Virus and Spyware Removal Guides, uninstall instructions

Forms Wizard Browser Hijacker

What is Forms Wizard?

Forms Wizard supposedly provides quick access to various online forms, however, it is a potentially unwanted application (PUA) categorized as a browser hijacker. Typically, browser hijackers promote the addresses of fake search engines and gather information relating to users' browsing habits.

Forms Wizard promotes search.formswizardtab.com by changing certain browser settings. People often download and install browser hijackers (and other PUAs) unintentionally.

   
Goweb App Browser Hijacker

What is Goweb App?

Goweb App is a browser hijacker. Typically, software with this classification is endorsed in dubious ways, and often under the guise of "useful" tools. Browser hijackers promote fake search engines (in the case of Goweb App, searchnewworld.com).

Furthermore, most browser hijackers possess data tracking capabilities, which are employed to record browsing-related information. Most users install Goweb App inadvertently, and thus it is also categorized as a Potentially Unwanted Application (PUA).

   
mSearches Startpage Browser Hijacker

What is mSearches Startpage?

mSearches Startpage is a potentially unwanted application (PUA), a browser hijacker which promotes msearches.com, the address of a fake search engine.

Generally, browser hijackers change certain browser settings to the promoted URL. Furthermore, most apps of this type collect details relating to browsing activity. People tend to download and install browser hijackers inadvertently, and are thus classified as PUAs.

   
Vpnprotectplus.com POP-UP Scam (Mac)

What is vpnprotectplus[.]com?

vpnprotectplus[.]com is a deceptive website that attempts to trick visitors into installing a potentially unwanted application (PUA). It notifies people that it has detected viruses on their device and encourages them to remove the threats with some dubious software.

We strongly advise against trusting websites such as vpnprotectplus[.]com or downloading/installing software advertised through them. Typically, these websites are opened via deceptive advertisements, dubious websites or PUAs installed on browsers and/or operating systems.

   
Reliableultimatesafevideoplayers.info POP-UP Scam (Mac)

What is reliableultimatesafevideoplayers[.]info?

reliableultimatesafevideoplayers[.]info is a deceptive website, which claims that Adobe Flash Player is outdated. It has several purposes: promotion of a fake Flash Player updater and other similar scam web pages.

Rogue updaters are commonly used to proliferate untrustworthy (e.g. potentially unwanted applications [PUAs]) and other malicious software/files (e.g. ransomware, trojans and other malware). Note that reliableultimatesafevideoplayers[.]info has been observed redirecting to agentvitamin[.]pw, bananapatent[.]pw and other deceptive web pages.

Few visitors access this site intentionally - most people are redirected by intrusive ads or Potentially Unwanted Applications (PUAs).

   
Biggerupdateforvideos.best POP-UP Scam (Mac)

What is biggerupdateforvideos[.]best?

biggerupdateforvideos[.]best is a deceptive website used to trick visitors into installing unwanted software through a fake Adobe Flash Player installer. Research shows that biggerupdateforvideos[.]best downloads a file that installs two potentially unwanted applications (PUAs): Advanced Mac Tuneup and SearchItNow.

It also promotes the address of a fake search engine (searchbaron.com). We strongly recommend against trusting biggerupdateforvideos[.]best or opening any files that can be downloaded from this site.

   
.harma (Ouroboros) Ransomware

What is .harma (Ouroboros)?

Discovered by malware researcher S!Ri, .harma (Ouroboros) is a ransomware-type malicious program belonging to the Ouroboros malware family. Systems infected with this software have data encrypted and victims receive ransom demands for decryption tools/software.

During the encryption process, all affected files are renamed with the ".harma" extension, which has been used by other ransomware from the Dharma family.

To elaborate on how files appear following encryption, a filename like "1.jpg" would appear as "1.jpg.harma". After this process is complete, two files ("INFO.exe" and "ReadMe.txt") containing the ransom messages are stored on the desktop.

   
My Package Homepage Browser Hijacker

What is My Package Homepage?

The My Package Homepage app supposedly provides a package tracking service, however, this rogue software is categorized as a browser hijacker, a potentially unwanted application (PUA) that promotes a fake search engine (search.hmypackagehomepage.com) and gathers browsing data.

Like most browser hijackers, My Package Homepage promotes its associated URL (in this case, search.hmypackagehomepage.com) by changing browser settings. Note that people often download and install apps of this type inadvertently.

   
Search.doc2pdfsearch.com Redirect (Mac)

What is search.doc2pdfsearch.com?

Practically identical to doctopdfsupreme.com, search.pricklybears.com, and many others, search.doc2pdfsearch.com is a fake search engine and promoted by the DOC2PDF Convert browser hijacker. These rogue applications modify browsers and restrict/deny access to settings.

Additionally, most browser hijackers have data tracking abilities, which are employed to record browsing-related information. Due to the dubious methods used to distribute DOC2PDF Convert, it is also classified as a Potentially Unwanted Application (PUA).

   
Doctopdfsupreme.com Redirect (Mac)

What is doctopdfsupreme.com ?

doctopdfsupreme.com is a fake search engine which is promoted through a potentially unwanted application (PUA), a browser hijacker called docpdfsupreme (or docpdfsupreme - Search the web and convert PDF).

Typically, browser hijackers promote fake search engines by changing certain browser settings, however, most also gather details relating to users' browsing activities. Apps of this type are classified as PUAs, since people usually download and install them inadvertently.

   

Page 1414 of 2289

<< Start < Prev 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal