Virus and Spyware Removal Guides, uninstall instructions

Kabayaboo Ransomware

What is Kabayaboo?

Ransomware victims cannot access their files unless they decrypt them with the right tool that can be purchased from the attackers. Typically, malware of this type encrypts files using a strong encryption algorithm and changes their extension.

Kabayaboo appends the ".crypted" extension, for example, it renames a file named "1.jpg" to "1.jpg.crypted", "2.jpg" to "2.jpg.crypted", and so on.

Like most ransomware variants, Kabayaboo generates a ransom note - it creates the "READ_ME.crypted.txt" file and displays a pop-up window. Kabayaboo was discovered by Petrovic.

   
MovieSearchZilla Browser Hijacker

What is MovieSearchZilla?

MovieSearchZilla is a piece of dubious software categorized as a browser hijacker. It operates by promoting the moviesearchzilla.com illegitimate search engine by making alterations to browser settings.

It is noteworthy that most browser hijackers spy on users' browsing habits; hence, it is likely that MovieSearchZilla does so as well. Since users typically download/install browser hijackers unintentionally, they are also classified as PUAs (Potentially Unwanted Applications).

   
Delta (AsupQue) Ransomware

What is Delta (AsupQue) ransomware?

Delta (AsupQue) is the name of a ransomware-type program. Systems infected with this malware experience data encryption (files rendered inaccessible/unusable) and receive ransom demands for the decryption (access/use recovery).

As Delta (AsupQue) malicious program encrypt, affected files are appended with the ".[Delta][victim's_ID]" extension (ID refers to the code assigned to the victim). For example, a file originally titled "1.jpg" would appear as something similar to "1.jpg.[Delta]uVkSQApq" - following encryption. After this process is complete, a ransom note is displayed in a pop-up window ("Info.hta").

   
Binance Giveaway Scam

What is Binance giveaway scam?

It became popular for scammers to offer free giveaways of Bitcoin or other digital currencies in exchange for paying a registration fee by providing some personal information. Scammers behind this particular giveaway scam claim that the more cryptocurrency people send, the more they will get back.

These scams have to be ignored. No people ever received any amount of cryptocurrency back and simply lost the cryptocurrency they sent to scammers.

   
Coupon Printer Adware

What is Coupon Printer?

Coupon Printer is supposed to print Coupon with barcodes that could be properly scanned in stores. However, it is known that after the installation of this application, users start seeing unwanted advertisements, which means Coupon Printer functions as adware.

Typically, users do not download and install software of this type intentionally. Apps that users download or install unknowingly are called potentially unwanted applications (PUAs).

Quite often, adware-type apps not only feed users with ads but also collect various information about them. In one way or another, it is highly advisable not to have apps like Coupon Printer installed on browsers or computers.

   
Device Infected After Visiting An Adult Website POP-UP Scam (Mac)

What is "Device Infected After Visiting An Adult Website"?

There is a great number of deceptive websites using scare tactics to advertise various potentially unwanted applications (PUAS). In most cases, they display fake notifications/virus alerts claiming that a device is infected with viruses, Trojans, or other malicious programs and urging visitors to install some PUA that supposed to fix the problem (remove viruses).

All notifications that these pages display are fake and can be ignored. It is noteworthy that most these deceptive websites are promoted through other pages of this kind, dubious advertisements and PUAs. In other words, users to not visit them by intentionally.

   
Onterralink.xyz Ads

What is the onterralink[.]xyz website?

Similar to earntthatyo.biz, rtenmy.com, oundoutth.biz, and thousands of others, onterralink[.]xyz is an untrustworthy site. It is designed to load dubious content and/or redirect visitors to unreliable and possibly malicious websites.

Pages of this kind are seldom accessed intentionally; most get redirected to them by intrusive adverts or installed PUAs (Potentially Unwanted Applications). These apps can infiltrate devices without user consent.

PUAs can have heinous functionalities, including - force-opening sites, running intrusive advertisement campaigns, and gathering browsing-related data.

   
XiNo Ransomware

What is XiNo?

Ransomware victims cannot access and use their files unless they decrypt them with specific software or key. Usually, malware of this type provides instructions on how to purchase a decryption tool from the attackers as well. Most ransomware variants append their extension to the name of each encrypted file.

XiNo appends the ".XiNo" extension. For example, it renames "1.jpg" to "1.jpg.XiNo", "2.jpg" to "2.jpg.XiNo", and so on. It changes desktop wallpaper, creates the "HOW TO DECRYPT FILES.txt" file (in all folders containing encrypted files), and displays a pop-up window.

All three of them are XiNo's ransom notes. XiNo belongs to the Xorist ransomware family.

   
Root Ransomware

What is the Root ransomware?

Root is a piece of malicious software, which belongs to the Dharma ransomware family. It is designed to encrypt data and demand payment for the decryption.

In other words, this malware renders files inaccessible, and victims are asked to pay a ransom - to recover their data. During the encryption process, affected files are retitled according to this pattern: original filename, unique ID assigned to the victims, cyber criminals' email address, and the ".root" extension.

For example, a file initially named "1.jpg" would appear as something similar to "1.jpg.id-C279F237.[getdecrypt@disroot.org].root" - following encryption. Once this process is complete, a ransom note is created in the "FILES ENCRYPTED.txt" text file.

Another message is displayed in a pop-up window.

   
Nusm Ransomware

What is Nusm?

Ransomware is a type of malware cybercriminals use to block users from accessing their own data. It encrypts files and modifies their filenames (in most cases).

Nusm renames encrypted files by appending the ".nusm" extension. For instance, it renames a file named "1.jpg" to "1.jpg.nusm", "2.jpg" to "2.jpg.nusm", and so on.

As a rule, ransomware displays or creates (or both) a ransom note to provide contact and (or) payment information. Nusm creates the "_readme.txt" file. This ransomware variant belongs to the Djvu ransomware family.

   

Page 839 of 2106

<< Start < Prev 831 832 833 834 835 836 837 838 839 840 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal