Virus and Spyware Removal Guides, uninstall instructions

What is Power Cleaner 2018?

Power Cleaner 2018 is another dubious application presented as a high quality system cleaning and optimization tool. Judging on appearance alone, Power Cleaner 2018 may seem legitimate, however, developers proliferate this app using a deceptive marketing method called "bundling", and thus it often infiltrates systems without permission. Therefore, Power Cleaner 2018 is categorized as a potentially unwanted application (PUA).

What is rayjump.com?

Rayjump.com is another rogue website (similar to click.new-posts.support, adxfactory.com, click-now-on-this.online, etc.) that redirects users to other dubious/untrustworthy websites. Most users visit rayjump.com inadvertently - they are redirected to it by unwanted applications that are installed without users' consent.

Typically, apps of this kind cause unwanted redirects, collect user information, deliver intrusive advertisements and, in some cases, affect computer performance.

What is onclickclear.com?

onclickclear.com is a rogue website (very similar or even identical to offerzone.click, igkxr.biz, flurryad.com, etc.) designed to cause redirects to various other dubious/untrustworthy sites. If you arrived at onclickclear.com unexpectedly, you were probably redirected to it by potentially unwanted applications (PUAs) or via a clicked intrusive ad.

In most cases, PUAs are installed inadvertently, cause redirects to potentially malicious websites, gather data, and deliver intrusive advertisements.

What is Locky Imposter?

First discovered by malware security researcher, dao ming si, Locky Imposter (also known as "PyLocky") is a ransom-type virus that imitates another high-risk ransomware infection called Locky. 

After stealthily infiltrating the system, Locky Imposter encrypts data using the RSA and AES encryption algorithms, creates a copy of each file, and then appends filenames with the ".locky" extension (e.g., "sample.jpg" is renamed to "sample.jpg.locky").

Updated variants of this ransomware use ".lockedfile" and ".lockymap" extensions for encrypted files. Ultimately, there are two copies of each existing file (one with the original name and extension, and another with the ".locky" extension), both are encrypted and unusable.

Once data is encrypted, Locky Imposter generates a text file (named "LOCKY-README.TXT") and places a copy in every existing folder.

What is Instagram2go?

Instagram2go is a deceptive application that claims to allow use of the Instagram social network directly from the desktop. This functionality may seem legitimate and useful, however, this app is likely to infiltrate systems without permission.

Furthermore, it delivers intrusive advertisements and potentially gathers sensitive information. For these reasons, Instagram2go is categorized as a potentially unwanted application (PUA) and adware.

What is Client Requirements Email Virus?

"Client Requirements Email Virus" is another spam email campaign similar to Order Confirmation Email Virus, BID PURCHASE DOCUMENT Email Virus, and many others. Cyber criminals use this campaign to proliferate high-risk malware called LokiBot. As usual, criminals send thousands of deceptive emails that are delivered with malicious attachments.

What is Super Clean Pro 2018?

Super Clean Pro 2018 is a dubious application that developers present as high-end system optimization/cleaning software. Judging on appearance alone, Super Clean Pro 2018 may seem legitimate and useful, however, developers promote this app using a deceptive marketing method called "bundling".

Therefore, Super Clean Pro 2018 is categorized as a potentially unwanted application (also known as PUA).

What kind of scam is "PEGASUS SPYWARE ACTIVATED"?

Displayed by a deceptive website, "PEGASUS SPYWARE ACTIVATED" is a fake error similar to "Immediately Call Apple Support", "APPLE SECURITY BREACH", "AppleCare And Warranty", and many others. Users often visit this website inadvertently - they are redirected by various potentially unwanted programs (PUPs).

In most cases, PUPs infiltrate systems without users’ permission. In addition to causing redirects, PUPs deliver intrusive ads, gather sensitive data, and run various unnecessary processes.

What is Cassetto?

Cassetto is a ransomware-type virus discovered by MalwareHunterTeam. Immediately after infiltration, Cassetto encrypts most stored files and appends filenames with the ".cassetto" extension. For instance, "sample.jpg" is renamed to "sample.jpg.cassetto".

Once encrypted, files immediately become unusable. Following successful encryption, Cassetto generates a text file ("IMPORTANT ABOUT DECRYPT.txt"), placing a copy in each existing folder.

What is Cortana.exe?

Cortana.exe is a cryptocurrency-mining trojan that stealthily infiltrates the system and utilizes resources (specifically, CPU) to mine Monero cryptocurrency. Note that Cortana.exe is actually a renamed executable of XMRIG, a legitimate cryptocurrency-mining tool. Since Cortana.exe is used to mine cryptocurrency without users' consent, however, it is categorized as a virus.