Virus and Spyware Removal Guides, uninstall instructions

Pro Flip Adware

What is Pro Flip?

Identical to eAdvisor and Enhance Pro, Pro Flip is a rogue application that falsely claims to save time and money by providing various coupons for e-shops. Many users believe that Pro Flip is legitimate and useful, however, it is categorized as a potentially unwanted program (PUP) and adware.

This app infiltrates systems without users' permission, delivers intrusive online advertisements, and continually gathers various information relating to web browsing activity.

X3M Ransomware

What is X3M?

X3M is a ransomware-type virus discovered by Jakub Kroustek. This malware is very similar to CryptON CryptoLocker ransomware. After successfully infiltrating the system, X3M encrypts files and appends filenames with the ".id-[victim’s ID]_[]_[].x3m" extension.

For instance, "sample.jpg" is renamed to "[victim’s ID]_[]_[].x3m". Following successful encryption, X3M changes the desktop wallpaper and creates an HTML file ("### HOW TO DECRYPT FILES ###.html"), placing it on the desktop.

Zorro Ransomware

What is Zorro?

Zorro is a ransomware-type virus discovered by malware researcher, Lawrence Abrams. Once infiltrated, this malware encrypts files and appends the ".zorro" extension to the name of each compromised file. For example, "sample.jpg" is renamed to "sample.jpg.zorro".

Zorro then creates a text file ["Take_Seriously (Your saving grace).txt"], placing it on the desktop wallpaper.

AngleWare Ransomware

What is AngleWare?

Identical to MafiaWare, AngleWare is a ransomware-type virus developed using an open-source ransomware project called Hidden Tear.

Once infiltrated, this malware encrypts files using AES-256 cryptography and  appends the ".AngleWare" extension to the name of each encrypted file (e.g., "sample.jpg" might be renamed to "sample.jpg.AngleWare"). In addition, AngleWare creates a text file ("READ_ME.txt") containing a ransom-demand message and places it on the desktop. Redirect (Mac)

What is (also known as is a fake Internet search engine that generates the most relevant search results, and also provides users with the latest news trending on the Internet.

Judging on appearance alone, this website may seem legitimate, however, continually records various data relating to Internet browsing activity. Furthermore, developers promote this site using rogue application installers that modify Internet browser settings without users' permission. Redirect

What is

According to developers, the Test My SPEEDS app allows users to test Internet performance. Judging on appearance alone, Test My SPEEDS may appear legitimate and useful, however, it is categorized as a potentially unwanted program (PUP) and a browser hijacker.

There are three main reasons for these negative associations: 1) installation without consent; 2) stealth modification of web browser settings, and; 3) tracking of users' Internet browsing activity.

NowUSeeIt Player Adware

What is NowUSeeIt Player?

NowUSeeIt Player is a deceptive app claiming to provide a feature allowing users to play online videos without using Internet browsers - "The NowUSeeIt Player is based on one simple but brilliant idea: an enjoyable online video viewing experience – without the browser! The NowUSeeIt Player offers seamless online video viewing directly on your desktop while working, browsing the Web or gaming."

On initial inspection, this application may seem legitimate and useful, however, NowUSeeIt Player is classed as adware and a potentially unwanted program (PUP). After NowUSeeIt Player successfully infiltrates the system without users' permission, it displays intrusive online advertisements and tracks Internet browsing activity.

Crypt0L0cker Ransomware [Updated]

What is Crypt0L0cker?

Crypt0L0cker (or TorrentLocker) is a ransomware infection that infiltrates computers using infected email message attachments (message topics often include: “package tracking”, ”speeding tickets”, “unpaid invoice”, etc.) Note that cyber criminals localise these spam email messages to make them appear legitimate.

For example, computer users located in the United Kingdom receive fake email messages claiming to be package tracking messages from Royal Mail, PC users from Australia receive messages from Australia Post, etc. After successful infiltration, this malware encrypts files on victims' computers and demands ransom payments of 2.2 Bitcoin to decrypt them.

Crypt0l0cker ransomware (some newer variants use the name CryptoLocker) encrypts all files found on victims' computers except the following: .html, .inf, .manifest, .chm, .ini, .tmp, .log, .url, .lnk, .cmd, .bat, .scr, .msi, .sys, .dll, .exe,  .avi, .wav, .mp3, .gif, .ico, .png, .bmp, and .txt (files needed for normal Windows operation).

Vortex Ransomware

What is Vortex?

Vortex is a ransomware-type virus developed using AESxWin - an open-source file encryption project. This malware is virtually identical to the Polski and Flotera viruses. Following successful infiltration, Vortex encrypts various files using AES-256 cryptography and appends the ".aes" (or ".ZABLOKOWANE") extension to the name of each encrypted file.

For example, a file such as "sample.jpg" might be renamed to "sample.jpg.aes". Once the files are encrypted, Vortex creates a text file (ODZSZYFRUJ-DANE.txt" (or "#$# JAK-ODZYSKAC-PLIIKI.txt"), placing it on the desktop. Redirect (Mac)

What is

Identical to, is a fake Internet search engine that falsely claims to enhance the web browsing experience by generating improved results.

These claims often trick users into believing that is legitimate and useful, however, developers promote this site by employing rogue download/installation set-ups that hijack web browsers and stealthily modify various options. Furthermore, continually records various information relating to users' Internet browsing activity.


Page 1636 of 2012

<< Start < Prev 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 Next > End >>
About PCrisk

PCrisk logo

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal