Virus and Spyware Removal Guides, uninstall instructions

Amber Ransomware

What is Amber?

Discovered by Jakub Kroustek, Amber is a malicious program, a new variant of Dharma, and classified as ransomware. Like most computer infections of this type, it encrypts data and blocks access to files, which allows developers to blackmail victims and demand ransom payments.

Amber is designed to rename encrypted files by adding an additional ".amber" extension plus a unique victim ID and the developer's email address. For example, "1.jpg" becomes "1.jpg.id-1E857D00.[korvin0amber@cock.li].amber". It also creates a "RECOVERY FILES.txt" text file and displays a pop-up window.

   
Frend Ransomware

What is Frend?

Discovered by Jakub Kroustek, Frend is a new variant of high-risk ransomware called Dharma. Once infiltrated, Frend encrypts most stored files and appends filenames with the ".frend" extension plus the victim's ID and developer's email address.

For instance, "sample.jpg" is renamed to "sample.jpg.id-1E857D00.[undogdianact1986@aol.com].frend". Once data is encrypted, Frend places the "FILES ENCRYPTED.txt" text file on the victim's desktop and opens a pop-up window.

   
Newpush.support POP-UP Redirect

What is newpush.support?

newpush.support is one of many rogue websites, the number of which is growing daily. Examples of other virtually identical sites include bodelen.com, mobnootiffy.com, and lameterthenhep.info. The main goal of this website is to display dubious content or force visitors to open other dubious websites.

Typically, people end up visiting newpush.support due to potentially unwanted applications (PUAs) installed on their browsers or operating systems. PUAs are often installed inadvertently, force users to visit untrustworthy websites and feed them with intrusive ads, and collect data.

   
Search.fegline.com Redirect (Mac)

What is Search.fegline.com?

search.fegline.com is a fake, dubious search engine and similar to many others of this kind including search.blueslaluz.com, search.getmybestyear.com, and search.byomlapp.com. Although the site it is promoted as legitimate and useful, its main purpose is to gather browsing-related information.

Furthermore, developers promote this search engine using rogue downloaders/installers that modify browser settings.

   
Search.blueslaluz.com Redirect (Mac)

What is search.blueslaluz.com?

search.blueslaluz.com is a fake search engine virtually identical to many others of this type including search.getmybestyear.com, search.byomlapp.com, and search.kimosachi.com.

This site is presented as a legitimate search engine capable of providing an enhanced browsing experience (faster searches, more accurate search results, and so on), however, like most search engines, it is promoted using rogue downloaders/installers designed to modify affected browser settings. Furthermore, when used, search.blueslaluz.com records browsing-related data.

   
Colorian Adware (Mac)

What is Colorian?

Colorian is an adware-type potentially unwanted application (PUA) that promotes a fake search engine (search.thecolorian.com).

Despite this, developers promote Colorian as an app that provides daily 'colouring pages'. Generally, applications such as Colorian are promoted and distributed using a deceptive marketing method called "bundling". Therefore, most people install this app inadvertently.

   
Scotiabank Email Virus

What is "Scotiabank Email Virus"?

"Scotiabank Email Virus" is a scam that is proliferated using spam campaigns. The main goal of scammers behind this scam is to infect computers with a high-risk computer infection - the TrickBot trojan virus. To achieve this, they attempt to trick "Scotiabank Email Virus" email recipients to open the included attachment.

Generally, opening malicious attachments (or web links) presented in emails of this type results in download and installation of various malicious programs. We advise you to ignore this and other similar emails. Never trust these bogus email messages.

   
_Write_To_Emails_ Ransomware

What is _Write_To_Emails_?

_Write_To_Emails_ is another ransomware-type computer infection that is designed to block access to data stored on computers. This ransomware encrypts all files, thus allowing developers to blackmail victims by making ransom demands (encouraging them to purchase decryption tools).

This is a new variant of Matrix ransomware and was discovered by MalwareHunterTeam. _Write_To_Emails_ changes all encrypted filenames by adding a string that contains the ransomware name and a number of email addresses. For example, "1.jpg" becomes "1_Write_To_Emails_[Jingju87@naver.com][Loder903@gmail.com].jpg", and so on.

It also creates over 50 .rtf files (MS Office documents) - these are ransom message that contain identical text and are called "Read_Me_T0_Rest0re_Files1.rtf", "Read_Me_T0_Rest0re_Files2.rtf", and so on. The only difference between these names is the number of the the ransom message. Furthermore, _Write_To_Emails_ also changes the desktop wallpaper.

   
Cryptotes Ransomware

What is Cryptotes?

Discovered by Michael Gillespie, Cryptotes is a malicious, ransomware-type program and a new variant of RotorRansomware. Cyber criminals use computer infections of this type to encrypt data stored on victims' computers and to extract money from affected people by making ransom demands.

Cryptotes is designed to add a new extension (".cryptotes") to each encrypted file, which also includes an email address. For example, "1.jpg" becomes "1.jpg.!ymayka-email@yahoo.com.cryptotes". It also creates a "readme.txt" file.

   
Search.beautiful-calendar.com Redirect (Mac)

What is search.beautiful-calendar.com?

Not all search engines are as legitimate and useful as developers state in their promotions. Many are fake and with dubious purposes. Note that search.beautiful-calendar.com is a fake search engine promoted using rogue downloaders and installers. Most downloaders/installers modify browser settings.

You are advised not to use search.beautiful-calendar.com, since it records data. Other examples of these rogue search engines include search.getmybestyear.com, search.byomlapp.com, and search.kimosachi.com.

   

Page 1457 of 2106

<< Start < Prev 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal