Virus and Spyware Removal Guides, uninstall instructions

Cetori Ransomware

What kind of malware is Cetori?

Discovered by Michael Gillespie, Cetori is a high-risk ransomware-type infection that belongs to the Djvu family.

After successful infiltration, Cetori encrypts most stored files and appends filenames with the ".cetori" extension (e.g., "sample.jpg" becomes "sample.jpg.cetori"). Once encryption is complete, Cetori generates a "_readme.txt" file and stores copies in most existing folders.

   
PreApp Browser Hijacker

What is PreApp?

PreApp is a browser hijacker, a potentially unwanted application (PUA), however, developers claims that it helps to browse the web more efficiently.

Typically, browser hijackers change browser settings, thereby promoting fake search engines. In this case, PreApp promotes searchnewworld.com. Before opening this site, however, it directs users through other dubious web addresses such as my-search.com and searchroute-1560352588.us-west-2.elb.amazonaws.com.

   
Rembrandium.com Ads

What is rembrandium[.]com?

The Internet is full of rogue websites and rembrandium[.]com is one of them. It shares many similarities with lesindingretne.info, dredrewlaha.infogetmedia.me and others. Designed to cause redirects to unreliable and possibly malicious content, it also present users with likewise dangerous content.

Most visitors to rembrandium[.]com access it unintentionally. They are redirected from other untrustworthy sites (precisely, via intrusive ads) or have rembrandium[.]com force-opened by PUAs (potentially unwanted applications). It should be noted that these applications do not require express user permission to be installed onto their devices.

   
Live Radio Now Browser Hijacker

What is Live Radio Now?

Live Radio Now supposedly provides quick links to popular online radio stations. Unfortunately, this app is a browser hijacker that changes browser settings to promote a dubious (fake) search engine (search.hliveradionow.com) and collects various user-system data.

Live Radio Now is also known as a potentially unwanted application (PUA), since most people download or install it unintentionally (they are tricked). Additionally, developers distribute Live Radio Now with another PUA called Hide My Searches. I.e., developers attempt to trick users into installing two PUAs at once.

   
Shark PC Protector Unwanted Application

What is Shark PC Protector?

Shark PC Protector software supposedly scans computers for various threats in real-time, provides real-time protection, a firewall, browsing protection, and an 'on request' scan.

This may seem to be a useful tool to protect your computer from potential dangers, however, Shark PC Protector is a potentially unwanted application (PUA) and most people download and install programs of this type unintentionally.

Developers distribute PUAs by adding them to the set-ups of other software - they do this to trick people into downloading and/or installing unwanted programs through set-ups of regular software.

   
Push4free.com Ads

What is push4free[.]com?

Push4free[.]com is a dubious website, akin to dredrewlaha.infonewsfrog.megoodmedia.me and countless others. It operates by redirecting to untrustworthy/dangerous sites and presenting users with highly suspect, potentially malicious content. It should be mentioned that it is rarely accessed intentionally.

Most visitors enter it by way of redirection from other unreliable sites (or more accurately, the intrusive advertisements they host) or by having it force-opened by PUAs (potentially unwanted applications). Said apps rarely require user permission to invade their systems. PUAs are designed to cause undesirable redirects, deliver invasive ad campaigns and track user data.

   
Maps Utility Browser Hijacker

What is Maps Utility?

Identical to Quick Local Weather, Your Email Simplified, Get Free Translations, and many others, Maps Utility is a rogue application that supposedly provides GPS-related functionality.

Its appearance suggests that Maps Utility is a legitimate and useful application, however, it is categorized as a browser hijacker and a potentially unwanted application (PUA), since it often infiltrates computers without permission, promotes a fake search engine, and records data relating to browsing activity.

Maps Utility is distributed together with another browser-hijacking app called Hide My Search.

   
Newsredir.com Ads

What is newsredir[.]com?

Newsredir[.]com is a rogue website, one of many thousands out there. Sharing similarities with clckworld.clubloteron.comciessimple.pro and countless others. It causes unauthorized redirects and forces visitors to consume highly unreliable/malicious content.

It should be known that users rarely access this site intentionally, most get redirected from compromised sites (specifically, through intrusive advertisements found therein) or by having it opened by PUAs (potentially unwanted applications). These undesired apps rarely invade systems consensually.

They operate by redirecting users to dangerous websites, delivering likewise hazardous invasive ad campaigns and gathering information on browsing activity.

   
Viagra Ransomware

What is Viagra?

Like most ransomware-type programs, Viagra is designed to encrypt files (in this case, using AES-256 and RSA-4096 encryption algorithms) and deny access to them unless a ransom is paid. It also creates an HTML file named "README-VIAGRA-E3m7Zwvk.HTML", which contains instructions about how to decrypt files.

Note that the "E3m7Zwvk" string within the filename of the ransom text file might differ. Also, Viagra changes the filename extension of each encrypted file.

For example, "1.jpg" might be renamed to a filename such as ".1.jpg.uwUkwUbvsWJR9sP+TVp9cw==E3m7". The appended extension is a string of random characters. Filenames of files stored on other computers infected with Viagra might be changed with a different random string of characters.

   
Newsmode.me Ads

What is newsmode[.]me?

There are many rogue websites similar to newsmode[.]me. Other examples include naneso[.]com, vakogid[.]com, and ciessimple[.]pro. Typically, these web pages cause unwanted redirects to untrustworthy, potentially malicious sites or display suspicious content.

People do not generally visit sites such as newsmode[.]me intentionally - they are forced to open them by PUAs (potentially unwanted applications) installed on their browsers or operating systems.

Most users download and install PUAs unintentionally. In addition to causing unwanted redirects, PUAs often display unwanted ads and gather information relating to users' browsing habits.

   

Page 1412 of 2177

<< Start < Prev 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal