Virus and Spyware Removal Guides, uninstall instructions

What kind of malware is Qwixx?

Qwixx is a stealer-type malware. This malicious program operates by extracting vulnerable information from various applications installed on infected systems. Qwixx targets account log-in credentials, credit card numbers, and other highly sensitive data.

What kind of application is Shop Tab?

Upon inspecting the Shop Tab browser extension, it became evident that it functions as a browser hijacker intended to promote shoptab.xyz, a fake search engine. Shop Tab alters a web browser's settings, effectively hijacking it. It is worth noting that many users unwittingly download and add applications like Shop Tab, unaware that such additions will lead to browser hijacking.

What is Realst?

Realst, a recently discovered Mac malware, has become the center of attention in a large-scale campaign aimed at Apple computers. Of particular concern is that some of its most recent versions are designed to exploit macOS 14 Sonoma, the upcoming operating system that is still in the development phase.

What kind of malware is CriminalBot?

CriminalBot is a piece of malicious software targeting Android users. Malicious software on Android devices can have various capabilities, including data theft, spying and surveillance, unauthorized access, ad fraud, and more. Thus, CriminalBot should be removed from affected devices as soon as possible.

What kind of malware is Pathfinder?

Pathfinder is the name of a cross-platform Remote Access Trojan (RAT). This malware is capable of infecting Windows, Linux, and Android operating systems. RATs enable remote access and control over infected devices. Pathfinder boasts the ability to allow full control over compromised machine GUIs (Graphical User Interfaces).

What kind of software is Pick Your Language?

While investigating untrustworthy websites, our research team discovered the Pick Your Language browser extension. It is promoted as an easy-access tool to a dictionary, thesaurus, and translator. However, after analyzing this extension, we determined that it is advertising-supported software (adware).

What kind of application is InteriorDesignTab?

During our analysis of InteriorDesignTab, we observed that it promotes idtwebsearch.com by hijacking web browsers. Like many other browser hijackers, InteriorDesignTab alters the browser settings. Such apps are often promoted and distributed through questionable methods, leading users to unintentionally download and add browser hijackers to their systems.

What kind of application is CurrencyTrack?

While examining CurrencyTrack, we discovered that it promotes get.currencytrack.net by hijacking a web browser. Like most browser hijackers, CurrencyTrack changes the settings of a web browser. It is common for apps of this type to be promoted and distributed using dubious methods. Thus, users often download and add browser hijackers inadvertently.

What kind of malware is Wsaz?

During our analysis of samples submitted to the VirusTotal website, our team made a significant finding – a new member of the Djvu ransomware family named Wsaz. This malicious program is designed to encrypt files, rendering them inaccessible to victims. Since Wsaz is part of the Djvu family, it could be distributed alongside other malware, such as information stealers like RedLine or Vidar.

Once it infects a system, Wsaz alters the filenames of encrypted files by appending the ".wsaz" extension. For instance, a file named "1.jpg" is renamed as "1.jpg.wsaz", "2.png" becomes "2.png.wsaz", and so on. Additionally, Wsaz leaves behind a ransom note titled "_readme.txt".

What kind of malware is Wsuu?

While examining samples on VirusTotal, our team detected a new variant of the Djvu ransomware family known as Wsuu. This variant encrypts data and appends the ".wsuu" extension to the targeted files. Following the encryption process, the ransomware leaves a ransom note named "_readme.txt".

Wsuu employs a distinct file renaming pattern, transforming files such as "1.jpg" into "1.jpg.wsuu" "2.png" into "2.png.wsuu" and so on. Being part of the Djvu family, Wsuu could potentially be distributed together with other malicious software like RedLine and Vidar information stealers.