine is promoted by a PUA called CERX, which is related to the QIP rogue app.

Note that most browser hijackers also possess data tracking capabilities, which they employ to monitor users' browsing activity. Furthermore, PUAs do not need explicit user consent to be installed onto devices.

   
Theultimatesafevideoplayer.info POP-UP Scam (Mac)

What is theultimatesafevideoplayer[.]info?

theultimatesafevideoplayer[.]info is one of many deceptive websites that attempts to trick visitors into installing adware or other potentially unwanted applications (PUAs). This is achieved via an installer, which supposedly installs updates for Adobe Flash Player.

These sites are usually opened through clicked untrustworthy advertisements or PUAs already installed on the browser and/or operating system. Therefore, people do not generally visit websites such as theultimatesafevideoplayer[.]info intentionally.

   
Look At My Video Scam

What is Look at my video?

Spelevo is the name of an exploit kit that abuses software vulnerabilities to infect systems with various malware. In this case, it triggers vulnerabilities in Internet Explorer browser and Adobe Flash Player, and redirects users to the lookatmyvideo[.]com (LookAtMyVideo) website, which is disguised as an adult web page.

The site attempts to trick people in downloading and executing a file - a decoy video codec that infects systems with malware.

   
Online Safety by Safely Browser Hijacker

What is Online Safety by Safely?

Online Safety is a browser hijacker developed by Safely. It is endorsed as a multi-purpose tool, which is supposedly designed to enhance the browsing experience. The advertised capabilities include real time alerts about visits to harmful websites, management of user data collected by sites and deletion of personal tracking data.

In fact, Online Safety operates by modifying browsers to promote mysafe-search.net, a fake search engine. Most users download/install Online Safety by Safely inadvertently and, therefore, it is additionally classified as a Potentially Unwanted Application (PUA).

   
Speedtestace.co Redirect

What is speedtestace.co?

Very similar to searchmedia.online, feed.ebooks-club.comfeed.searchfrit.com, and many other sites, speedtestace.co is a fake search engine.

Its developers claim that this search engine provides an enhanced browsing experience (fast and accurate searches, improved results, and so on), however, they promote this fake search engine using a browser hijacker, a potentially unwanted application (PUA) called Speed Test Ace.

Like most apps of this type, it modifies browser settings and records data relating to users' browsing activity.

   
Wwserch42.biz Ads

What is wwserch42[.]biz?

wwserch42[.]biz is a rogue website, which is usually opened by potentially unwanted applications (PUAs) installed on browsers or operating systems. Therefore, people do not generally visit this site intentionally. Once opened, wwserch42[.]biz redirects people to other untrustworthy websites or loads dubious content.

It operates like many other rogue websites including, for example, newsredirect[.]net, giantttraffic[.]com and localmylife[.]info. In most cases, people download and install PUAs accidentally. When installed, they force browsers to open rogue web pages, gather various information relating to users' browsing habits, and display intrusive advertisements.

   
S3.amazonaws.com Virus (Mac)

What is s3.amazonaws[.]com?

The s3.amazonaws[.]com website has been identified as proliferating a variety of unwanted and malicious content. It is hosted by Amazon AWS (Amazon Web Services), a legitimate service intended to provide various IT-related resources/functionalities, however, it is commonly misused by cyber criminals to host malicious sites.

These web pages are then used to spread Potentially Unwanted Applications (PUAs) such as fake system cleaners/optimizers, adware, and browser hijackers, and also malware including ransomware, trojans, etc. This website generates redirects to various other rogue web pages.

One researched variant of s3.amazonaws[.]com operates by promoting a fake Adobe Flash Player updater, which in turn can be used to infiltrate systems with the aforementioned content. People often enter s3.amazonaws[.]com unintentionally when they are redirected by intrusive advertisements or PUAs already infiltrated into the device.

   
LAB Bot Email Scam

What is "LAB Bot Email"?

"LAB Bot" email is a scam message. Its misleading subject/title suggests that the email is from Amazon Delivery Support, however, it has nothing to do with this company. The message is not from Amazon or associates, and the content has no connection with them.

The body of the message claims to be from a group of "data storage hackers" (a cyber criminal group), which has supposedly hacked the recipient's cloud storage.

This scam is furthered by the use of scare tactics, in this case the model is used to trick people into paying to prevent the criminals from misusing their data. In fact, the user's device is not infected and data has not been compromised by these scammers.

   
Power Search Browser Hijacker

What is Power Search?

The Power Search app is categorized as a browser hijacker. There are two main reasons for this classification: it promotes a fake search engine by changing browser settings and gathers browsing data. Browser hijackers are termed 'potentially unwanted applications' (PUAs), since people often download and install them inadvertently.

   

Page 1472 of 2329

<< Start < Prev 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal