Virus and Spyware Removal Guides, uninstall instructions

K0stia Ransomware

What is K0stia?

K0stia is a ransomware-type virus distributed via spam emails (with malicious .exe attachments claiming to be .pdf files). When these malicious files are opened, ransomware starts encrypting files using AES-256 cryptography. This virus appends a ".k0stia" extension to the name of each encrypted file.

For example, "sample.jpg" is renamed to "sample.jpg.k0stia". Following successful encryption, K0stia opens a full-screen window containing a ransom-demand message in Czechoslovakian.

   
Isanalyze.com Pop-ups

What is Isanalyze.com Pop-ups?

Isanalyze.com is a deceptive website to which users are redirected after clicking intrusive pop-up advertisements. These ads are displayed by various adware-type applications that usually infiltrate the system during installation of regular software. As well as displaying advertisements, adware continually monitors users' Internet browsing activity by recording various user/system data.

   
Smartnewtab.com Pop-ups

What is Smartnewtab.com pop-ups?

Smartnewtab.com is a rogue site, which users are redirected to by various intrusive pop-up advertisements. These ads are displayed by adware-type applications that infiltrate the system during installation of regular software. As well as display of unwanted ads, adware also collects information relating to users' Internet browsing activity.

   
Gotoinstall.ru Redirect

What is gotoinstall.ru?

Developers present gotoinstall.ru as an Internet search engine that enhances the Internet browsing experience by generating improved search results.

Some users believe that gotoinstall.ru is a legitimate and useful website, however, this site is promoted using rogue software download/installation tools that hijack web browsers and modify settings without consent. Furthermore, this rogue site continually gathers information relating to users' Internet browsing activity.

   
HPRewriter Browser Hijacker

What is HPRewriter?

HPRewriter is a bogus application that infiltrates the system during installation of various software. Following successful installation without users' consent, HPRewriter hijacks Internet browsers and stealthily modifies various options. In addition, this rogue app collects information relating to users' Internet browsing activity.

For these reasons, HPRewriter is classed as a browser hijacker and a potentially unwanted program (PUP).

   
Hades Locker Ransomware

What is Hades Locker?

Hades Locker is an updated version of WildFire Locker ransomware that infiltrates systems and encrypts a variety of data types using AES encryption. Hades Locker appends the names of encrypted files with the ".~HL[5_random_characters] (first 5 characters of encryption password)" extension.

In addition, this ransomware deletes file shadow volume copies. Following encryption, Hades Locker creates three files ("README_RECOVER_FILES_[victim_id].html", "README_RECOVER_FILES_[victim_id].png", "README_RECOVER_FILES_[victim_id].txt"), placing them in each folder containing encrypted files.

   
Research Soft Unwanted Application

What is Research Soft?

Research Soft is a deceptive program that claims to provide "best" online shopping offers based on collected information relating to Internet browsing activity.

These claims often trick users into believing that Research Soft is a legitimate and useful application, however, this app often infiltrates systems without users' permission. Furthermore, Research Soft distorts the truth relating to data collection. For these reasons, it is categorized as a potentially unwanted program (PUP).

   
GeoByPass Adware

What is GeoByPass?

GeoByPass is a rogue application that supposedly allows users to access various websites that are blocked in their countries. This functionality may appear legitimate and useful, however, GeoByPass is distributed using the "bundling" method and, thus, often infiltrates systems without users' consent.

Furthermore, this application generates intrusive online advertisements and continually gathers information relating to users' Internet browsing activity. For these reasons, GeoByPass is classed as a potentially unwanted program (PUP) and adware.

   
KillerLocker Ransomware

What is KillerLocker?

KillerLocker is a ransomware-type virus designed to encrypt files. During encryption, KillerLocker appends the ".rip" extension to the name of each compromised file. For instance, "sample.jpg" is renamed to "sample.jpg.rip". A window informing victims of the encryption is then displayed.

   
Nuke Ransomware [Updated]

What is Nuke?

Newly-discovered ransomware-type malware, Nuke (also known as Nuclear #55) is designed to encrypt most stored data using RSA cryptography. During encryption, Nuke renames files using random characters and appends a ".0x5bm" or .nuclear55 extension.

Example of encrypted filenames: "bafd0lln90azb8g22.0x5bm" and "WdEf+adbcmWaEedc.nuclear55". Once the data is encrypted, Nuke generates two ransom-demand files: "!!_RECOVERY_instructions_!!.html" and "!!_RECOVERY_instructions_!!.txt" and changes the desktop wallpaper.

   

Page 2003 of 2329

<< Start < Prev 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal