Virus and Spyware Removal Guides, uninstall instructions

What kind of application is FreshPlatform?

FreshPlatform is a rogue application that our research team discovered while investigating new submissions to VirusTotal. After inspecting this piece of software, we determined that it is adware belonging to the AdLoad malware family.

What kind of page is unonontate[.]com?

While analyzing unonontate[.]com, we noticed its deceptive strategy of convincing visitors to grant notification permissions. Additionally, unonontate[.]com may redirect users to other suspicious websites. We discovered unonontate[.]com during our investigation of pages connected to unreliable advertising networks.

What kind of malware is MiniMe?

Our research team discovered the MiniMe ransomware while inspecting new submissions to the VirusTotal website. This malicious program is based on the Chaos ransomware.

After we executed a sample of MiniMe on our test machine, it encrypted files and appended their filenames with a ".minime" extension. To elaborate, a file originally titled "1.jpg" appeared as "1.jpg.minime", "2.png" as "2.png.minime", etc.

Once the encryption process was completed, the ransomware created a ransom note named "read_it.txt". The message contained invalid contact information, leading us to believe that MiniMe is still in development.

What kind of application is VirtualActivity?

Our analysis of the VirtualActivity application revealed that it exhibits intrusive advertisements. For this reason, we classified VirtualActivity as adware. It is worth noting that software of this type is commonly disseminated through dubious and deceptive techniques, which can lead to unintentional downloads and installations by unsuspecting users.

What kind of malware is Ahtw?

Ahtw is ransomware associated with the Djvu family. It encrypts files on the victim's computer and requests a ransom for the decryption tools. Our team encountered Ahtw during the analysis of recently submitted malware samples on the VirusTotal platform. It is worth mentioning that Ahtw may be distributed alongside other malware, including RedLine or Vidar.

Once Ahtw infects a computer, it appends the ".ahtw" extension to the filename of every encrypted file. For example, a file named "1.jpg" gets renamed to "1.jpg.ahtw", "2.png" to "2.png.ahtw", and so forth. Additionally, Ahtw creates a ransom note ("_readme.txt").

What kind of malware is Ahgr?

During our examination of malware samples submitted to VirusTotal, we came across Ahgr, a ransomware variant that is part of the Djvu family. Ahgr encrypts files and modifies their names by adding the ".ahgr" extension. Furthermore, it creates a ransom note as a text file named "_readme.txt".

Here is an example of how Ahgr alters file names: it transforms "1.jpg" into "1.jpg.ahgr", "2.png" into "2.png.ahgr", and so on. It is important to mention that Ahgr, being part of the Djvu ransomware family, may be distributed alongside information stealers like Vidar and RedLine.

What kind of malware is Ahui?

During our analysis of malware samples submitted to VirusTotal, we came across Ahui, ransomware belonging to the Djvu family. Ahui blocks access to files by encrypting them and alters their filenames by appending a new extension (".ahui"). Furthermore, it generates a ransom note (a text file named "_readme.txt").

To illustrate, Ahui modifies file names in the following manner: it changes "1.jpg" to "1.jpg.ahui", "2.png" to "2.png.ahui", and so on. It is important to note that ransomware associated with the Djvu family is often distributed alongside information stealers like Vidar and RedLine.

What kind of page is fastcheck[.]top?

Our research team discovered the fastcheck[.]top rogue page during a routine investigation of questionable websites. It is designed to push spam browser notifications and generate redirects to other (likely dubious/malicious) sites. Users typically access webpages via redirects caused by websites using rogue advertising networks.

What kind of page is dollarsurvey[.]top?

Dollarsurvey[.]top is a rogue webpage that we discovered while investigating untrustworthy sites. It is designed to endorse dubious content and browser notification spam. Additionally, this page can redirect users to different (likely unreliable/harmful) websites.

Visitors to dollarsurvey[.]top and similar webpages access them predominantly via redirects generated by sites that use rogue advertising networks.

What kind of page is ronadforyousystems[.]com?

While investigating websites utilizing questionable advertising networks, we encountered ronadforyousystems[.]com. This site employs a clickbait technique to trick visitors into permitting it to show notifications (ads). Moreover, this site may redirect visitors to other unreliable websites. Therefore, it is recommended to avoid accessing ronadforyousystems[.]com.