Virus and Spyware Removal Guides, uninstall instructions

Folder Share Adware

Folder Share removal instructions

What is Folder Share?

The Folder Share app supposedly helps users to share folders (read Windows folders and distribute files within), however, it is also classified as a potentially unwanted application (PUA), an adware-type app. Many users install PUAs unintentionally. These rogue apps then go on to feed users with advertisements and gather data relating to browsing habits.

JungleSec Ransomware

JungleSec ransomware removal instructions

What is JungleSec?

JungleSec is a ransomware-type computer infection that targets mostly Linux servers. In some cases, however, it also infiltrates Windows/Mac servers. Like most viruses of this type, it is designed to encrypt data. To retrieve (decrypt) their files, victims are encouraged to pay developers a ransom. JungleSec encrypts data using ccrypt cryptography and renames all affected files by changing their extensions to ".cpt". For example, "1.jpg" becomes "1.jpg.cpt". It also generates a ransom message within a file called "".

Tunca Ransomware

Tunca ransomware removal instructions

What is Tunca?

First discovered by Leo, Tunca is a computer infection (ransomware). As with most programs of this type, it is designed to block access to files by encryption. Once encrypted, each file is renamed by adding the ".tunca" extension. For example, "1.jpg" becomes "1.jpg.tunca". Once a computer is infected, Tunca displays a ransom message in a pop-up window. Unlike most ransomware-type viruses, this one is likely to be in development (it is developed using Microsoft .NET framework).

LyaS Ransomware

LyaS ransomware removal instructions

What is LyaS?

LyaS is high-risk ransomware discovered by Michael Gillespie. Following successful infiltration, LyaS encrypts most stored data and renames files by appending the "id-[victim's_ID].LyaS" extension. For example, "sample.jpg" might be renamed to a filename such as "sample.jpg id-58d20218be06178b.LyaS". Encrypted data instantly becomes unusable. As well as encryption, LyaS generates an HTA file ("How To Restore Files.hta"). Once opened, this file displays a ransom-demand message in a full-screen window.

Bizer Ransomware

Bizer ransomware removal instructions

What is Bizer?

A new variant of Dharma ransomware, Bizer is a malicious program designed to encrypt data. Once files are encrypted, they become unusable. Bizer renames all encrypted files by adding the ".bizer" extension plus a unique ID and email address. For example, "1.jpg" becomes "1.jpg.[ID and email].bizer". It also generates a ransom message within a text file called "FILES ENCRYPTED.txt" and also displays the message in a pop-up window. Bizer's malicious process can be detected in Task Manager as "Hsipmul" (32-bit or 64-bit). This virus was discovered by Jakub Kroustek.

Djvuu Ransomware

Djvuu ransomware removal instructions

What is Djvuu?

Djvuu is a ransomware-type program that was discovered by Michael Gillespie. Most infections of this type encrypt files and make ransom demands. In this case, however, cyber criminals do not urge victims to make any payments. Djvuu encrypts files and adds the ".djvuu", ".djvuq", ".djvus" or ".Uudjvu" extension to each affected file (e.g. "1.jpg" is renamed to "1.jpg.djvuu" or "1.jpg.djvuq", and so on). It also displays a login pop-up window, installs a number of adware-type programs, causes unwanted redirects to random (untrustworthy) websites, and runs various applications in the system background.

Emergency Exit Map Email Virus

"Emergency Exit Map Email Virus" removal guide

What is "Emergency Exit Map Email Virus"?

The "Emergency Exit Map Email Virus" scam (a spam email campaign) is used by cyber criminals/scammers to infect computers with Gootkit, a banking trojan that steals account information by hijacking HTTPS. The scam targets mainly European banks and its main goal is to trick email recipients into clicking a link that leads to download of the aforementioned malicious program. Redirect redirect removal instructions

What is developers promote this fake search engine through an application called BaySearch Video. This app is movie-themed and supposedly provides users with the top online videos and movies directly from their web browsers. Although promoted as a useful and legitimate app, BaySearch Video is categorized as a potentially unwanted application (PUA) and a browser hijacker. Users are often tricked into installing PUAs inadvertently. Furthermore, this app collects various browsing-related data and modifies browser settings.

Grafimatriux Ransomware

Grafimatriux ransomware removal instructions

What is Grafimatriux?

First discovered by Petrovic, Grafimatriux is classified as a ransomware-type malicious program, the purpose of which is to encrypt data (block access to files) and make ransom demands. Grafimatriux places two files ("Как все эту шалашкину контору расшифровать.txt" and "Крайне важная инфа.RSA-2048 файл") in each folder containing encrypted files. The first is known to be a ransom message (in Russian). For data encryption, this ransomware uses the RSA-2048 cryptography algorithm. POP-UP Redirect redirect removal instructions

What is is a deceptive website identical to,,, and many others. It redirects users to other dubious sites and displays various content. Research shows that many visitors arrive at this site inadvertently - they are redirected by potentially unwanted applications (PUAs) and/or intrusive advertisements delivered by other rogue sites. In most cases, these unwanted apps infiltrate computers without users’ permission. As well as causing redirects, they deliver intrusive advertisements and gather information relating to browsing activity.


Page 10 of 651

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>