Virus and Spyware Removal Guides, uninstall instructions

What is Mac Adware Cleaner?

Related to Advanced Mac Cleaner, Mac Adware Cleaner is a rogue application that supposedly enhances system performance by cleaning junk files, removing potentially malicious apps, and enabling other similar functions.

Judging on appearance alone, Mac Adware Cleaner may seem legitimate, however, it is categorized as a potentially unwanted program (PUP) - it often infiltrates systems without consent and gives no real value for regular users.

What is OpsVenezuela?

OpsVenezuela is a ransomware-type virus discovered by MalwareHunterTeam. After successfully infiltrating the system, OpsVenezuela encrypts most files and adds the ".locked" extension to each filename. For instance, "sample.jpg" is renamed to "sample.jpg.locked".

Compromised data immediately becomes unusable. Once encryption is complete, OpsVenezuela generates a text file ("READ_IT.txt"), placing a copy in every existing folder, and changes the desktop wallpaper.

What is nav-goo.com?

nav-goo.com is another fake web search engine that supposedly enhances the browsing experience by generating improved results. Judging on appearance alone, it barely differs from Google, Bing, Yahoo, and other legitimate search engines. Therefore, many users believe that the site is also legitimate and useful.

In fact, developers promote nav-goo.com using rogue downloaders/installers that modify web browser options without users’ permission. Furthermore, this website continually gathers information relating to browsing habits.

What is Pedcont?

Discovered by malware security researcher, Leo, Pedcont is a ransomware-type virus that stealthily infiltrates systems. Unlike most other ransomware, Pedcont does not encrypt or rename/modify data in any way, but it does display a pop-up window with a ransom-demand message.

What is REBUS?

First discovered by malware security researcher, Michael Gillespie, REBUS is a ransomware-type virus that originates from the Scarab malware family. Immediately after encryption, REBUS encrypts most stored data. In addition, it renames files using the "[32_random_digits_and_letters].REBUS" pattern.

For instance, "sample.jpg" might be renamed to a filename such as "89A4m9D328112834GFB6F88A4CAE75E1.REBUS". Compromised files become unusable and indistinguishable. Following successful encryption, REBUS generates a text file ("REBUS RECOVERY INFORMATION.TXT") and places a copy in every existing older.

What is System Table?

System Table is a rogue application that supposedly allows users to change content on visited websites. This functionality may seem legitimate and useful, however, System Table infiltrates systems without consent, delivers intrusive advertisements, and records sensitive data. For these reasons, it is categorized as a potentially unwanted program (PUP) and adware.

What is LittleFinger?

Discovered by MalwareHunterTeam, LittleFinger is a ransomware-type virus that stealthily infiltrates systems and encrypts stored files.

Note that, unlike other ransomware, LittleFinger does not rename files or add any extension. Despite this, files still become unusable. Immediately after encryption, LittleFinger opens a console window and displays a ransom-demand message. This is also unusual - most ransomware viruses provide this information using text or HTML files.

What is z-results.com?

z-results.com is a fake web search engine identical to websearchlabs.com and elastisearch.com. By offering improved results, z-results.com attempts to give the impression of legitimacy.

Be aware, however, that developers promote this website using a browser-hijacking application called Z Results. Furthermore, z-results.com and Z Results record information relating to web browsing activity.

What is PAIN LOCKER?

PAIN LOCKER is a ransomware-type virus discovered by MalwareHunterTeam. Immediately after infiltration, PAIN LOCKER encrypts most stored data and appends filenames with the ".[pain@cock.lu].pain" extension. For instance, "sample.jpg" is renamed to "sample.jpg.[pain@cock.lu].pain".

Note that the same extension is used by some variants of Everbe ransomware and, therefore, there is a high probability that these viruses are related to PAIN LOCKER. Once data is encrypted, using it becomes impossible. Following successful encryption, PAIN LOCKER creates a text file ("!=How_recovery_files=!.txt") and places a copy in every existing folder.

What is .BACKUP?

First discovered by MalwareHunterTeam, .BACKUP is a new variant of a high-risk ransomware infection called CryptoMix. Immediately after infiltration, .BACKUP encrypts most stored files and renames each one using the "[32_random_letters_and_digits].BACKUP" pattern.

For instance, "sample.jpg" might be renamed to a filename such as "3E3402E523DAEB4B558E11B9294AAAC7.BACKUP". Encrypted data becomes unusable and indistinguishable. As well as compromising files, .BACKUP creates a text file ("_HELP_INSTRUCTION.TXT") and places a copy in every existing folder.