Virus and Spyware Removal Guides, uninstall instructions

What kind of page is bruperchrophone[.]com?

Bruperchrophone[.]com displays a deceptive message (uses a clickbait technique) to trick visitors into agreeing to receive notifications. Usually, websites like bruperchrophone[.]com get opened through pages using rogue advertising networks. Users do not visit them on purpose.

What kind of malware is BLISTER?

BLISTER is the name of malware that functions as a loader - malicious software that drops/executes another malware (injects its payload). It is known that threat actors behind BLISTER attacks use a valid code signing certificate to evade detection.

What kind of malware is LIKEAHORSE?

LIKEAHORSE is malware (ransomware) that encrypts files and appends the ".LIKEAHORSE" extension to their filenames. For example, it renames a file named "1.jpg" to "1.jpg.LIKEAHORSE", "image.png" to "image.png.LIKEAHORSE". LIKEAHORSE also creates the "#RECOVERY#.txt" text file containing a ransom note.

What is searchfox.xyz?

Searchfox.xyz is a fake search engine promoted through a browser-hijacking application designed to modify the web browser's settings. Most users end up having their browsers hijacked unintentionally. Neither browser hijackers nor fake search engines are trustworthy.

What is McAfee subscription has expired email scam?

Scammers behind this email attempt to trick users into believing that their McAfee subscription has expired and opening another deceptive page claiming that their computers are infected. Scammers could be using this email to trick recipients into paying for bogus subscriptions or services, installing shady software, or for other purposes.

What kind of malware is Crypto_Support?

Crypto_Support (also known as Crypto Support) is ransomware that encrypts files, appends the ".CRYPT" extension to filenames, and provides payment and contact information (ransom notes) in a pop-up window and the "README.txt" file. For example, Crypto_Support renames "1.jpg" to "1.jpg.CRYPT", "sample.jpg" to "sample.jpg.CRYPT".

What kind of application is EasyMacSoft?

EasyMacSoft is the name of an advertising-supported software designed to generate advertisements and promote a fake search engine by hijacking a web browser. EasyMacSoft is distributed using a fake installer disguised as the installer for Adobe Flash Player.

What is MojeBanka email scam?

It is an email disguised as a letter from Komerční banka, one of the largest banks in the Czech Republic. It contains a link to a phishing website designed to look like the official Komerční banka page. Scammers behind this email attempt to trick recipients into providing banking-related sensitive information.

What kind of application is MainOperation?

MainOperation has the qualities of adware and a browser hijacker. The purpose of this application is to generate advertisements and promote a fake search engine. It is pretty common for apps like MainOperation to be distributed (or promoted) using deceptive methods.

What kind of malware is TeslaRVNG3?

TeslaRVNG3 encrypts and renames files and creates the "teslarvng3.hta" file designed to display a ransom note. It prepends the victim's ID, titnbest@mailfence.com email address, and appends the ".teslarvng3" extension to filenames of all encrypted files.

For example, it renames "1.jpg" to "id[Ucn3djRD].[titnbest@mailfence.com].1.jpg.teslarvng3", "document.txt" to "id[Ucn3djRD].[titnbest@mailfence.com].document.txt.teslarvng3", and so on.