Virus and Spyware Removal Guides, uninstall instructions

What kind of page is atoionanruman[.]com?

During our investigation of suspicious advertising networks, our team discovered atoionanruman[.]com, a website known for displaying a deceptive message aimed at persuading visitors to enable notifications. It is worth noting that users often land on pages like atoionanruman[.]com unintentionally, without any prior intention of visiting them.

What kind of page is fullpcchain[.]com?

While examining web pages associated with unreliable advertising networks, we came across fullpcchain[.]com. Our investigation uncovered that fullpcchain[.]com is an untrustworthy website that promotes the "McAfee - Your PC is infected with 5 viruses!" scam. Additionally, fullpcchain[.]com requests permission to show notifications.

What kind of malware is Bhui?

During the analysis of malware samples submitted to VirusTotal, our team discovered Bhui ransomware, which is part of the Djvu ransomware family. Once a computer is infected, Bhui encrypts files and appends the ".bhui" extension to their original filenames. For example, a file named "1.jpg" gets renamed to "1.jpg.bhui", and "2.png" becomes "2.png.bhui".

In addition to file encryption, Bhui generates a ransom note, a text file called "_readme.txt". Moreover, the distribution of Bhui may involve information stealers like Vidar and RedLine.

What kind of malware is Bhtw?

During our analysis of malware samples submitted to VirusTotal, we encountered Bhtw, a ransomware variant belonging to the Djvu family. Bhtw encrypts files and appends the ".bhtw" extension to their names. Additionally, it generates a ransom note, a text file named "_readme.txt".

An example of how Bhtw alters file names: it transforms "1.jpg" into "1.jpg.bhtw", "2.png" into "2.png.bhtw", and so on. It is important to note that since Bhtw is a member of the Djvu ransomware family, it may be distributed in conjunction with information-stealing malware like Vidar and RedLine.

What kind of page is vexvideo[.]cam?

During our investigation into suspicious advertising networks, our team encountered vexvideo[.]cam, an untrustworthy website that employs clickbait to deceive visitors into subscribing to its notifications. It should be noted that most users come across these pages unintentionally.

What kind of page is audience-info[.]xyz?

Based on our analysis, audience-info[.]xyz is an untrustworthy website that employs a deceptive tactic to manipulate visitors into subscribing to its notifications. Users typically encounter sites like audience-info[.]xyz unintentionally, and our team came across it during the investigation of other suspicious pages.

What kind of application is InterfaceHelper?

InterfaceHelper is a rogue application that we discovered while inspecting new submissions to VirusTotal. After analyzing this app, we determined that it is adware belonging to the AdLoad malware family. InterfaceHelper displays ads on various interfaces and may have additional harmful functionalities.

What kind of application is SkilledModuleSearch?

Our researchers found the SkilledModuleSearch app while investigating new submissions to the VirusTotal site. It is a piece of advertising-supported software (adware). Additionally, SkilledModuleSearch is part of the AdLoad malware family.

What kind of website is trendysearches.com?

Trendysearches.com is the address of a fake search engine that provides inaccurate and potentially harmful search results. Websites of this kind are usually promoted (via redirects) by browser hijackers. Illegitimate search engines and the software endorsing them usually collect vulnerable user data.

What kind of malware is RustyStealer?

RustyStealer is a piece of malicious software classed as a stealer. Malware within this class is designed to steal data. These malicious programs extract and exfiltrate information, and RustyStealer is not an exception.