Virus and Spyware Removal Guides, uninstall instructions

What is search60.com?

Developers present search60.com as a high-end Internet search engine that generates improved results and, therefore, enhances the browsing experience.

On initial inspection, search60.com may seem legitimate and useful, since its appearance barely differs from Google, Bing, Yahoo, and other legitimate search engines. In fact, this site gathers sensitive data. Furthermore, developers promote it using deceptive download/installation set-ups that modify Internet browser options without permission.

What is search.manroling.com?

Identical to search.cuttinsledge.com, search.yofitofix.com, search.romandos.com, and many others, search.manroling.com is a fake Internet search engine claiming to enhance the browsing experience by generating improved results. Judging on appearance alone, search.manroling.com barely differs from Google, Bing, Yahoo, and other legitimate search engines.

Therefore, many users believe that search.manroling.com is also legitimate and useful. In fact, developers promote this website via rogue download/installation set-ups that hijack web browsers and stealthily modify various settings. In addition, search.manroling.com records sensitive data (mostly relating to users' Internet browsing activity).

What is "Threats Detected"?

"Threats Detected" is a fake pop-up error displayed by various malicious websites. Research shows that users are often redirected to these websites by various potentially unwanted programs (PUPs). These rogue programs usually infiltrate systems without permission.

As well as causing redirects, potentially unwanted programs run spurious processes, deliver 'malvertising' ads (coupons, banners, pop-ups, etc.), and gather various information.

What is ABC?

A recently-discovered ransomware-type virus called ABC is designed to stealthily infiltrate the system and encrypt most stored data. Henceforth, the affected files became unusable. During encryption, ABC also appends filenames with an extension comprising eight random digits and letters.

For instance, "sample.jpg" might be renamed to a filename such as "sample.jpg.f49idjty". Immediately after encryption, ABC generates an HTML file ("READ_IT.html"), placing it in every existing folder.

What is search.microcosmtab.com?

search.microcosmtab.com is a fake Internet search engine that supposedly enhances the web browsing experience by generating improved results and providing quick access to popular websites. Initially, this site may appear legitimate and useful, however, search.microcosmtab.com is promoted via a deceptive application called Microcosm.

This app claims to allow users to change new tab backgrounds and display local weather forecasts. It may seem legitimate, however, Microcosm usually infiltrates systems without permission.

Furthermore, it is designed modify web browser options without permission and record various user-system information. For these reasons, Microcosm is categorized as a potentially unwanted program (PUP) and a browser hijacker.

What is XZZX?

XZZX is a new variant of high-risk ransomware called CryptoMix. This malware was first discovered by computer security researcher, Lawrence Abrams. Immediately after infiltration, XZZX encrypts stored data using AES and RSA encryption algorithms.

During encryption, XZZX renames files using the "[32_random_digits_and_letters].XZZX" pattern.

For instance, "sample.jpg" is renamed to a filename such as "2333F86C00C22D4CC955649603FBD1BC.XZZX". From this point, it becomes impossible to use and distinguish files. After successfully encrypting data, XZZX places a "_HELP_INSTRUCTION.TXT" file in each existing folder.

What is "The Mercury Text Font Was Not Found"?

"The Mercury Text Font Was Not Found" is a fake error message claiming that a certain font is missing. Note that, unlike other fake errors, "The Mercury Text Font Was Not Found" is not displayed by malicious websites.

Developers hijack poorly-protected sites (mostly, WordPress content management systems) and inject them with malicious JavaScript code designed to corrupt website text. Therefore, the affected site appears broken - users are asked to download a font pack to fix this issue and view the site correctly. In fact, these downloads lead to high-risk computer infections.

What is jCandy?

Discovered by malware security researcher, JAMESWT, jCandy is a ransomware-type virus designed to stealthily infiltrate the system and encrypt most stored data. During encryption, jCandy appends filenames with the ".Locked-jCandy" extension (e.g., "sample.jpg" is renamed to "sample.jpg.Locked-jCandy").

From this point, files become unusable. Immediately after encryption, jCandy opens a pop-up windows and places a text file ("JCANDY_INSTRUCTIONS.txt") on the desktop.

What is search.cuttinsledge.com?

search.cuttinsledge.com is a fake Internet search engine identical to search.ishimotto.com, search.romandos.com, search.yofitofix.com, and many others. According to the developers, search.cuttinsledge.com significantly enhances users' Internet browsing experience by generating the most relevant search results.

Furthermore, its appearance barely differs from Google, Bing, Yahoo, and other legitimate search engines.

For these reasons, many users believe that search.cuttinsledge.com is also legitimate and useful. In fact, developers promote this site via browser-hijacking download/installation set-ups that modify browser settings without permission. In addition, search.cuttinsledge.com continually records various information.

What is Cyber Police?

First discovered by malware security researcher, Lawrence Abrams, and Based on an open-source ransomware project called Hidden Tear, Cyber Police is a virus that stealthily infiltrates systems and encrypts files using AES cryptography. During encryption, Cyber Police adds the ".locked" extension to the name of each encrypted file.

For example "sample.jpg" is renamed to "sample.jpg.locked". Following successful encryption, Cyber Police changes the desktop wallpaper and places the "READ_IT.txt" file on the desktop.