Virus and Spyware Removal Guides, uninstall instructions

What is Crypto-SweetTooth?

Crypto-SweetTooth is ransomware-type malware that stealthily infiltrates systems and encrypts various files using AES cryptography. This virus is designed to append the names of encrypted files with the ".locked" extension (e.g., "sample.jpg" is renamed to "sample.jpg.locked").

After successful encryption, Crypto-SweetTooth creates a number of HTML files ("IMPORTANTE_LEER.html" [several copies] and "RECUPERAR_ARCHIVOS.html"), placing them in each folder containing the encrypted files.

What is aristotlesearch.com?

aristotlesearch.com is a deceptive website claiming to be an improved Internet search engine. Judging on appearance alone, the site may seem legitimate and useful, however, developers promote it via deceptive download/installation set-ups designed to hijack web browsers and modify various options without users' permission.

In addition, aristotlesearch.com continually records information relating to Internet browsing activity.

What is splintersearch.com?

According to the developers, splintersearch.com is an Internet search engine that generates improved search results, thereby enhancing the Internet browsing experience. These claims often trick users into believing that splintersearch.com is legitimate and useful.

Be aware, however, that this site is promoted via rogue download/installation set-ups that hijack web browsers and modify various options without users' consent. In addition, splintersearch.com continually tracks Internet browsing activity.

What is LambdaLocker?

LambdaLocker is a ransomware-type malware discovered by Michael Gillespie. Following infiltration, LambdaLocker encrypts various files using AES-256 and SHA-256 cryptography. During encryption, this malware appends the ".lambda_l0cked" extension to the name of each encrypted file.

For example, "sample.jpg" is renamed to "sample.jpg.lambda_l0cked". In addition, LambdaLocker creates an HTML file ("READ_IT.hTml"), placing it on the desktop. Newer variants of this ransomware append .MyChemicalRomance4EVER extension to encrypted files and use UNLOCK_guiDE.tXT file for ransom demanding message.

What is hp.myway.com?

InstantRadioPlay is a deceptive application that supposedly allows users to listen to thousands of radio stations. On initial inspection, this app may seem legitimate and useful, however, it often infiltrates systems without permission. In addition, InstantRadioPlay stealthily modifies web browser settings and tracks users' Internet browsing activity.

For these reasons, InstantRadioPlay is categorized as a potentially unwanted program (PUP) and a browser hijacker.

What is BadEncript?

BadEncript is a ransomware-type virus that infiltrates the system and encrypts files using AES-256 cryptography. This malware is designed to append the names of encrypted files with the ".bript" extension (e.g., "sample.jpg" is renamed to "sample.jpg.bript").

Following successful encryption, BadEncript opens a pop-up window and generates an HTML file ("More.html"), placing it on the desktop. Both contain a ransom-demand message.

What is funnysite123.com?

According to the developers, funnysite123.com is an Internet search engine that significantly enhances the Internet browsing experience by generating improved search results. These claims often trick users into believing that funnysite123.com is legitimate.

In fact, developers promote this site via rogue software downloaders/installers designed to modify Internet browser settings without permission. Furthermore, funnysite123.com continually gathers various information relating to users' Internet browsing activity.

What is funnypage123.com?

funnypage123.com is fake Internet search engine identical to luckypageing123.com, luckystarting.com, startpageing123.com, and many others. 

By offering improved search results, funnypage123.com attempts to give the impression of legitimacy, however, this website gathers various information relating to Internet browsing activity. In addition, developers promote it via rogue downloaders/installers that hijack web browsers and modify various settings without users' consent.

What is Karma?

Karma is file-encryption ransomware. Developers proliferate this malware using a deceptive marketing method called "bundling" - stealth installation of malicious software with regular (usually free) applications/programs.

Karma claims to be a legitimate application ("Windows-TuneUp") that supposedly improves computer performance, provides various information, and so-called 'useful features' (memory management, registry cleaner, etc.) Therefore, users often believe that it is legitimate software.

In fact, these claims are false. In the background, Windows-TuneUp stealthily encrypts stored data. Following successful encryption, two files ("# DECRYPT MY FILES #.html" and "# DECRYPT MY FILES #.txt") are created and placed on the desktop. These files are automatically opened.

What is {PRODUCT_NAME}?

{PRODUCT_NAME} is an advertisement name generated by deceptive applications that often infiltrate systems without users' consent (bundling method). In addition, they generate intrusive online advertisements and gather various data relating to Internet browsing activity.

Therefore, bundled applications are commonly categorized as a potentially unwanted programs (PUP) and adware.