Virus and Spyware Removal Guides, uninstall instructions

What is SolveCenter?

While inspecting new submissions on VirusTotal, our researchers discovered the SolveCenter application. After analyzing it, we learned that SolveCenter operates as adware and is part of the AdLoad malware family.

What kind of malware is Vyia?

Our malware researchers have discovered Vyia while checking the samples submitted to VirusTotal. They found that Vyia is ransomware that encrypts files, changes their extension, and creates the "_readme.txt" file.

An example of how Vyia renames files: it changes "1.jpg" to "1.jpg.vyia", "2.png" to "2.png.vyia". The "_readme.txt" file contains a ransom note/provides contact and payment information. We also learned that Vyia belongs to a ransomware family called Djvu.

What kind of website is deeginews[.]com?

Deeginews[.]com displays deceptive content to trick visitors into agreeing to receive notifications and redirects to shady websites. Our team has discovered deeginews[.]com while analyzing other sites that use rogue advertising networks. In most cases, sites like deeginews[.]com get visited unintentionally.

What is D3adCrypt ransomware?

We learned of D3adCrypt when a victim reported it in a support forum. This malicious program is categorized as ransomware; it operates by encrypting data and making ransom demands for the decryption.

Our researchers obtained a sample of D3adCrypt from VirusTotal. On our test machine, this ransomware appended the encrypted files with a ".d3ad" extension. For example, a file originally named "1.jpg" appeared as "1.jpg.d3ad", "2.jpg" as "2.jpg.d3ad", etc. Once this process was finished, D3adCrypt created a ransom-demanding message - "d3ad_Help.txt" - on the desktop.

What is QuantityExact?

QuantityExact is an adware-type application that our researchers discovered while looking through new submissions to VirusTotal. We also learned that this piece of software belongs to the AdLoad malware family.

What kind of malware is Colibri?

Colibri is the name of a malware loader - a piece of software that drops the actual malicious content on the operating system. We have discovered Colibri on hacker forums. Our team has found that cybercriminals sell it for $150 for a week and $400 for a month (and offer free updates). Colibri targets Windows computers.

What is Kera-tx52 ransomware?

Our research team discovered Kera-tx52 while inspecting new submissions to VirusTotal. This malicious program is classified as ransomware - a type of malware that encrypts data (renders it inaccessible) to make ransom demands for the decryption.

On our test system, Kera-tx52 encrypted files and appended their filenames with an extension consisting of four random characters. For example, a file initially titled "1.jpg" appeared as "1.jpg.hofu", "2.png" as"2.png.9p53", and so on. Once this process was completed, Kera-tx52 created a text file named "read_it.txt" and changed the desktop wallpaper.

What is Introduce Standards?

Introduce Standards is a browser extension our researchers discovered while inspecting dubious download pages promoted by sites using rogue advertising networks. This piece of software promises to enable easy access to online resources concerning the standards of various industries. Instead, our analysis uncovered that Introduce Standards operates as adware.

What is the "Blockchain[.]com email scam"?

We have examined this email and learned that this is a fake notification letter regarding an unauthorized login attempt. It contains a link to a phishing site (disguised as a legitimate blockchain[.]com website). Scammers behind this email attempt to steal blockchain[.]com accounts.

What is searchtoolshub.com?

We have discovered searchtoolshub.com after using a browser-hijacking installer downloaded from a website promoted via other sites that use questionable advertising networks. After testing the searchtoolshub.com address, we learned that it is a fake search engine.