Virus and Spyware Removal Guides, uninstall instructions

Baraka Team Ransomware

What is Baraka Team?

Discovered by dnwls0719, Baraka Team is the name of malicious software classified ransomware. Systems infected with this malware have their data encrypted so that ransom demands can be made for decryption tools/software.

Most ransomware-type programs rename compromised files and/or append them with an extension during the encryption process, however, Baraka Team malware does not modify filenames. After encryption is complete, a ransom message ("ReadmeCrypto.txt") is dropped onto the desktop, the wallpaper of which is also changed.

   
Request For Quotation Email Virus

What is the "Request for quotation" email?

"Request for quotation" is a scam email designed to proliferate the Agent Tesla Remote Access Tool (RAT).

When used for malicious purposes, it is classified as a Remote Access Trojan. The emails supposedly concern an urgent order and recipients are asked to provide relevant specification of this potential purchase, however, opening the attached file starts the infection process (i.e. download/installation of the Agent Tesla RAT).

   
Chinz Ransomware

What is Chinz?

Chinz belongs to the Phobos ransomware family. This is a typical ransomware infection designed to encrypt files, modify their filenames, and provide instructions about how to contact the developers regarding decryption.

Chinz changes the name of each encrypted file by adding the victim's ID, yuzhou13@tutanota.com email address, and appending the ".chinz" extension to the filename.

For example, it would rename a file called "1.jpg" to "1.jpg.id[1E857D00-2875].[yuzhou13@tutanota.com].chinz", "2.jpg" to "2.jpg.id[1E857D00-2875].[yuzhou13@tutanota.com].chinz", and so on. It also displays a ransom message in a pop-up window and creates another in the "info.txt" text file.

   
Secure Parking Email Virus

What is the "Secure Parking" email?

"Secure Parking" is the name of a spam email campaign. These scam messages are disguised as final warning notifications from Secure Parking, a legitimate international parking service provider. Note that the email is in no way connected to the genuine Secure Parking car park operator.

The messages claim that recipients have received a fine for parking violations, which must be addressed immediately. Rather than containing information relating to the incident and issued fine, the attached file starts the infection process/chain of Taurus Stealer malware.

When opened (and after the instructions provided within the document are carried out), the file begins downloading/installing this malicious program.

   
Perfect Startpage Browser Hijacker

What is Perfect Startpage?

Perfect Startpage browser hijacker promotes perfectstartpage.com, a fake search engine, by modifying specific browser settings. These apps also collect information relating to users' browsing habits. People often download and install browser hijackers inadvertently and, therefore, they are categorized as potentially unwanted applications (PUAs).

   
DataSearchLauncher Adware (Mac)

What is DataSearchLauncher?

DataSearchLauncher is a potentially unwanted application (PUA), which has characteristics of adware-type apps and browser hijackers. I.e., it serves advertisements and changes certain browser settings (to promote addresses of fake search engines). These apps are cateogorized as PUAs, since users often download and install them inadvertently.

Research shows that people install DataSearchLauncher through a deceptive Adobe Flash Player installer. Note that PUAs often gather certain data.

   
Searches.network Redirect (Mac)

What is searches.network?

searches.network is a fake search engine which displays results generated by webcrawler.com, another bogus search engine. Research shows that searches.network is promoted through a potentially unwanted application (PUA), a browser hijacker that users often install through a deceptive Adobe Flash Player installer.

Typically, browser hijackers promote fake search engines by modifying certain browser settings. Note that they are categorized as PUAs, since users often download and install them unintentionally.

   
VirtualDeskSearch Adware (Mac)

What is VirtualDeskSearch?

VirtualDeskSearch is an adware-type application with browser hijacker traits. Following successful installation, this app runs intrusive advertisement campaigns and modifies browser settings to promote bogus search engines. Most adware infections and browser hijackers gather browsing-related data, and it is highly likely that VirtualDeskSearch does so as well.

Since most users download/install VirtualDeskSearch inadvertently, it is classified as a Potentially Unwanted Application (PUA). One dubious technique used to distribute this application is through fake Adobe Flash Player updates. Note that bogus software updaters/installers also proliferate malware (e.g. trojans, ransomware, etc.).

   
Gooogle.page Redirect

What is gooogle.page?

gooogle.page is the address of a fake search engine, which is promoted through a browser hijacker called Palo APP. In most cases, these apps promote fake search engines by changing browser settings, however, research shows that this particular app does not necessarily change them to promote gooogle.page.

Note that, in most cases, users download and install browser hijackers inadvertently and, therefore, they are categorized as potentially unwanted applications (PUAs). Furthermore, these apps often record data.

   
Mist Stealer

What is the Mist Stealer?

Mist is a malicious program classified as a stealer. This malware exfiltrates (i.e., steals) various sensitive information. The Mist stealer primarily targets cryptocurrency wallets, saved log-in credentials (usernames and passwords), certain browsing information and data stored in specific locations on the infected system.

This piece of malicious software is dangerous and can lead to serious issues.

   

Page 1103 of 2106

<< Start < Prev 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal