Virus and Spyware Removal Guides, uninstall instructions

What kind of application is SupportSkyReference?

SupportSkyReference is an advertising-supported application, commonly referred to as an adware. Adware like SupportSkyReference is typically considered unwanted due to its intrusive advertising practices and the potential for compromising user privacy and system performance. Thus, users should remove apps of this type from their devices.

What kind of page is oasoomsa[.]top?

Our research team discovered the oasoomsa[.]top rogue page while checking out suspicious websites. This webpage promotes dubious content and spam browser notifications. Additionally, oasoomsa[.]top can redirect visitors to other (likely unreliable/harmful) sites.

The majority of users access such pages through redirects generated by websites that employ rogue advertising networks.

What kind of email is "Barclays Payment Advice"?

After examining the "Barclays Payment Advice" email, we determined that it is malspam – malicious spam mail designed to proliferate malware.

Disguised as a notification from Barclays plc – a British multinational universal bank, the email states that the recipient has been sent a payment. Details of the bogus transaction are in a document that can be downloaded by following the provided link. This file is intended to infect the recipient's system with malware.

What kind of application is FilterBoard?

Our researchers discovered the FilterBoard app while investigating new submissions to the VirusTotal website. After examining this application, we determined that it is advertising-supported software (adware). FilterBoard belongs to the AdLoad malware family.

What kind of application is HyperTextInternet?

HyperTextInternet is a rogue app that we found while inspecting new file submissions to the VirusTotal website. After investigating this piece of software, we determined that it is adware belonging to the AdLoad malware family. HyperTextInternet is designed to run intrusive advertisement campaigns.

What kind of scam is "Your Apple May Be Not Safe!"?

Our research team discovered the "Your Apple May Be Not Safe!" scam while investigating untrustworthy websites. It states that the data stored on the visitor's iPhone might have been stolen through recently visited suspicious sites. These claims are false, and this content is in no way associated with any legitimate entities.

What kind of scam is "MacOS Security Center"?

While scrutinizing this webpage, it has been ascertained that its intent is to deceive users into thinking that their operating system is at risk. The page showcases a misleading pop-up message encouraging visitors to buy specific antivirus software. It is strongly recommended not to place trust in such pages, even if they endorse legitimate products.

What kind of malware is Nigra?

While reviewing new malware submissions to the VirusTotal platform, our research team discovered the Nigra ransomware. Programs within this classification are designed to encrypt data and demand payment for its decryption.

On our testing system, Nigra encrypted files and appended their filenames with a unique ID assigned to the victim, the cyber criminals' email address, and a ".nigra" extension. For example, a file initially titled "1.jpg" appeared as "1.jpg.[baf1c5b249].[c2y@startmail.com].nigra".

After the encryption process was completed, a ransom-demanding message – "README_WARNING.txt" – was dropped.

What kind of malware is qBit?

A malware known as qBit Stealer, which is created to gather information from compromised systems, is currently being promoted in a hackers' forum. This malware, developed using the Go programming language, has the ability to bypass endpoint threat detection and response (EDR) systems and provides the attackers with the option to upload pilfered data to a location of their preference.

What kind of malware is Poopy Butt-face?

During analysis of samples uploaded to the VirusTotal website, a ransomware variant based on the Chaos ransomware dubbed Poopy Butt-face has been discovered. Poopy Butt-face encrypts files and changes their filenames by adding the ".Poop" extension. For instance, it renames "1.jpg" to "1.jpg.Poop", "2.png" to "2.png.Poop", etc.

Additionally, Poopy Butt-face leaves a ransom note, a text file named "Pooop-ransom.txt".