Virus and Spyware Removal Guides, uninstall instructions

What kind of application is Suidae?

Suidae is a malicious extension that has been discovered during an examination of an installer obtained from an unreliable web page. Suidae has several capabilities, such as enabling the "Managed by your organization" feature in Chrome and Edge browsers, accessing various data, and managing themes and extensions.

What kind of malware is RedProtection?

RedProtection is a ransomware-type program that our researchers discovered while inspecting new submissions to the VirusTotal platform. Malware, categorized as such, is designed to encrypt data and demand payment for the decryption.

Once we executed a sample of RedProtection on our test machine, it began encrypting files. Titles of the locked files were appended with an extension comprising four random characters. For example, a file initially named "1.jpg" appeared as "1.jpg.g525", "2.png" as "2.png" as "2.png.7n45", etc.

After the encryption process was finished, this ransomware changed the desktop wallpaper and created a ransom note named "read_it.txt".

What kind of scam is "Chainlink Treasury Airdrop Event"?

Upon examining the "Chainlink Treasury Airdrop Event", our investigation has exposed it as a fraudulent scheme designed to obtain sensitive information with the intention of financial exploitation. Usually, such scams are promoted via email, social media platforms, deceptive ads, and unreliable websites.

What kind of website is bangsearch.pro?

Bangsearch.pro is a fake search engine that we discovered while investigating rogue software. Typically, websites of this kind are promoted (via redirects) by browser hijackers.

Illegitimate search engines usually cannot provide search results; however, bangsearch.pro can – but the results are inaccurate and may be rife with harmful content. It is noteworthy that sites of this kind and the software endorsing them usually collect sensitive user data.

Furthermore, we have observed instances of where bangsearch.pro was injected into startup processes. In these cases, additional removal actions need to be taken, which can be found below.

What kind of application is NeophocaCinerea?

While investigating a malevolent installer found on a suspicious webpage, we came across the NeophocaCinerea browser extension. Our findings reveal that NeophocaCinerea can enable the "Managed by your organization" feature in Chrome and Edge browsers. Additionally, this application can read diverse data and manage browser themes along with added extensions.

What kind of application is Pipidae?

Pipidae is a rogue application that our research team discovered during a routine inspection of new submissions to the VirusTotal website. Upon investigation, we determined that it is adware belonging to the Pirrit adware family. This piece of software is designed to run intrusive advertisement campaigns. Pipidae may display ads and have other harmful capabilities.

What kind of application is Nimbostratus?

After inspecting the Nimbostratus application in the aftermath of running a malicious installer, we found that the app has the capability to enable the "Managed by your organization" feature. Moreover, Nimbostratus can oversee themes and extensions and gain access to diverse sets of data. Thus, users should avoid adding this app to their browsers.

What kind of page is veinmaster[.]top?

Veinmaster[.]top is a rogue webpage designed to promote browser notification spam and redirect users to other (likely untrustworthy/harmful) sites.

The majority of visitors to such pages access them via redirects caused by websites that utilize rogue advertising networks. Our researchers discovered veinmaster[.]top during a routine inspection of sites that use said networks.

What kind of application is FrontierProcessor?

Our research team discovered the FrontierProcessor application while reviewing new file submissions to VirusTotal. After inspecting this app, we learned that it is adware belonging to the AdLoad malware family. FrontierProcessor is designed to generate revenue for its developers by feeding users with undesirable and deceptive ads.

What kind of email is "ACH-ELECTRONIC FUNDS TRANSFER"?

Upon reviewing the "ACH-ELECTRONIC FUNDS TRANSFER" email, we determined that it is spam. It claims that funds have been transferred to the email recipient's account. This information is fake and is merely used to trick recipients into providing their email log-in credentials to a phishing website.