Virus and Spyware Removal Guides, uninstall instructions

What kind of application is Zen Searcher?

Following our evaluation of the Zen Searcher app, our team has determined that its primary purpose is to function as a browser hijacker aimed at promoting search.zensearcher.com (a fake search engine). This extension alters browser settings to assert control. It is advisable to remove Zen Searcher from affected browsers without delay.

What is "Brad Garlinghouse Crypto Giveaway"?

Following an evaluation of the website, our team has determined that it is promoting a deceptive giveaway. Scammers commonly use websites featuring misleading pop-up messages or comparable content to lure visitors into revealing sensitive details, making financial transactions, or engaging in other activities.

What kind of scam is "Web Mail Scam"?

After conducting a comprehensive examination, our team has determined that the purpose of this email is to deceive recipients into divulging their personal information. These emails are categorized as phishing attempts, and in this particular case, the scammers impersonate an email service provider with the intention of tricking recipients into revealing sensitive information on a fraudulent webpage.

What kind of malware is ZeroCool?

ZeroCool ransomware is a type of malware that encrypts files. In addition to encrypting data, ZeroCool adds the ".ZeroCool" extension to filenames and provides a ransom note ("ZeroCool_Help.txt"). An illustration of how files encrypted by ZeroCool are renamed: "1.jpg" is changed to "1.jpg.ZeroCool", "2.png" is changed to "2.png.ZeroCool", etc.

What kind of page is strongpcfundamentals[.]com?

In our examination of strongpcfundamentals[.]com, we found that the website's primary intent is to mislead visitors into believing their computers are compromised. Furthermore, strongpcfundamentals[.]com requests permission to send notifications. It is important to note that users often land on sites like strongpcfundamentals[.]com inadvertently.

What kind of page is avob.co[.]in?

Our research team discovered the avob.co[.]in rogue webpage while inspecting suspicious sites. It operates by promoting browser notification spam and redirecting visitors to other (likely unreliable/harmful) websites.

Users primarily access avob.co[.]in and similar pages through redirects generated by sites that employ rogue advertising networks.

What kind of application is DynamicExplorer?

While investigating new file submissions to the VirusTotal website, our researchers discovered the DynamicExplorer application. After inspecting it, we determined that DynamicExplorer is advertising-supported software (adware) belonging to the AdLoad malware family.

What kind of software is Cityscapes?

Cityscapes is a browser extension that promises to display browser wallpapers depicting cityscapes and urban skylines. Our researchers found this piece of software while investigating deceptive websites. After analyzing Cityscapes, we learned that it modifies browser settings and promotes (via redirects) the schcm.com fake search engine. Due to this behavior, this extension is classed as a browser hijacker.

What kind of application is ElementaryDivision?

Our research team found the ElementaryDivision adware while inspecting new submissions to the VirusTotal website. When we examined this piece of software, we determined that it is adware. ElementaryDivision is part of the AdLoad malware family. This application is designed to deliver intrusive ad campaigns.

What kind of malware is Lqepjhgjczo?

Our research team discovered the Lqepjhgjczo ransomware while inspecting new submissions to the VirusTotal platform. This malicious program is part of the Snatch ransomware family. It is designed to encrypt files and demand payment for their decryption.

On our test machine, Lqepjhgjczo encrypted files and added the ".lqepjhgjczo" extension to their names. For example, an original title such as "1.jpg" appeared as "1.jpg.lqepjhgjczo", "2.png" as "2.png.lqepjhgjczo", etc.

After the encryption was completed, a ransom note with the filename "HOW TO RESTORE YOUR LQEPJHGJCZO FILES.TXT" was created. Based on the message therein, it is evident that this ransomware does not target home users but rather business-oriented entities.