Virus and Spyware Removal Guides, uninstall instructions

Aqva Ransomware

What is Aqva?

First discovered by malware security researcher, Jakub Kroustek, Aqva is a new variant of high-risk ransomware called Dharma. After successful system infiltration, Aqva encrypts most existing files and appends filenames with the ".aqva" extension together with the victim's unique ID and developer's email address.

For instance, "sample.jpg" is renamed to "sample.jpg.id-1E857D00.[crypted_files@qq.com].aqva". Once data is encrypted, Aqva opens a pop-up window and generates a text file ("FILES ENCRYPTED.txt"), placing it on the victim's desktop.

   
O2 Bill Email Virus

What is "O2 bill Email Virus"?

Cyber criminals proliferate the "O2 bill Email Virus" scam by sending emails to many people. This method is known as a spam campaign.

The main objective of this scam is to infect computers with the Emotet, high-risk malicious program, which can cause privacy issues and infect computers with additional programs of this type. Do not trust these emails or open attachments presented within them.

   
Cekisan Ransomware

What is Cekisan?

Cekisan is a ransomware-type virus discovered by Michael Gillespie. It is a new variant of another ransomware infection called Snatch. Once infiltrated, Cekisan encrypts most stored data and appends filenames with the ".cekisan" extension. For example, "sample.jpg" becomes "sample.jpg.cekisan".

Once data is encrypted, Cekisan generates a text file ("Readme_Restore_Files.txt") and places it in every existing folder. This file contains a ransom message.

   
Snatch Ransomware

What is Snatch?

Discovered by Michael Gillespie, Snatch is high-risk computer infection categorized as ransomware. Programs of this type are developed by cyber criminals. They use ransomware to encrypt data stored on computers and blackmail victims by demanding ransom payments.

Snatch creates a ransom message within a text file called "Readme_Restore_Files.txt" and renames encrypted files by adding the ".snatch" extension (updated variants append ".jimm", ".googl", ".dglnl", ".ohwqg", ".wvtr0", and ".hceem" extensions). For example, "1.jpg" becomes "1.jpg.snatch".

   
Search.hpdfconverterhub.com Redirect

What is search.hpdfconverterhub.com?

search.hpdfconverterhub.com is a fake search engine that claims to improve the browsing experience by providing quick access to popular websites and generating improved results.

Judging on appearance alone, search.hpdfconverterhub.com may seem legitimate and useful, however, developers proliferate this app using a browser-hijacking app called PDF Converter Hub, which supposedly helps users to view and convert PDF files.

In addition, search.hpdfconverterhub.com and PDF Converter Hub are designed to gather information relating to browsing activity.

   
Enewssubspush.info POP-UP Redirect

What is enewssubspush.info?

Identical to deparationew.info, stalluva.pro, uniquecaptcha.com, concreasun.info, and many others, enewssubspush.info is a rogue site designed to display dubious content and cause redirects. Visitors typically arrive at this site inadvertently - they are redirected by potentially unwanted applications (PUAs) or intrusive ads displayed on other rogue sites.

PUAs are likely to infiltrate systems without users’ permission. In addition to causing redirects, these apps also generate intrusive advertisements and record user-system information.

   
Efishedo.info POP-UP Redirect

What is efishedo.info?

Developers of the efishedo.info rogue website have designed it to redirect visitors to other dubious sites or to display malicious content. The site is very similar to other websites of this type including, for example, deparationew.info, concreasun.info, and verifycaptcha.com. Note that there are many more virtually identical web pages.

Most people end up visiting efishedo.info unintentionally - they are redirected to it by potentially unwanted apps (PUAs) that they install inadvertently. These apps force people to visit untrustworthy websites, feed them with intrusive ads, and collect various data.

   
Durington.info POP-UP Redirect

What is durington.info?

durington.info is an untrustworthy, rogue website that has similar behavior to many others of this type such as deparationew.info, concreasun.info, and verifycaptcha.com. The site displays dubious content or redirects users to other dubious websites. Note, however, that most people are forced to visit durington.info by potentially unwanted apps (PUAs) that they install unintentionally.

Therefore, most people do not visit this site willingly. Furthermore, PUAs feed users with intrusive advertisements and collect browsing-related information.

   
Beta Bot Trojan

What is Beta Bot?

Beta Bot (also known as BetaBot or Neurevt) is high-risk infection that significantly diminishes system resistance to various other infections.

Developers often proliferate Beta Bot using spam email campaigns, instant messaging programs, and infected USB drives. Following infiltration, Beta Bot disables any installed anti-virus/anti-spyware suites and prevents users from accessing cyber security websites. In addition, Beta Bot gathers private information.

   
SEED LOCKER Ransomware

What is SEED LOCKER?

This ransomware was discovered by Emmanuel_ADC-Soft. SEED LOCKER is a malicious program that belongs to the Everbe ransomware family. Like most ransomware-type programs, it is used to encrypt data (make it unusable) and make ransom demands.

After encryption, files affected by this ransomware have a new, additional extension (".seed"). For example, a file named "1.jpg" is renamed by SEED LOCKER to "1.jpg.seed". The program also generates a ransom message within the "!#_How_to_decrypt_files_#!" text file.

   

Page 1659 of 2317

<< Start < Prev 1651 1652 1653 1654 1655 1656 1657 1658 1659 1660 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal