Virus and Spyware Removal Guides, uninstall instructions Redirect

What is

Developers present as an Internet search engine that significantly enhances the browsing experience by generating improved search results, displaying local weather forecasts, allowing users to create 'a to-do list', and providing a a number of other 'features'.

Judging on appearance alone, may appear legitimate and useful, however, this website records various user-system information relating to Internet browsing activity. Furthermore, developers promote it by employing deceptive download/installation set-ups that modify web browser settings without permission.

FastoPlayer Ads

What is FastoPlayer?

FastoPlayer is supposedly a media player that provides a wide range of media-related features (for example, video download, format conversion, file sharing, etc.) - "Fasto player - The fastest player you will ever use! Our FAST media player with Automatic sub-title download and private browsing.

Plays, downloads and bookmarks all popular video formats. Build your video library!" These false claims often trick users to install, however, be aware that FastPlayer generates intrusive online advertisements and tracks Internet browsing activity. This app is categorized as a potentially unwanted program (PUP) and adware.

Kirk Ransomware

What is Kirk?

Kirk is a ransomware-type virus that claims to be a network stress tool called "Low Orbital Ion Cannon". This ransomware was first discovered by malware researcher Jakub Kroustek. Following successful infiltration, Kirk encrypts files and appends filenames with the ".kirked" extension (for example, "sample.jpg" is renamed to "sample.jpg.kirked").

A pop-up window is then displayed and a text file ("RANSOM_NOTE.txt") created and placed on the desktop. Both contain identical ransom-demand messages. This virus also creates a file called "pwd", and places it in each folder containing encrypted data. This file contains the victim's password, which is also encrypted. Redirect

What is is a fake Internet search engine that falsely claims to enhance the Internet browsing experience by generating improved search results. Judging on appearance alone, barely differs from Google, Bing, Yahoo, and other legitimate search engines.

Therefore, many users believe that is also legitimate and useful. In fact, it is promoted via rogue download/installation set-ups that modify web browser settings without permission. Furthermore, continually gathers various data relating to users' Internet browsing activity.

All_Your_Documents.rar Ransomware

What is All_Your_Documents.rar?

All_Your_Documents.rar (also known as ROSHALOCK 2.00) is ransomware-type virus discovered by security researcher Michael Gillespie.

As with other ransomware-type viruses, All_Your_Documents.rar infiltrates systems without users' consent, however, it does not encrypt files - it compresses all files to a single password-protected archive (called "All_Your_Documents.rar"). All_Your_Documents.rar then creates a text file ("All Your Files in Archive!.txt") and places it on the desktop. Browser Hijacker

What is

The browser redirect issue is caused by a browser toolbar developed by ReSoft Ltd. This browser add-on is compatible with Internet Explorer, Google Chrome, and Mozilla Firefox. The SnapDo toolbar promises to enhance Internet users' browsing experience by displaying quick links to social networks, Wikipedia, radio stations, etc.

While this added functionality may seem useful, many computer users report that the toolbar was installed on their Internet browsers without their consent and they experience unwanted redirects to Redirects to this website are not related to malware or viruses, however, computer users who experience this problem, are likely to have been tricked into installing the SnapDo toolbar when downloading or installing free software. Redirect (Mac)

What is

Identical to,,, and many others, is a fake Internet search engine that falsely claims to generate improved search results. 

Judging on appearance alone, may seem legitimate and useful, however, this website is promoted via deceptive download/installation set-ups that hijack Internet browsers and stealthily modify various options. Furthermore, continually gathers various user-system information.

Turkish FileEncryptor Ransomware

What is Turkish FileEncryptor?

Turkish FileEncryptor is a ransomware-type virus that stealthily infiltrates systems and encrypts various data. During encryption, Turkish FileEncryptor appends the ".encryption" extension to the name of each encrypted file (for example, "sample.jpg" is renamed to "sample.jpg.encrypted").

Furthermore, this virus creates an XML file for each encrypted file. These files are named using the "[encrypted_file_name].manifest.xml" pattern (for example, "sample.manifest.xml"). Turkish FileEncryptor then creates a text file ("Beni Oku.txt") and opens a pop-up window (very similar to CTB-Locker pop-up), both containing ransom-demand notes.

Free WiFi Hotspot Adware

What is Free WiFi Hotspot?

Free WiFi Hotspot is a deceptive application that falsely claims to allow users to share their Internet connections via WiFi. On initial inspection, this functionality may appear legitimate and useful, however, Free WiFi Hotspot often infiltrates systems without users' permission (the "bundling" method).

Furthermore, it delivers intrusive online advertisements and collects various user-system information relating to Internet browsing activity. For these reasons, Free WiFi Hotspot is categorized as adware and a potentially unwanted program (PUP).

Revenge Ransomware

What is Revenge?

Revenge is a new variant of a ransomware-type virus called CryptoMix. It is also very similar to CryptoShield (another variant of CryptoMix ransomware). Criminals proliferate Revenge via a RIG Exploit Kit. They hack various websites and inject Javascript code that searches for visitors' computer vulnerabilities and attempts to install this ransomware.

Following infiltration, Revenge terminates a number of processes (to get access to various data) and starts encrypting files using AES-256 cryptography. In addition, this virus renames encrypted files using the "[32_random_characters].REVENGE" pattern. For instance, "sample.jpg" might be renamed to "G89AL1H0PJM34GNHEQBYF2DAZM820K4L.REVENGE" or similar.

Furthermore, Revenge runs several commands to delete Shadow Volume Copies and disable Windows Startup Recovery. It then creates a text file ("# !!!HELP_FILE!!! #.txt"), placing it in each folder containing encrypted files.


Page 1639 of 2012

<< Start < Prev 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 Next > End >>
About PCrisk

PCrisk logo

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal