Virus and Spyware Removal Guides, uninstall instructions

What is PDFConverterSearchNet?

PDFConverterSearchNet is a rogue browser extension designed to hijack browsers and promote the pdfconvertersearchnet.com fake search engine. Furthermore, due to the questionable methods used to distribute browser hijackers, they are also categorized as PUAs (Potentially Unwanted Applications).

What is Umbrella Security ransomware?

Umbrella Security is a ransomware-type program. It is designed to encrypt data (render files inaccessible) and demand payment for the decryption. During the encryption process, files are appended with a ".aes" extension. For example, a file named "1.jpg" would appear as "1.jpg.aes", "2.jpg" as "2.jpg.aes", etc. Afterwards, a ransom note - "Please Read Me !!!.txt" - is dropped onto the desktop.

What is BlackURLDefender adware?

BlackURLDefender is advertised as an extension that checks the visited websites in its blacklist and prevents users from opening them. However, BlackURLDefender is classified as adware - it displays advertisements. Also, it can read and change data on the pages that users visit.

What is Artemis ransomware?

Artemis ransomware is a type of malware that encrypts files (makes them inaccessible/unusable), modifies their filenames, and generates a ransom note (the "ReadMe-[victim's_ID].txt" file). It renames files by appending the victim's ID, ultimatehelp@techmail.info email address, and ".ultimate" extension.

For instance, Artemis renames "1.jpg" file to "1.jpg.id[C279F237].[UltimateHelp@techmail.info].ultimate", "2.jpg" file to "2.jpg.id[C279F237].[UltimateHelp@techmail.info].ultimate", and so forth. Its ransom note provides contact information.

What is "Australia Post email scam"?

"Australia Post email scam" refers to a spam campaign. The letters sent through this campaign are disguised as messages relating to unpaid customs duties from "Australia Post". It must be emphasized that these emails are in no way associated with the legitimate postal service enterprise. This spam campaign aims to trick recipients into disclosing sensitive information and/or paying bogus fees.

What is MovieSearchOnline?

MovieSearchOnline is a browser hijacker promoting the moviesearchonline.com fake search engine. Since users typically download/install browser hijackers unintentionally, they are also classified as PUAs (Potentially Unwanted Applications).

What is news-keheza[.]cc page?

News-keheza[.]cc has two purposes: to trick visitors into agreeing to receive notifications and promote questionable, potentially malicious sites. The Internet is full of sites like news-keheza[.]cc, for example, ourhypewords[.]com, digitalcaptcha[.]top, and ralemploay[.]space. Users do not visit them intentionally.

What is "Baldur email virus"?

"Baldur email virus" refers to a malware-spreading spam campaign. The scam emails distributed through this campaign are presented as purchase orders. The "Baldur" spam campaign aims to infect recipients' devices with the Agent Tesla RAT (Remote Access Trojan).

What is AtomSilo ransomware?

AtomSilo is a type of malware that blocks access to files by encrypting them and renames every encrypted file by appending the ".ATOMSILO" to its filename. It renames "1.jpg" to "1.jpg.ATOMSILO", "2.jpg" to "2.jpg.ATOMSILO", and so on. As its ransom note, AtomSilo creates the "README-FILE-#COMPUTER-NAME#-#CREATION-TIME#.hta" file.

What is ourhypewords[.]com site?

Once visited, ourhypewords[.]com asks for permission to show notifications. Also, ourhypewords[.]com can open untrustworthy websites. It is similar to ralemploay[.]space, everyday-news-channel[.]com, tobaitsie[.]com, and plenty of other pages that are promoted through shady ads, other dubious pages, and potentially unwanted applications (PUAs).