Virus and Spyware Removal Guides, uninstall instructions

Baraka Team Ransomware

Baraka Team ransomware removal instructions

What is Baraka Team?

Baraka Team is the name of a piece of malicious software, classified ransomware. Credit for its discovery belongs to dnwls0719. Systems infected with this malware have their data encrypted for the purpose of demanding payment for the decryption tools/software. Most ransomware-type programs rename the compromised files and/or append them with an extension, during the encryption process. However, Baraka Team malware does not modify filenames. After encryption is complete, a ransom note - "ReadmeCrypto.txt" is dropped onto the desktop, the wallpaper of which is also changed.

Tsar Ransomware

Tsar ransomware removal instructions

What is Tsar ransomware?

Discovered by dnwls0719, Tsar is the title of a malicious program, classified as ransomware. It operates by encrypting the data of infected systems and demanding payment for the decryption. During the encryption process, all affected files are appended with the ".Tsar" extension. For example, a file like "1.jpg" would appear as "1.jpg.Tsar" - following encryption. After the encryption is complete, a pop-up window is displayed and a text file - "ReadME-Tsar.txt" is created on the desktop. Both the pop-up and text file contain ransom notes.

Pyrogenic/Qealler Malware

Pyrogenic/Qealler virus removal guide

What is Pyrogenic/Qealler?

Pyrogenic/Qealler is Java-based information stealer that cyber criminals spread with a purpose to steal credentials from various browsers and some other applications. In other words, Pyrogenic/Qealler is used to steal information that could be misused to generate revenue in various ways. If there is a reason to believe that this malware is installed on the operating system, then it should be removed immediately.

Happychoose Ransomware

Happychoose ransomware removal instructions

What is Happychoose?

Happychoose is a part of GlobeImposter ransomware family. Typically, software of this type encrypts files, changes their filenames and creates some ransom note. Happychoose renames files by appending the ".happychoose" extension to their filenames. For instance, it changes "1.jpg" to "1.jpg.happychoose", and so on. It also creates the "Decryption INFO.html" file (ransom note) and drops it in every folder that contains encrypted data. POP-UP Scam (Mac)

How to remove redirects to apl-def[.]com from Mac?

What is apl-def[.]com?

Apl-def[.]com is a deceptive site, running several different scam variants. By claiming that the visitors' device is infected or that their Internet connection is insecure - it attempts to trick them into downloading/installing nonoperational, untrustworthy or malicious software. Few users access websites like apl-def[.]com intentionally, usually they get redirected by intrusive advertisements or by PUAs (Potentially Unwanted Applications), already infiltrated into the device.

SepSys Ransomware

sepSys ransomware removal instructions

What is sepSys?

Like most ransomware-type programs, sepSys encrypts files, modifies their filenames and creates a ransom note. This particular ransomware renames files by appending the ".sepsys" extension to their filenames. For example, it renames a file named "sample.jpg" to "sample.jpg.sepsys", and so forth. It creates a ransom note which is a HTML file named "README.html", this note contains details like price of a decryption tool, instructions on how to purchase it, and some other information.

Roundcube Email Scam

"Roundcube" email removal guide

What is the "Roundcube" email scam?

"Roundcube" email (subject: "- NOTIFICATION - Storage Full") is deceptive letter. Supposedly from Roundcube - a legitimate email service provider, the letter claims that recipients' have reached their mail storage limit and if immediate actions are not taken - their account will be blocked. It must be emphasized that this scheme has no connection to the genuine Roundcube email client and is using the name with malicious intent. This is a phishing scam, designed to steal users' email account credentials (log-ins and passwords), for the purpose of gaining full control over said mail accounts. Redirect redirect removal instructions

What is is an address of a fake search engine. Typically, fake search engines are promoted through various potentially unwanted applications (PUAs), mostly browser hijackers. Research shows that is promoted through a browser hijacker called SApp+, however, it may be promoted through other apps of this type as well. As a rule, browser hijackers promote fake search engines/their addresses by changing browser's settings. Also, applications of this type are often designed to gather various information. In most cases PUAs are downloaded and installed unintentionally, unknowingly.

Voodoosrc POP-UP Scam (Mac)

How to remove "Voodoosrc" from Mac?

What are the "Voodoosrc" sites?

Voodoosrc is a group of deceptive websites, which are designed to run various online scams. It has been observed promoting the "Dear Safari User, You Are Today's Lucky Visitor" scheme, however other scams can be accessed through these sites as well. Few visitors access pages of this type intentionally, most get redirected to them via redirects caused by intrusive advertisements or by PUAs (Potentially Unwanted Applications). Users should note that these apps do not need explicit permission to be installed onto the systems.

CrowdExclusive Adware (Mac)

How to remove CrowdExclusive from Mac?

What is CrowdExclusive adware?

CrowdExclusive is an adware-type application. It is promoted as a tool, designed to improve the browsing quality. Instead the app diminishes it, due to the intrusive advertisement campaigns that it runs. In other words, it delivers various annoying and even harmful ads. Due to its dubious proliferation methods, it is also considered to be a PUA (Potentially Unwanted Application).


Page 1 of 916

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal