Virus and Spyware Removal Guides, uninstall instructions

Virus-encoder Ransomware

Virus-encoder ransomware removal instructions

What is Virus-encoder?

Virus-encoder (also known as GetCrypt) is the name of ransomware-type program that is designed by cyber criminals. They use programs of this type to encrypt files stored on people's computers and to keep them encrypted (locked) unless a decryption tool is purchased (ransom is paid). Virus-encoder was discovered by GrujaRS, this ransomware mimics another program of this type which is called Cerber. It creates a text file (ransom note) named "# DECRYPT MY FILES #.txt" and renames all encrypted files by adding an extension that contains four random letters. For example, if a file is named "1.jpg", then Virus-encoder will change it to "1.jpg.ELSH" and so on. This ransomware also changes its victim's desktop wallpaper. Once installed, it also runs a malicious process in the Task Manager, it is named "Tky If Dos".

   
Knowwoow.com POP-UP Ads

Knowwoow[.]com redirect removal instructions

What is knowwoow[.]com?

knowwoow[.]com is a rogue website designed to deliver unreliable content and redirect users to various unreliable websites. It is very similar to tinhowsinutha.pro, androponhowrow.info, feenotifyfriends.info, and hundreds of other rogue sites. As with the listed examples, users visit knowwoow[.]com inadvertently - they get redirected by potentially unwanted applications and intrusive ads displayed in various unreliable sites. Potentially unwanted applications (PUAs) are notorious for infiltrating computers without user's consent. It is also worth noting that these applications not only cause unwanted redirects, but also generate various advertisements and record sensitive data.

   
Ferosas Ransomware

Ferosas ransomware removal instructions

What is Ferosas?

Ferosas is a ransomware-type program that encrypts data and forces victims to pay a ransom (purchase a decryption tool/key from cyber criminals who designed it). This malicious program belongs to the Djvu ransomware family, it was discovered by Michael Gillespie. Ferosas modifies names of encrypted files by adding the ".ferosas" extension (i.e., renames "1.jpg" to "1.jpg.ferosas" and so on), and puts a ransom note (the "_readme.txt" file) in folders that contain encrypted data.

   
Hanstrack.com Browser Hijacker

Hanstrackr[.]com redirect removal instructions

What is hanstrackr[.]com?

hanstrackr[.]com is a rogue website promoted via various rogue plug-ins. In fact, crooks also promote this site by hijacking legitimate plug-ins and injecting them with malicious code, so that developers would continually encounter redirects to hanstrackr[.]com whenever a malicious/compromised plug-in is installed and enabled. What's more important is that this site is designed to deliver questionable content, as well as use visitor's computer to mine cryptocurrency.

   
ge0l0gic Ransomware

ge0l0gic ransomware removal instructions

What is ge0l0gic?

It is possible that ge0l0gic is a targeted ransomware, the ransom note is addressed to a company named Geo Logic Systems Ltd. However, it might be used to target anyone else as well. This ransomware was discovered by GrujaRS. It is designed to add the ".ge0l0gic" extension to every encrypted file. For example, ge0l0gic renames "1.jpg" to ".1jpg.ge0l0gic" and so on. Each encrypted file has its own ransom note, so a note for a file named "1.jpg" would be "1.jpg.ge0l0gic_readme.txt". Besides, once a computer is infected, ge0l0gic starts running a malicious process in Task Manager that is disguised as "Free Audio Converter".

   
Your Package Tracked Now Browser Hijacker

Your Package Tracked Now browser hijacker removal instructions

What is Your Package Tracked Now?

Your Package Tracked Now is a browser app that supposed to allow its users to track their packages and access popular pages directly from their browsers. Unfortunately, this app is a browser hijacker, a potentially unwanted application (PUA) that is designed to change browser's settings (to promote search.hyourpackagetrackednow.com fake search engine). Very often, apps of this type are designed to gather browsing-related data too.

   
Tinhowsinutha.pro POP-UP Ads

Tinhowsinutha[.]pro redirect removal instructions

What is tinhowsinutha[.]pro?

Similar to fortorsarrabse.info, deloplen.com, checkpost.space, and many others, tinhowsinutha[.]pro is a rogue website that feeds users with unreliable content and redirects them to questionable sites. As with listed examples, users visit tinhowsinutha[.]pro inadvertently. They get redirected by potentially unwanted applications and intrusive ads displayed in other rogue sites. Note that potentially unwanted applications (PUAs) typically infiltrate computers without asking for a permission. In addition to causing redirects, these applications also deliver a variety of intrusive advertisements and record various data.

   
Search.bunnybarny.com Redirect (Mac)

How to remove search.bunnybarny.com browser hijacker from Mac?

What is search.bunnybarny.com?

Search.bunnybarny.com is one of the many fake search engines that is promoted through a variety of browser hijacking applications/installers. For example, the File Compressor Pro unwanted app. Search.bunnybarny.com is very similar to other search engines of this type such as search.pogypog.com, search.yadbazelet.com, searchv.dooryov.com and many others. Browser hijackers that promote them to change the browser's settings and collect various information about user's browsing activities.

   
Local Weather Radar Now Browser Hijacker

Local Weather Radar Now browser hijacker removal instructions

What is Local Weather Radar Now?

Local Weather Radar Now is presented as a legitimate weather forecast application. Judging on its appearance alone, Local Weather Radar Now actually seems appropriate and handy. In reality, however, it is categorized as a potentially unwanted application (PUA) and a browser hijacker. That's because this application stealthily infiltrates the system without asking for a permission. In addition, Local Weather Radar Now promotes a fake web search engine (search.hlocalweatherradarnow.com) and records various information about user's web browsing habits.

   
File Compressor Pro Unwanted Application (Mac)

How to remove File Compressor Pro from Mac?

What is File Compressor Pro?

File Compressor Pro's developers promote this app as an online tool for zipping (compressing) files. However, one of its distribution methods is a "bundling" method. Developers use it to trick people into downloading and installing various potentially unwanted apps (PUAs). Besides, it is known that File Compressor Pro is used to promote bunnybarny.com, a fake search engine.

   

Page 3 of 723

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>