Virus and Spyware Removal Guides, uninstall instructions

What is Dance ransomware?

Dance is the name of a malicious program belonging to the Dharma ransomware family. It is designed to encrypt data and demand payment for the decryption. In other words, this malware renders files unusable, and victims are asked to pay - to recover access/use of their data.

During the encryption process, files are renamed following this pattern: original filename, unique ID assigned to the victim, cyber criminals' email address, and ".dance" extension. For example, a file initially titled "1.jpg" would appear as something similar to "1.jpg.id-C279F237.[cryptodancer@onionmail.org].dance". After this process is complete, ransom notes are created/displayed in a pop-up window and "info.txt" text file.

What is Matafaka ransomware?

Matafaka is a malicious program belonging to the Xorist ransomware family. Typically, malware within this classification encrypts victims' files in order to demand they pay a ransom to decrypt their data. Matafaka ransomware likewise renders files inaccessible but does not make any ransom demands.

During the encryption process, files are appended with the ".matafaka" extension. For example, a file initially titled "1.jpg" would appear as "1.jpg.matafaka", "2.jpg" as "2.jpg.matafaka", "3.jpg" as "3.jpg.matafaka", and so on for all of the affected files.

After this process is complete, a pop-up window is displayed and text files - "HOW TO DECRYPT FILES.txt" - are dropped into compromised folders. Usually, ransomware-type programs create pop-ups and drop files that contain ransom notes; however, that is not the case with Matafaka.

What is GameSearchIt?

GameSearchIt is a piece of software that modifies browsers to promote the gamesearchit.com fake search engine. Due to this, it is classified as a browser hijacker. Hence, it likely has data-tracking abilities employed to spy on users' browsing activity. Due to the questionable techniques used to distribute browser hijackers, they are also considered to be PUAs (Potentially Unwanted Applications).

What is hornypornvid[.]com?

Hornypornvid[.]com is the address of a rogue website. It is designed to load dubious content and/or redirect visitors to other pages (likely unreliable or malicious ones). The Internet is rife with such webpages; time4news.net, subordingry.website, junesmile.xyz - are but a few examples.

Users rarely enter rogue sites intentionally. Most get redirected to them by suspect websites, intrusive ads, or installed PUAs (Potentially Unwanted Applications). This software can infiltrate systems without user permission and cause various issues.

What is FreeSportSearch?

FreeSportSearch is a browser hijacker promoting the freesportsearch.com fraudulent search engine. Software within this classification works by modifying browser settings to cause redirects to fake web searchers. Furthermore, most browser hijackers have data spy on users' browsing habits. Since users typically download/install browser hijackers inadvertently, they are also categorized as PUAs (Potentially Unwanted Applications).

What is INHORSEWETRUST ransomware?

INHORSEWETRUST is the name of a malicious program, which is designed to encrypt data and demand payment for the decryption. In other words, this malware renders files unusable and asks victims to pay - to recover access/use of their data.

During the encryption process, files are appended with "INHORSEWETRUST". For example, a file like "1.jpg" would appear as "1.jpgINHORSEWETRUST", and so on for all of the affected files. After the completion of this process, ransom notes - "#Decrypt#.txt" - are created.

What is InstaQuick?

InstaQuick is a rogue application, endorsed as a tool for desktop access to the Instagram social media platform. This piece of software is classified as adware due to running intrusive advertisement campaigns.

In other words, InstaQuick delivers various ads. Additionally, most adware-types have data tracking abilities, which are used to spy on users' browsing activity and collect sensitive/private information extracted from it.

Due to the questionable techniques employed in InstaQuick's distribution, it is also categorized as a PUA (Potentially Unwanted Application).

What is thewowfeed[.]com?

Typically, websites such as thewowfeed[.]com promote other untrusted web pages or load dubious content. In any case, you should never trust sites of this type. They are usually opened by installed potentially unwanted applications (PUAs), through deceptive advertisements or other dubious web pages. I.e., users do not often visit pages such as thewowfeed[.]com intentionally. Examples of other, similar sites are hipermovies[.]icu, gdanstum[.]net and vviewpoint[.]biz.

What is time4news[.]net?

Time4news[.]net is a rogue site designed to load dubious content and/or get redirected to other webpages (likely, untrustworthy or malicious ones). The Web is full of similar pages; subordingry.website, captchadecode.com, and contentgate.xyz - are just a few examples.

Users seldom access rogue sites intentionally. Most enter them via redirects caused by suspicious webpages, intrusive advertisements, installed PUAs (Potentially Unwanted Applications). These apps can infiltrate systems without express user permission.

What is TopSearchConverters?

TopSearchConverters is a rogue browser extension promoting the topsearchconverters.com fake search engine. Due to this behavior, it is classified as a browser hijacker. Furthermore, TopSearchConverters likely collects browsing-related data. Due to the questionable methods used to distribute browser hijackers, they are also categorized as PUAs (Potentially Unwanted Applications).