Virus and Spyware Removal Guides, uninstall instructions

Fs0ci3ty Ransomware

What is Fs0ci3ty?

Fs0ci3ty (Fsociety) is a ransomware-type virus distributed using spam emails. The malicious attachment claims to be a system driver update-related doc file, which contains gibberish text and encourages users to enable MS Word macros to decode this text.

Once the macros are enabled, however, file encryption begins. Fs0ci3ty encrypts files using AES-256 cryptography. During encryption, Fs0ci3ty appends the names of encrypted files with the ".realfs0ciety@sigaint.org.fs0ciety" extension. For example, "sample.jpg" would be renamed to "sample.jpg.realfs0ciety@sigaint.org.fs0ciety".

Other variants of this ransomware add .dll extension to compromised files. In this case "sample.jpg" would be renamed to "sample.jpg.dll". Following successful encryption, Fs0ci3ty places a ransom-demand HTML file ("Fs0ci3ty.html") on the desktop.

   
SecureCrypted Ransomware [Updated]

What is SecureCrypted?

SecureCrypted is a file-encrypting ransomware-type virus that stealthily infiltrates computers and encrypts stored files using an asymmetric encryption algorithm. During this process, SecureCrypted adds the ".disappeared", ".SecureCrypted”, “.bleepYourData" or “.F**YourData” extension to each encrypted file.

For example, sample.jpg becomes sample.jpg.SecureCrypted. Text files are then created and named after the encrypted files (for example, sample.jpg.Contact_Here_To_Recover_Your_Files.txt or sample.jpg.Where_my_files.txt).

   
Footybase.com Redirect

What is footybase.com?

footybase.com is a fake Internet search engine identical to climbon.top, searchqq.com, ttczmd.com, and many other rogue sites. 

By falsely claiming to generate improved search results, footybase.com attempts to give the impression of legitimacy. In fact, this site is promoted using rogue software downloaders/installers that hijack Internet browsers and modify various options without users' consent. Furthermore, footybase.com records various information relating to users' Internet browsing activity.

   
Statliru1.ru Redirect

What is statliru1.ru?

Identical to slivnewbest.ru, searchqq.com, searchgra.com, and dozens of other websites, statliru1.ru/i/rt2.html is a fake Internet search engine claiming to improve the Internet browsing experience by generating the most relevant search results.

These false claims often trick users into believing that statliru1.ru is legitimate and useful, however, the search engine is promoted using rogue software download/installation set-ups that hijack web browsers and stealthily modify various options. In addition, statliru1.ru continually monitors users' Internet browsing activity.

   
Donald Trump Ransomware

What is Donald Trump?

Newly-discovered ransomware - Donald Trump - encrypts files (using AES cryptography) and appends the ".ENCRYPTED" extension to the name of each encrypted file. For example, encrypted "sample.jpg" might be renamed to "sample.jpg.ENCRYPTED".

Following successful encryption, this ransomware opens a pop-up window informing victims of the encryption.

   
Cyber SpLiTTer Vbs Ransomware

What is Cyber SpLiTTer Vbs?

Cyber SpLiTTer Vbs is a ransomware-type virus that encrypts most files stored on the infiltrated computer. During encryption, Cyber SpLiTTer Vbs appends the ".Cyber SpLiTTer Vbs" extension to the name of each encrypted file. For instance, encrypted "sample.jpg" might be renamed to "sample.jpg.Cyber SpLiTTer Vbs".

Following successful encryption, Cyber SpLiTTer Vbs generates a .vbs file (named "cybersplitter"), and places it in each folder. The vbs file opens a pop-up window containing a ransom-demand message. Cyber SpLiTTer Vbs also plays the "Your pictures, videos, and documents are encrypted by Cyber SpLiTTer Vbs" message through the computer speakers.

   
Al-Namrood Ransomware

What kind of malware is Al-Namrood?

Al-Namrood is a newly-discovered ransomware designed to encrypt files. During encryption, Al-Namrood appends the ".unavailable", .[ID-Victim’s unique ID][cryptservice@inbox.ru].rga2adi, or .access_denied extension to the name of each compromised file (e.g., "sample.jpg" is renamed to "sample.jpg.unavailable").

In addition, Al-Namrood creates a text file for each encrypted file. These text files are named using the "[encrypted_file_name.extension]_Read_Me.Txt" pattern (e.g., "sample.jpg.Read_Me.Txt)".

   
Krypte Ransomware

What is Krypte?

Krypte is an updated version of Razy ransomware. Following infiltration, Krypte encrypts files using asymmetric cryptography. During encryption, Krypte renames compromised files using the "10_random_letters_and_digits.fear" pattern (e.g., "sample.jpg" might be renamed to "bGw20AaNJa.fear").

Following successful encryption, Krypte displays a pop-up window with a ransom-demand message.

   
Windows Management Adware

What is Windows Management?

Windows Management is a deceptive program that infiltrates the system during installation of other applications. Following successful installation, Windows Management generates intrusive online advertisements and collects various data relating to users' Internet browsing activity.

For these reasons, this program is categorized as a potentially unwanted program (PUP) and adware.

   
Windows User Manager Adware

What is Windows User Manager?

Windows User Manager is a rogue application distributed using a deceptive software marketing method called "bundling". Following infiltration, this app generates various intrusive online advertisements and tracks users' Internet browsing activity. For these reasons, Windows User Manager is categorized as a potentially unwanted program (PUP) and adware.

   

Page 2004 of 2329

<< Start < Prev 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal