Virus and Spyware Removal Guides, uninstall instructions

What is blpsearch.com?

The developers present blpsearch.com as a legitimate Internet search engine, however, this site is promoted using deceptive software 'installers', which hijack web browsers (Internet Explorer, Google Chrome, and Mozilla Firefox) and modify settings without users' permission.

In addition, blpsearch.com continually monitors web browsing activity by collecting various user/system information.

What is digitalsmirror[.]com?

Digitalsmirror[.]com is one of many rogue websites that should be avoided. It is very similar to pushzonex.com, browsers.top and pushtouchme.info. Its main purpose is to redirect visitors to dubious websites or display deceptive, malicious content.

Most visitors do not open this website intentionally - they are redirected it by potentially unwanted applications (PUAs) installed on their systems. PUAs cause unwanted redirects, open dubious websites, serve users with advertisements, and collect various user-system information relating to browsing habits.

What is "DataTransportation"?

DataTransportation is a browser app (extension) that usually infiltrates browsers without permission. Therefore, people do not generally download and install this app intentionally. Installations of DataTransportation are caused by other potentially unwanted applications (PUAs) that are categorized as adware.

To cause these unwanted installations, adware-type apps must already be installed on the system. Most users download and install PUAs inadvertently.

What is P3rf0rm4?

First discovered by malware security researcher, fuyun, P3rf0rm4 is yet another ransomware-type virus that belongs to the Paradise malware family. After successful infiltration, P3rf0rm4 encrypts most stored files and appends filenames with the ".p3rf0rm4" extension plus the victim's unique ID and developer's email address.

For instance, "sample.jpg" might be renamed to a filename such as "sample.jpg_J5oayd_{babyfromparadise666@gmail.com}.p3rf0rm4". Once data is encrypted, P3rf0rm4 opens a pop-up window and places a text file called "Instructions with your files.txt" on the desktop.

What is Emotet?

Emotet trojan (also known as Geodo) is high-risk malware designed to record personal data and proliferate other viruses. Research shows that Emotet infiltrates systems without users' consent.

After successful infiltration, this malware modifies system settings and uses the infiltrated computer to proliferate itself further. Cyber criminals usually spread this virus using spam email campaigns.

What kind of malware is Win32/Skeeyah?

Win32/Skeeyah (also known as Trojan:win32/skeeyah.A) is a trojan-type infection that stealthily infiltrates computers and allows cyber criminals to manipulate infected systems. The presence of this infection can cause various problems, including additional computer infections and privacy issues. Trojans such as Win32/Skeeyah infiltrate computers without users' consent.

What is Luces?

Discovered by Michael Gillespie, Luces is yet another variant of high-risk ransomware called Djvu. After successful infiltration, Luces encrypts most stored data and appends filenames with the ".luces" extension. For instance, "sample.jpg" is renamed to "sample.jpg.luces".

As well as encrypting data, Luces creates a text file ("_readme.txt") and places a copy in every existing folder.

What is Metan?

Metan belongs to the GarrantyDecrypt ransomware family and was discovered by Michael Gillespie. It is categorized as ransomware, a program used by cyber criminals to prevent users from accessing their files by encrypting data stored on their computers. These computer infections allow developers (cyber criminals) to blackmail victims by making ransom demands.

Metan renames all encrypted files by adding the ".metan" extension. For example, "1.jpg" becomes "1.jpg.metan". It also creates a ransom message within a text file ("#HOW TO DECRYPT FILES#.txt"), which can be found in folders that contain encrypted files.

What is pushfuns.com?

Similar to pushzonex.com, browsers.top, pushtouchme.info, and many others, pushfuns.com is a rogue website designed to redirect users to other dubious sites and deliver content. Users typically visit pushfuns.com inadvertently - they are redirected by potentially unwanted applications (PUAs) or intrusive advertisements displayed on other dubious websites.

PUAs usually infiltrate computers without permission and, as well as causing redirects, deliver intrusive advertisements and gather information.

What is Rabbit?

Ransomware-type programs generally encrypt data stored on computers, which allows developers (cyber criminals) to blackmail victims by making ransom demands. Rabbit ransomware does not encrypt data but locks the computer screen and displays a ransom demand window. This ransomware-type program was discovered by MalwareHunterTeam.