Virus and Spyware Removal Guides, uninstall instructions
What is Fs0ci3ty?
Fs0ci3ty (Fsociety) is a ransomware-type virus distributed using spam emails. The malicious attachment claims to be a system driver update-related doc file, which contains gibberish text and encourages users to enable MS Word macros to decode this text.
Once the macros are enabled, however, file encryption begins. Fs0ci3ty encrypts files using AES-256 cryptography. During encryption, Fs0ci3ty appends the names of encrypted files with the ".realfs0ciety@sigaint.org.fs0ciety" extension. For example, "sample.jpg" would be renamed to "sample.jpg.realfs0ciety@sigaint.org.fs0ciety".
Other variants of this ransomware add .dll extension to compromised files. In this case "sample.jpg" would be renamed to "sample.jpg.dll". Following successful encryption, Fs0ci3ty places a ransom-demand HTML file ("Fs0ci3ty.html") on the desktop.
What is SecureCrypted?
SecureCrypted is a file-encrypting ransomware-type virus that stealthily infiltrates computers and encrypts stored files using an asymmetric encryption algorithm. During this process, SecureCrypted adds the ".disappeared", ".SecureCrypted”, “.bleepYourData" or “.F**YourData” extension to each encrypted file.
For example, sample.jpg becomes sample.jpg.SecureCrypted. Text files are then created and named after the encrypted files (for example, sample.jpg.Contact_Here_To_Recover_Your_Files.txt or sample.jpg.Where_my_files.txt).
What is footybase.com?
footybase.com is a fake Internet search engine identical to climbon.top, searchqq.com, ttczmd.com, and many other rogue sites.
By falsely claiming to generate improved search results, footybase.com attempts to give the impression of legitimacy. In fact, this site is promoted using rogue software downloaders/installers that hijack Internet browsers and modify various options without users' consent. Furthermore, footybase.com records various information relating to users' Internet browsing activity.
What is statliru1.ru?
Identical to slivnewbest.ru, searchqq.com, searchgra.com, and dozens of other websites, statliru1.ru/i/rt2.html is a fake Internet search engine claiming to improve the Internet browsing experience by generating the most relevant search results.
These false claims often trick users into believing that statliru1.ru is legitimate and useful, however, the search engine is promoted using rogue software download/installation set-ups that hijack web browsers and stealthily modify various options. In addition, statliru1.ru continually monitors users' Internet browsing activity.
What is Donald Trump?
Newly-discovered ransomware - Donald Trump - encrypts files (using AES cryptography) and appends the ".ENCRYPTED" extension to the name of each encrypted file. For example, encrypted "sample.jpg" might be renamed to "sample.jpg.ENCRYPTED".
Following successful encryption, this ransomware opens a pop-up window informing victims of the encryption.
What is Cyber SpLiTTer Vbs?
Cyber SpLiTTer Vbs is a ransomware-type virus that encrypts most files stored on the infiltrated computer. During encryption, Cyber SpLiTTer Vbs appends the ".Cyber SpLiTTer Vbs" extension to the name of each encrypted file. For instance, encrypted "sample.jpg" might be renamed to "sample.jpg.Cyber SpLiTTer Vbs".
Following successful encryption, Cyber SpLiTTer Vbs generates a .vbs file (named "cybersplitter"), and places it in each folder. The vbs file opens a pop-up window containing a ransom-demand message. Cyber SpLiTTer Vbs also plays the "Your pictures, videos, and documents are encrypted by Cyber SpLiTTer Vbs" message through the computer speakers.
What kind of malware is Al-Namrood?
Al-Namrood is a newly-discovered ransomware designed to encrypt files. During encryption, Al-Namrood appends the ".unavailable", .[ID-Victim’s unique ID][cryptservice@inbox.ru].rga2adi, or .access_denied extension to the name of each compromised file (e.g., "sample.jpg" is renamed to "sample.jpg.unavailable").
In addition, Al-Namrood creates a text file for each encrypted file. These text files are named using the "[encrypted_file_name.extension]_Read_Me.Txt" pattern (e.g., "sample.jpg.Read_Me.Txt)".
What is Krypte?
Krypte is an updated version of Razy ransomware. Following infiltration, Krypte encrypts files using asymmetric cryptography. During encryption, Krypte renames compromised files using the "10_random_letters_and_digits.fear" pattern (e.g., "sample.jpg" might be renamed to "bGw20AaNJa.fear").
Following successful encryption, Krypte displays a pop-up window with a ransom-demand message.
What is Windows Management?
Windows Management is a deceptive program that infiltrates the system during installation of other applications. Following successful installation, Windows Management generates intrusive online advertisements and collects various data relating to users' Internet browsing activity.
For these reasons, this program is categorized as a potentially unwanted program (PUP) and adware.
What is Windows User Manager?
Windows User Manager is a rogue application distributed using a deceptive software marketing method called "bundling". Following infiltration, this app generates various intrusive online advertisements and tracks users' Internet browsing activity. For these reasons, Windows User Manager is categorized as a potentially unwanted program (PUP) and adware.
More Articles...
Page 2004 of 2329
<< Start < Prev 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 Next > End >>