Virus and Spyware Removal Guides, uninstall instructions

Avaddon Ransomware

What kind of malware is Avaddon?

This ransomware was discovered by GrujaRS. Avaddon encrypts files with the AES encryption algorithm and encrypts an AES key using the RSA algorithm. It also changes the desktop wallpaper and renames all files by appending the ".avdn" extension. For example, it renames a file named "1.jpg" to "1.jpg.avdn", "2.jpg" to "2.jpg.avdn", and so on.

Instructions about how to access the website, which victims must supposed use to pay the ransom, are provided in the "[random_numbers]-readme.html" file. Avaddon drops this file in every folder that contains encrypted files.

   
.rar (Jigsaw) Ransomware

What is .rar (Jigsaw)?

.rar (Jigsaw) malware is a part of the Jigsaw ransomware family. It encrypts files, modifies their filenames and displays a ransom message (pop-up window). It renames all encrypted files by appending the ".rar" extension to filenames. For example, it renames "1.jpg" to "1.jpg.rar", "2.jpg" to "2.jpg.rar", and so on.

Note that .rar is the extension of RAR, a legitimate archive file format and it is just a coincidence that this ransomware uses the same extension. Note also that it is possible to decrypt files encrypted by .rar (Jigsaw) ransomware with a free decryption tool developed by Emsisoft.

   
Kreberisec Adware (Mac)

What is Kreberisec?

Kreberisec has characteristics of browser hijackers and adware: it changes certain browser settings to promote the address of a fake search engine and displays advertisements. It might also be capable of accessing and collecting browsing-related information.

Commonly, users download and install programs such as Kreberisec unintentionally and, therefore, they are categorized as potentially unwanted applications (PUAs). This particular app is distributed through a deceptive Adobe Flash Player installer.

   
ProduceStyle Adware (Mac)

What is ProduceStyle?

ProduceStyle is a rogue application categorized as adware. It runs intrusive ad campaigns (i.e., delivers various dubious and harmful advertisements). Additionally, this app has browser hijacker traits, such as browser settings modification and promotion of fake search engines.

ProduceStyle promotes Safe Finder via akamaihd.net. Since most users download/install this adware unintentionally, it is also classified as a Potentially Unwanted Application (PUA). Most apps of this type record browsing-related information, and it is highly likely that ProduceStyle does so as well.

   
Kkll Ransomware

What is Kkll?

Kkll is a malicious program belonging to the Djvu ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools/software. During the encryption process, all compromised files are appended with the ".kkll" extension.

For example, a file originally named something like "1.jpg" would appear as "1.jpg.kkll" following encryption. Once this process is complete, a ransom message ("_readme.txt") is created in all affected folders.

   
TiktokSearches Browser Hijacker

What is TiktokSearches?

TiktokSearches is a browser hijacker which assigns certain browser settings to tiktok-searches.com, the address of a fake search engine. It is also very likely to gather browsing-related and/or other information. Users often download and install apps such as TiktokSearches inadvertently and, therefore, they are categorized as potentially unwanted applications (PUAs).

   
Professeur Ransomware

What is the Professeur ransomware?

Professeur is malicious software belonging to the Jigsaw ransomware family. It is designed to encrypt the data of infected systems in order to demand payment for decryption. During the encryption process, all compromised files are appended with the ".Professeur" extension.

For example, a file originally named something like "1.jpg" would appear as "1.jpg.Professeur" following encryption. After this process is complete, a pop-up window is displayed containing the ransom-demand message. Note that Professeur ransomware can be decrypted with free decryption software developed by Emsisoft.

   
Search4Moviex Browser Hijacker

What is Search4Moviex?

Search4Moviex is a browser hijacker, and promoted as a tool for easy access to cinema-related content. It can allegedly provide information concerning actors, directors, movies and so on. After successful installation, Search4Moviex changes certain browser settings to promote blpsearch.com, a fake search engine.

Additionally, it has data tracking abilities, which it employs to monitor users' browsing activity. Due to its dubious proliferation methods, Search4Moviex is also classified as a Potentially Unwanted Application (PUA).

   
Kupidon Ransomware

What is Kupidon?

Discovered by MalwareHunterTeam, Kupidon is malicious software that is classified as ransomware. This malware encrypts data in order to demand ransoms for decryption tools. During the encryption process, all files are appended with the ".kupidon" extension.

For example, a file originally named something like "1.jpg" would appear as "1.jpg.kupidon" following encryption. After this process is complete, a ransom message within the "!KUPIDON_DECRYPT.TXT" file is dropped into every affected folder.

   
PGP Ransomware

What is PGP?

PGP is malicious software, which is part of the Dharma ransomware family. This malware is designed to encrypt data and demand ransoms for decryption tools. During the encryption process, all affected files are renamed following this pattern: original filename, unique ID assigned to the victims, cyber criminals' email address and the ".pgp" extension.

For example, a file like "1.jpg" would appear as something similar to "1.jpg.id-1E857D00.[openpgp@foxmail.com].pgp" after encryption. Once this process is complete, ransom messages are created in a pop-up window and "FILES ENCRYPTED.txt" text file.

   

Page 1118 of 2106

<< Start < Prev 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal