Virus and Spyware Removal Guides, uninstall instructions

Bomba Ransomware

Bomba ransomware removal instructions

What is Bomba?

Bomba is a piece of malicious software, belonging to the Scarab ransomware family. Systems infected with this malware have their data encrypted and receive payment demands for the decryption tools/software. During the encryption process, all affected flies are appended with the ".bomba" extension. For example, a file originally named something like "1.jpg" would appear as "1.jpg.bomba" - following encryption. Once this process is finished, a ransom note - "HOW TO RECOVER ENCRYPTED FILES.TXT" is dropped into every compromised folder. Additionally, Bomba ransomware disables Windows Task Manager.

iMacCleaner Unwanted Application (Mac)

How to remove iMacCleaner from Mac?

What is iMacCleaner?

iMacCleaner is advertised as a software which improves computer performance by cleaning unwanted files, browser cache and uninstalling unwanted software. However, this app is categorized as a potentially unwanted application (PUA) because of the method that developers use to distribute it: they include iMacCleaner as an additional offer in setups of other programs. It is common that users download and install such apps unknowingly, unintentionally.

RecognitionAssist Adware (Mac)

How to remove RecognitionAssist from Mac?

What is RecognitionAssist?

RecognitionAssist is a potentially unwanted application (PUA) which is designed to operate both as a browser hijacker and adware. It changes certain browser's settings to an address of a fake search engine and feeds users with advertisements. It is known that this app promotes the Safe Finder page, it does that by opening that page via, another shady address. Also, it is common that apps like RecognitionAssist are designed to gather information related to user's browsing habits. The main reason why such apps are categorized as PUAs is because users tend to download and install them unknowingly.

SIGARETA Ransomware

SIGARETA ransomware removal instructions


SIGARETA is one of the malicious programs that belong to the NEFILIM ransomware family, this particular ransomware was discovered by GrujaRS. Typically, malware of this type encrypts victim's files, modifies their filenames and creates and/or displays a ransom note. SIGARETA renames encrypted files by appending the ".SIGARETA" extension to their filenames. For example, it renames "1.jpg" to "1.jpg.SIGARETA", "2.jpg" to "2.jpg.SIGARETA", and so on. Instructions on how to contact cyber criminals behind SIGARETA can be found in "SIGARETA-RESTORE.txt" text file/ransom note.

Enced Ransomware

Enced ransomware removal instructions

What is Enced?

Discovered by Amigo-A, Enced (also known as PedoFinder/PedoTrap ransomware) is a ransomware-type malicious program. Typically, malware classified as ransomware encrypts data and demands payment for the decryption tools. However, at the time of research, Enced did not encrypt the data of infected systems. Following successful infiltration, this malware creates a ransom note, titled "READ_ME.html". The message within threatens users with exposing them as pedophiles and publicizing their identity, unless they pay a ransom.

Sdkkxbh Ransomware

Sdkkxbh ransomware removal instructions

What is Sdkkxbh?

Sdkkxbh is a part of Snatch ransomware family, it was discovered by Joakim Kennedy. Like most programs of this type, this ransomware encrypts files, modifies their filenames and provides victims with instructions on how to contact its developers (creates a ransom note). Sdkkxbh renames encrypted files by appending the ".sdkkxbh" extension to their filenames. For instance, it renames "1.jpg" to "1.jpg.sdkkxbh", "2.jpg" to "2.jpg.sdkkxbh", etc. It drops the "HOW TO RESTORE YOUR FILES.TXT" ransom note in every folder that contains encrypted files.

Task Manager Tab Browser Hijacker

Task Manager Tab browser hijacker removal instructions

What is Task Manager Tab?

Task Manager Tab is a potentially unwanted application (PUA) which is advertised as a tool that includes features such as online calculator, calendar and to do list. Although, its primary goal is to change certain browser's settings to - to promote a fake search engine. Quite often apps of this type are designed to collect information related to user's browsing activities as well. Browser hijackers are categorized as PUAs because users often download and install them unintentionally, unknowingly.

File Conversion Now Browser Hijacker

File Conversion Now browser hijacker removal instructions

What is File Conversion Now?

File Conversion Now is a rogue application, advertised as an easy access tool to file format converters. It is categorized as a browser hijacker, due to the modifications it makes to browsers in order to promote - an illegitimate search engine. This app also possesses data tracking abilities, which are employed to spy on users' browsing activity. Software that is distributed via dubious methods is considered to be PUAs (Potentially Unwanted Applications) and File Conversion Now is not an exception to this. It is noteworthy that File Conversion Now is often installed alongside another PUA - Hide My History.

Get Quick Directions Browser Hijacker

Get Quick Directions browser hijacker removal instructions

What is Get Quick Directions?

Get Quick Directions is browser hijacker which is designed to promote (address of a fake search engine) by modifying certain browser's settings. Also, it may be designed to function as information tracking tool/collect various data. More often than not users download and install apps of this type unknowingly, therefore, they are categorized as potentially unwanted applications (PUAs).

Institut Za Zdravstvo Srbije Email Virus

"Institut za zdravstvo Srbije" removal guide

What is "Institut za zdravstvo Srbije"?

It is not uncommon that cyber criminals attempt to exploit the coronavirus crisis in various ways. This malspam campaign is disguised as a COVID-19 themed letter from Institute of Health of Serbia regarding distribution of protective equipment, cyber criminals behind it attempt to trick recipients into infecting their computers with GuLoader through the malicious executable in the attached archive file. Therefore, it is strongly recommend not to trust this email and leave its attachment unopened.


Page 1 of 997

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal