Virus and Spyware Removal Guides, uninstall instructions

What is Kraken 2.0?

Kraken 2.0 is a ransomware-type virus recently discovered by malware security researcher, Leo. Following infiltration, Kraken 2.0 encrypts most stored data, however, unlike many other ransomware viruses, it does not change filenames or append any extensions. Despite this, the encrypted data is unusable. Following successful encryption, Kraken 2.0 opens a pop-up window.

What is search.olivernetko.com?

By falsely claiming to be an Internet search engine, search.olivernetko.com aims to give the impression of legitimate software. In fact, this site is promoted as a 'bundle' with various other applications. In addition, search.olivernetko.com continually gathers information relating to users' web browsing activity.

What is "nRansom"?

nRansom is a ransomware-type virus that stealthily infiltrates computers and blocks access to the system. Today, this behavior is quite uncommon to ransomware-type viruses - most encrypt files.

Furthermore, there are two variants of nRansom virus: the first discovered by MalwareHunterTeam; and, the second, by Karsten Hahn. After blocking access to the system, nRansom displays a lock screen with a ransom-demand message.

What is Robin Hood And Family?

Robin Hood And Family is a ransomware-type virus discovered by malware security researcher, Rommel Joven. Robin Hood And Family is not conventional ransomware, since it does not encrypt data - it deletes it and, therefore, is termed "wiper ransomware".

After successfully deleting data, Robin Hood And Family creates a text file ("YOU ARE HACKED - READ ME.txt"), placing it on the desktop. The file contains a ransom-demand message.

What is search.searchmmap.com?

Maps Driving Directions is a deceptive application that supposedly enables GPS-related functionality. Judging on appearance alone, Maps Driving Directions may seem legitimate and useful, however, this application is categorized as a potentially unwanted program (PUP) and a browser hijacker.

There are three main reasons for these negative associations: 1) installation without users' consent; 2) promotion of a fake web search engine [search.searchmmap.com], and; 3) tracking of the web browsing activity.

What is NMCRYPT?

NMCRYPT is a high-risk ransomware-type virus similar to NM4. Once infiltrated, NMCRYPT encrypts most stored data using AES-256 and RSA-2048 encryption algorithms.

In addition, this malware appends filenames with the ".NMCRYPT" extension. For example, "sample.jpg" is renamed to "sample.jpg.NMCRYPT". Encrypted files become unusable. Once the encryption process is over, NMCRYPT generates an HTML file ("Recover your files.html") and places a copy in every existing folder.

What is Black Heart?

Black Heart (also known as BlackRouter) is a ransomware-type virus discovered by malware security researcher, Jakub Kroustek. Immediately after infiltration, Black Heart encrypts most stored data and appends filenames with the ".pay2me" extension.

Compromised data immediately becomes unusable. After successfully encrypting data, Black Heart opens a pop-up window and creates a text file ("ReadME-BLackHeart.txt"), placing a copy in each existing file.

What is WANNACRY DETECTED?

Displayed by a dubious website, "WANNACRY DETECTED" is a fake error similar to Application.exe Has Stopped Working, Windows Detected ZEUS Virus, Your Device Is Under Threat, and many other similar sites. 

Research shows that users are redirected to this website by various potentially unwanted programs (PUPs) that typically infiltrate computers without users' consent. In addition to redirects, PUPs deliver various ads, misuse system resources, and gather sensitive data.

What is TrickBot?

TrickBot is trojan-type malware designed to steal users' private data. Research shows that, in most cases, developers proliferate TrickBot using spam emails, however, it might also be distributed using fake Adobe Flash Player updates. This virus was first identified in late 2016 targeting various financial institutions, banks, and credit card providers (for more information click here).

In late 2017, cryptomining became very popular, and for this reason, TrickBot was updated and now also targets cryptowallets. Besides, TrickBot can spread itself further and infect as many computers as possible.

What is MaxiCrypt?

MaxiCrypt is a ransomware-type virus recently discovered by malware security researcher, Michael Gillespie. Once infiltrated, MaxiCrypt encrypts most stored data and renames files using the "[random_letters_and_digits].[maxicrypt@cock.li].maxicrypt" pattern.

For example, any file could be renamed to something like "aMo8Il1AfG5KnMoL51sAVoqP.[maxicrypt@cock.li].maxicrypt". Encrypted files become unusable and indistinguishable. After successfully encrypting files, MaxiCrypt generates a text file ("How to restore your data.TXT") and places a copy in every existing folder.