Virus and Spyware Removal Guides, uninstall instructions

What kind of malware is RedEye?

RedEye is a ransomware-type virus designed by the creator of ANNABELLE and Jigsaw viruses. Once infiltrated, RedEye supposedly encrypts data using the AES-256 encryption algorithm and appends filenames with the ".RedEye" extension (e.g., "sample.jpg" is renamed to "sample.jpg.RedEye").

As well as 'encrypting' data, RedEye also completely wipes it. Therefore, data becomes unusable and impossible to restore. In addition, RedEye changes the desktop wallpaper and opens a pop-up window containing a ransom-demand message.

What is Ads by Advertise?

"Ads by Advertise" is a tag used to mark certain intrusive advertisements displayed by potentially unwanted adware-type programs (PUPs). Research shows that these PUPs often target Mac OS and infiltrate without users' consent. As well as delivering intrusive ads, adware-type PUPs gather sensitive information.

What is BI_D?

First discovered by malware security researcher, Michael Gillespie, BI_D is a new variant of high-risk ransomware called LockCrypt. Immediately after infiltration, BI_D encrypts most stored files (thereby making them unusable) and appends filenames with the " [ id-[victim's_ID].BI_D" extension.

For example, "sample.jpg" might be renamed to a filename such as "sample.jpg id-iK+mYICIYCIU.BI_D". Following successful encryption, BI_D creates a text file ("How to Restore Files.txt") and places a copy in every existing folder.

What is Insta?

Recently discovered by Michael Gillespie, Insta is a ransomware-type virus that stealthily infiltrates the system and encrypts most stored files.

In doing so, Insta adds the ".insta" extension to each filename (e.g., "sample.jpg" is renamed to "sample.jpg.insta"). Encrypted data immediately becomes unusable. Once the encryption process is complete, Insta generates a text file ("filesinfo.txt") and places a copy in every existing folder.

What is tags.bluekai.com?

BlueKai is a legitimate information tracking service owned by Oracle Corporation. Recently, however, many Mac OS users have encountered pop-ups/redirects leading to tags.bluekai.com (or stags.bluekai.com) that may seem malicious. There are two possible reasons for this: the operating system version is 10.9 or you have a potentially unwanted adware-type program (PUP) installed.

What kind of malware is LokiBot?

LokiBot is trojan-type malware designed to infiltrate systems and collect a wide range of information. Note that this virus targets the Windows and Android operating systems. LokiBot typically infiltrates systems without users' consent - it is distributed via spam emails (Windows OS), various private messages (SMS, Skype, etc.), and malicious websites.

What is CRYBrazil?

CRYBrazil is a ransomware-type virus discovered by MalwareHunterTeam. It is based on an open-source ransomware project called Hidden Tear and has been implemented with some scripts from eda2. Once infiltrated, CRYBrazil encrypts most stored files and appends filenames with the ".crybrazil" extension.

For instance, "sample.jpg" is renamed to "sample.jpg.crybrazil". Following successful encryption, CRYBrazil changes the desktop wallpaper and generates an HTML file ("SUA_CHAVE.html"), placing a copy in every existing folder.

What is DiskDoctor?

DiskDoctor is a ransomware-type virus that originates from the Scarab malware family. This virus is designed to stealthily infiltrate the system and encrypt most stored files. In doing so, DiskDoctor appends filenames with the ".DiskDoctor" extension (e.g., "sample.jpg" is renamed to "sample.jpg.DiskDoctor").

Once encrypted, data immediately becomes unusable. After successfully compromising files, DiskDoctor generates a text file ("HOW TO RECOVER ENCRYPTED FILES.TXT") and places a copy in every existing folder.

What is Mac Ads Cleaner?

Mac Ads Cleaner is a fake system optimization tool identical to Mac Adware Cleaner. Research shows that it is related to another rogue application called Advanced Mac Cleaner. 

On initial inspection, Mac Ads Cleaner may seem legitimate and useful, however, it is categorized as a potentially unwanted program (PUP). Be aware that this program typically infiltrates systems without permission and gives no real value for regular users.

What is opti-page.com?

opti-page.com is a fake web search engine directly related to chumsearch.com By offering improved results, opti-page.com attempts to give the impression of legitimacy, however, developers promote this site using the aforementioned chumsearch.com site. Furthermore, opti-page.com and chumsearch.com gather information relating to users' Internet browsing activity.