Virus and Spyware Removal Guides, uninstall instructions

What is Iiss?

Belonging to the Djvu ransomware family, Iiss encrypts files, modifies their filenames by appending its extension and creates a ransom message in all folders that contain encrypted files. It renames encrypted files by appending the ".iiss" extension to filenames.

For example, "1.jpg" is renamed to "1.jpg.iiss", "2.jpg" to "2.jpg.iiss", and so on. Instructions about how to contact Iiss's developers and other details are provided in "_readme.txt" text files (the ransom message).

What is Take mytab?

Take mytab is a browser hijacker. Following successful infiltration, this piece of rogue software changes browser settings to promote keysearchs.com (a fake search engine). Rogue search engines cannot provide unique results, and so they redirect to genuine sites.

Where Take mytab redirects to depends on users' geolocations. Additionally, this browser hijacker monitors browsing activity. Due to the dubious techniques used to proliferate Take mytab, it is also classified as a Potentially Unwanted Application (PUA).

What is AllStreamSearch?

Like most browser hijackers, AllStreamSearch promotes a fake search engine. In this case, by changing certain browser settings to allstreamsearch.com. It also records data relating to users' browsing habits. Commonly, users download and install browser hijackers inadvertently and, therefore, apps of this type are categorized as potentially unwanted applications (PUAs).

What is _encrypted (RRansom) ransomware?

Discovered by xiaopao, _encrypted (RRansom) is a malicious program classified as ransomware. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, files are appended with the "_encrypted" extension.

For example, a file originally named something like "1.jpg" would appear as "1.jpg_encrypted" following encryption. After this process is complete, a ransom message within the "README_encrypted.txt" file is created.

What is Evil?

Evil is malware belonging to the Jigsaw ransomware family. It is designed to encrypt victims' files, modify their filenames and display a pop-up window (containing a ransom message). Evil renames files by appending the ".evil" extension. For example, "1.jpg" is renamed to "1.jpg.evil", "2.jpg" to "2.jpg.evil", etc.

What is Cyber Search?

Cyber Search is a browser hijacker which changes certain browser settings to cybersearch.xyz, adds the "Managed by your organization" feature to Google Chrome browsers, and collects private, sensitive information. Generally, users download and install apps such as Cyber Search (browser hijackers) inadvertently.

This particular app is distributed via a fake installer for Adobe Flash Player and, therefore, is categorized as a potentially unwanted application (PUA).

What is PDFConverterSearch4Free?

PDFConverterSearch4Free is rogue software categorized as a browser hijacker. It operates by making changes to browser settings to promote pdfconvertersearch4free.com (a fake search engine). Additionally, most browser hijackers have data tracking capabilities, which are employed to monitor users' browsing activity - PDFConverterSearch4Free is no exception to this.

Due to the dubious techniques used to proliferate browser hijackers, they are also classified as Potentially Unwanted Applications (PUAs).

What is Szymekk ransomware?

Discovered by GrujaRS, Szymekk is a malicious program and a new variant of Cobra Locker ransomware. Following successful infiltration, this malware encrypts data and locks the device's screen in order to demand ransoms for decryption and restoration of access.

During the encryption process, all affected files are appended with the ".Szymekk" extension. For example, a file originally named something like "1.jpg" would appear as "1.jpg.Szymekk" following encryption. After this process is complete, the screen is locked and a message is displayed on it.

What is DreamTrip?

DreamTrip software is classified as adware because it serves various advertisements. Note that there are many apps of type that are designed to serve ads and gather information. Typically, users download and install adware-type apps inadvertently and, for this reason, they are classified as potentially unwanted applications (PUAs).

Research shows that this particular app is distributed via a malicious installer.

What is AnoymouS ransomware?

Discovered by malware researcher S!Ri, AnoymouS is a malicious program classified as ransomware. Systems infected with this ransomware have their data encrypted and users receive ransom demands for decryption tools. During the encryption process, all affected files are appended with the ".AnoymouS" extension.

For example, a file originally named something like "1.jpg" would appear as "1.jpg.AnoymouS", "2.jpg" as "2.jpg.AnoymouS", and so on. After this process is complete, ransom messages within "Message_Important.txt" files are dropped into compromised folders.