Virus and Spyware Removal Guides, uninstall instructions

Havenotifyfriends.info POP-UP Ads

What is havenotifyfriends[.]info?

havenotifyfriends[.]info is virtually identical to other rogue websites such as oraronerethet[.]info, newchannel[.]club, and hatnofort[.]com.

When visited, it displays dubious content or causes redirects to other untrustworthy websites. People are forced to visit the site by potentially unwanted applications (PUAs) that are installed on their computers (browsers). PUAs usually gather data and feed users with intrusive advertisements.

   
Searchnotifyfriends.info POP-UP Ads

What is searchnotifyfriends[.]info?

searchnotifyfriends[.]info is very similar to other websites of this type such as oraronerethet[.]info, newchannel[.]club, and hatnofort[.]com. It displays dubious content or redirects visitors to other untrustworthy web pages. Most people end up visiting searchnotifyfriends[.]info due to potentially unwanted applications (PUAs) installed on their systems.

Therefore, people do not generally visit this site intentionally. PUAs are often designed to serve users with advertisements and collect information about browsing habits.

   
Read-this-hot-stuff.today POP-UP Ads

What is read-this-hot-stuff[.]today?

When visited, read-this-hot-stuff[.]today displays dubious content or causes redirects to other, untrustworthy, rogue websites. Its behavior is identical to oraronerethet[.]info, newchannel[.]club, hatnofort[.]com, and many other sites. Potentially unwanted apps (PUAs) usually force people to visit websites of this type unintentionally. If installed, PUAs usually gather browsing-related data and serve users with ads.

   
Msfeedssync.exe Virus

What is msfeedssync.exe?

msfeedssync.exe (Microsoft Feeds Synchronization) is a legitimate process/file which is part of Windows Internet Explorer. It starts running in Task Manager when it updates RSS feeds for Internet Explorer 7 and 8 browsers that have the automatic Feeds synchronization feature enabled.

The msfeedssync.exe file can be found in the "C:\Windows\System32" folder, however, its name is often used by cyber criminals who attempt to disguise malicious processes and files as harmless.

   
Prodecryptor Ransomware

What is Prodecryptor?

Prodecryptor is yet another ransomware infection discovered by malware security researcher, GrujaRS. After successful infiltration, Prodecryptor encrypts most stored files. In doing so, it appends filenames with the ".Prodecryptor" extension.

For example, "sample.jpg" is renamed to "sample.jpg.Prodecryptor". Prodecryptor also creates a text file ("ReadME-Prodecryptor@gmail.com.txt"), storing a copy in every existing folder, and opens a pop-up window.

   
Todarius Ransomware

What is Todarius?

Todarius is a ransomware-type virus discovered by Michael Gillespie. This infection belongs to the Djvu ransomware family and is designed to compromise (encrypt) most stored files, thereby making them unusable. Additionally, Todarius appends each filename with the ".todarius" extension (e.g., "sample.jpg" is renamed to "sample.jpg.todarius").

Once encryption is complete, Todarius places a text file ("_readme.txt") in every existing folder.

   
Sodinokibi Ransomware

What kind of malware is Sodinokibi?

Discovered by S!Ri, Sodinokibi (also known as REvil or Sodin) is a ransomware-type program created by cyber criminals. They use it to encrypt files stored on victims' computers and prevent people from accessing them files until they have paid a ransom. Malware researchers call it Sodinokibi, however, developers have not yet provided an official name.

This ransomware places ransom messages in folders that contain encrypted files. The name of the text file depends on the extension added to the encrypted file. For example, if the extension is ".686l0tek69" (and the encrypted file is renamed from, for example, "1.jpg" to "1.jpg.686l0tek69"), the ransom message filename will be called "686l0tek69-HOW-TO-DECRYPT.txt". Sodinokibi also changes the wallpaper.

As of September 2021, Sodinokibi ransomware is decryptable. Bitdefender offers a free decryption tool for this malware.

   
Nero TuneItUp Unwanted Application

What is Nero TuneItUp?

Nero TuneItUp is presented as a system optimization tool that solves problems relating to computer performance. It is supposedly able to make Windows boot faster, improve browser performance, optimize Windows Operating Systems, and update programs and drivers.

To promote it, however, developers use the "bundling" method. Therefore, this app is categorized as a potentially unwanted application (PUA). People usually install programs promoted by this method unintentionally.

   
PayPal Hacking Software Virus

What is PayPal Hacking Software?

Cyber criminals present their PayPal Hacking Software as a hacking tool that supposedly misuses the PayPal system and allows users of this software to add funds to their accounts. In fact, this is a fake hacking tool that steal users' PayPal login data.

   
BellevueCollegeEncryptor Ransomware

What is BellevueCollegeEncryptor?

BellevueCollegeEncryptor is a new variant of CryptoWire, a ransomware-type program that was discovered by MalwareHunterTeam. It is designed to encrypt data stored on computers and blackmail victims by forcing them to pay a ransom (purchase a tool required for decryption).

BellevueCollegeEncryptor renames all files by adding the "DesktopReadme" string to the filenames. For example, "1.jpg" becomes "1DesktopReadme.jpg". It also creates two ransom messages ("README.txt" and "INSTRUCTIONS.txt") and places them on the desktop. BellevueCollegeEncryptor displays a pop-up window that is used to enter a decryption key.

   

Page 1633 of 2329

<< Start < Prev 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal