Virus and Spyware Removal Guides, uninstall instructions

What is Wearefriends ransomware?

Wearefriends encrypts files (prevents victims from accessing them) and appends the ".wearefriends" extension to their filenames (for example, it renames "1.jpg" to "1.jpg.wearefriends", "2.jpg" to "2.jpg.wearefriends", and so on). Also, Wearefriends ransomware displays a pop-up window (a ransom note) with contact and payment information.

What is "I know you are cheating on your partner Email Scam"?

"I know you are cheating on your partner Email Scam" is a spam campaign - a mass-scale operation during which deceptive emails are sent by the thousand. The letters distributed through this campaign use a variation of the sextortion scam model.

These emails claim that the recipient is cheating on their partner, and evidence of their infidelity will be publicized - unless a ransom is paid. It must be emphasized that all of the claims made by the "I know you are cheating on your partner" letters are false; therefore, these messages must be ignored.

What is Orkf ransomware?

Orkf is one of the ransomware variants that belong to the Djvu ransomware family. This variant encrypts files and appends the ".orkf" extension to their filenames (for instance, Orkf renames "1.jpg" to "1.jpg.orkf", "2.jpg" to "2.jpg.orkf"). Also, it creates the "_readme.txt" file, a ransom note.

What is NewProduct?

It is unknown what is the purpose of the NewProduct application. However, it is likely that it functions as adware or a browser hijacker. It is common for apps of this kind to be distributed using deceptive methods. Therefore, users rarely download and install them intentionally. Apps of this kind are categorized as potentially unwanted applications (PUAs).

What is ProRadioSearch browser hijacker?

ProRadioSearch is a browser hijacker designed to change web browser's settings to promote the proradiosearch.com address. Like most browser hijackers, ProRadioSearch promotes a fake search engine. It is likely that this app is designed to collect browsing-related data as well. Typically, users install browser hijackers inadvertently.

What is news-ciwuwi[.]cc?

News-ciwuwi[.]cc is designed promote questionable websites and to trick users into allowing it to show notifications. There is a countless number of websites like news-ciwuwi[.]cc. A couple of examples are allhotfeed[.]com, yourseismo[.]top, and check-this-video[.]com. As a rule, users do not visit them intentionally.

What is PlatformDeploy?

PlatformDeploy is a browser hijacker promoting the search.rktz9.com fake search engine. This browser extension modifies browser settings to cause redirects to its web searcher. Additionally, PlatformDeploy likely has data tracking abilities, which are employed to spy on user browsing activity. Due to the questionable methods used to proliferate browser hijackers, they are also classified as PUAs (Potentially Unwanted Applications).

What is StreamingSearches?

StreamingSearches is a browser hijacker promoting the streamingsearches.com fake search engine. It operates by modifying browser settings in order to cause redirects to its web searcher. Additionally, this browser extension likely spies on users' browsing activity. Due to the dubious methods used to distribute browser hijackers, they are also classified as PUAs (Potentially Unwanted Applications).

What is the "I have e-mailed you from your account Email Scam"?

"I have e-mailed you from your account Email Scam" is a sextortion spam campaign. This term defines a mass-scale operation during which thousands of deceptive emails are sent. These letters falsely claim about there being a compromising video featuring the recipient, which will be leaked - unless the ransom demands are met.

It must be emphasized that none of the information provided by these emails is true. Therefore, no such recordings exist, and neither recipients' devices nor their privacy have been compromised.

What is Tohnichi ransomware?

Tohnichi is the name of ransomware that encrypts files, changes their extension to ".tohnichi", and creates the "How to decrypt files.txt" file (a ransom note) in all folders containing encrypted files. Here is an example of how Tohnichi renames files: it changes a file named "1.jpg" to "1.jpg.tohnichi", "2.jpg" to "2.jpg.tohnichi", and so on.