Virus and Spyware Removal Guides, uninstall instructions

Exe (JigSaw) Ransomware

What is Exe (JigSaw)?

Discovered by Jirehlov, Exe (JigSaw), belongs to the Jigsaw ransomware family. This ransomware encrypts files (a list of targeted formats is provided below) and renames them by appending the ".exe" extension to their filenames. For example, it renames "1.jpg" to "1.jpg.exe", and so on.

Exe (JigSaw) also displays a pop-up window, which contains a ransom message and can be used to pay the ransom.

   
TabSearch Adware (Mac)

What is TabSearch?

TabSearch is a rogue app belonging to the AdLoad adware family. It operates by displaying various intrusive advertisements that diminish the browsing experience and carry certain risks. Additionally, this application shares common traits with browser hijackers, such as alteration of browser settings to promote a fake search engine.

Due to its dubious proliferation methods, TabSearch is also categorized as a Potentially Unwanted Application (PUA). It has been observed proliferating via bogus Flash Player updaters, which commonly spread not just PUAs, but malware as well. Note that most unwanted apps (adware-types and browser hijackers included) have data tracking capabilities.

   
Quick Maps And Directions Chromium Browser

What is Quick Maps and Directions?

Chromium is an open-source project from Google. Many browsers are based on Chromium code, but few are legitimate. This project is often misused to develop browsers that operate as adware (display ads), browser hijackers (promote fake search engines and gather browsing-data), or as potentially unwanted applications (PUAs).

Quick Maps and Directions is one of these rogue browsers and is therefore classified as a PUA. Research shows that Quick Maps and Directions is designed to promote hquickmapsanddirections.com, the address of a fake search engine.

   
Mool Ransomware

What is Mool?

Mool is malicious software which is a part of the Djvu family of ransomware-type programs. It prevents victims from accessing their files by encryption. Mool changes filenames of all encrypted files by appending the ".mool" extension. For example, it renames a file named "sample.jpg" to "sample.jpg.mool", and so on.

It also creates a ransom message in a text file named "_readme.txt". This message contains instructions about how to contact the cyber criminals who designed Mool, plus other details.

   
Email Assistant Chromium Browser

What is Email Assistant?

Based on a legitimate, open-source project called Chromium, Email Assistant is a rogue browser. It can supposedly enhance the browsing experience with such features as improved privacy, security, speed and quick access to user-preferred email services, however, this untrusted piece of software operates as adware (i.e., delivers intrusive advertisements).

It also promotes a fake search engine (hemailaccessonline.com) and monitors users' browsing activity. Due to these dangerous capabilities and its dubious proliferation methods, Email Assistant browser is classed as a Potentially Unwanted Application (PUA).

   
JackSparrow Ransomware

What is JackSparrow?

Discovered by S!Ri, JackSparrow belongs to the Ouroboros ransomware family. The program encrypts files and changes filenames by adding the ".encrypted" string.

For example, a file named "1.jpg" is changed to "1.encrypted.jpg", and so on. JackSparrow also displays a pop-up window which contains instructions about how to contact the developers plus some other details.

   
PublicAdviseSearch Adware (Mac)

What is PublicAdviseSearch?

PublicAdviseSearch is a potentially unwanted application (PUA) that is part of the AdLoad adware family. PublicAdviseSearch serves intrusive advertisements and promotes the address of a fake search engine. It is very likely that it also gathers browsing-related (and other) data.

Note that PublicAdviseSearch is promoted and installed through a fake Adobe Flash Player installer. In most cases, people download and install these apps unintentionally.

   
SearchOptical Adware (Mac)

What is SearchOptical?

Part of the AdLoad adware family, SearchOptical is a rogue application that operates by running intrusive advertisement campaigns (i.e. it delivers various undesirable and even harmful ads). Additionally, it shares traits with browser hijackers including modification of browser settings and promotion of fake search engines.

Most apps within the this classification (adware and browser hijackers) possess data tracking capabilities, which are employed to monitor users' browsing activity. SearchOptical often infiltrates systems via bogus Adobe Flash player updates, which are typically spread through scams such as "Latest version of Adobe Flash Player" and other dubious proliferation methods.

Therefore, it is also classed as a Potentially Unwanted Application (PUA). Note that fake software updaters are often used to proliferate PUAs and malware (e.g. ransomware, trojans, etc.).

   
Xbvpnvee Ransomware

What is Xbvpnvee?

Xbvpnvee is malicious software belonging to the Snatch ransomware family. It is designed to encrypt the data of infected systems and demand payment for decryption tools/software. When this malware encrypts, all affected files are appended with the ".xbvpnvee" extension.

For example, "1.jpg" would appear as "1.jpg.xbvpnvee", and so on for all compromised files. Once this process is complete, a ransom message within the "HOW TO RESTORE YOUR FILES.TXT" file is dropped into each encrypted folder.

   
Dataf0ral1.com POP-UP Scam (Mac)

What is dataf0ral1[.]com?

dataf0ral1[.]com operates in a similar way to mob1ledev1ces[.]com and faters0upload[.]com, however, there are many of other web pages of this type. When visited, the site downloads a .dmg file, a fake Adobe Flash Player installer. Typically, fake Adobe Flash Player installers are designed to install potentially unwanted applications (PUAs).

For example, browser hijackers and adware. In some cases, they install malicious software including Trojans, ransomware, and other high-risk malware. Note that people do not usually visit pages like dataf0ral1[.]com intentionally - they are opened via clicked deceptive advertisements, untrustworthy web pages or PUAs already installed on the browser or operating system.

   

Page 1417 of 2315

<< Start < Prev 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal