Virus and Spyware Removal Guides, uninstall instructions

CollectorStealer Malware

CollectorStealer virus removal guide

What is CollectorStealer?

CollectorStealer is the name of a malicious software which is designed to function as a tool that allows cyber criminals steal various sensitive information (like passwords, credit card details) and files. This malware is for sale on a hacker forum for $12 or $75 (depending on the subscription type). It is advertised on the aforementioned forum as a top-end information stealer with a Russian interface.

   
Image Seeker Browser Hijacker

Image Seeker browser hijacker removal instructions

What is Image Seeker?

Image Seeker is a browser hijacker which is designed to change some of the browser's settings to image-seeker.com. In other words, this app is designed to promote a fake search engine. Also, most browser hijackers function as information tracking tools - they collect various data. Typically, users download and install apps like Image Seeker unintentionally, for this reason they are categorized as potentially unwanted applications.

   
System Care Pro Unwanted Application

System Care Pro removal instructions

What is System Care Pro?

System Care Pro is the name of a system cleaner which supposed to improve computer performance. Although, it is categorized as a potentially unwanted application (PUA) because of how developers distribute it. It is common that users download and install applications that are categorized as PUAs unintentionally, therefore, it is not recommended to trust them.

   
Gift Card Giveaway Scam

"Gift card giveaway" scam removal instructions

What is the "Gift card giveaway" scam?

The "Gift card giveaway" is a scam promoted on various deceptive websites. This scheme offers users fake gift cards for popular brands/services. For example, Amazon, eBay, Google Play, iTunes, Microsoft, MasterCard, PayPal, Skype, Netflix, Nintendo, PlayStation, Roblox, and so on. This scheme redirects to various phishing sites and other similar scam pages. Therefore, trusting "Gift card giveaway" can lead to a variety of severe issues. Typically, users access untrustworthy sites unintentionally - they get redirected to them by intrusive ads or by PUAs (Potentially Unwanted Applications), already installed onto the system.

   
Baraka Team Ransomware

Baraka Team ransomware removal instructions

What is Baraka Team?

Discovered by dnwls0719, Baraka Team is the name of malicious software classified ransomware. Systems infected with this malware have their data encrypted so that ransom demands can be made for decryption tools/software. Most ransomware-type programs rename compromised files and/or append them with an extension during the encryption process, however, Baraka Team malware does not modify filenames. After encryption is complete, a ransom message ("ReadmeCrypto.txt") is dropped onto the desktop, the wallpaper of which is also changed.

   
Ratty RAT

Ratty virus removal guide

What is the Ratty RAT?

Ratty is the name of a malicious program, categorized as a RAT. RATs are Remote Access Tools, yet when used for malicious purposes - they are referred to as Remote Access Trojans. The Ratty malware is an open source Java RAT. This trojan was made available on the GitHub software development platform and was strongly endorsed on HackForums. Sometime in 2016 / 2017 - Ratty's original uploader deleted their repository. However, several clones (potentially, other variants) of the Ratty RAT still exist. Remote access trojans are designed to allow remote access and control over infected devices. These malicious programs can have a broad range of functionalities that enable likewise varied misuse. RATs are deemed to be highly dangerous and as such all infections must be eliminated immediately.

   
Request For Quotation Email Virus

"Request for quotation" email virus removal guide

What is the "Request for quotation" email?

"Request for quotation" is the title of a scam email, designed to proliferate Agent Tesla Remote Access Tool (when used for malicious purpose - Remote Access Trojan). The emails supposedly concern an urgent order and recipients are asked to provide relevant specification of this potential purchase. However, upon opening the attached file initiates the infection process (i.e. download/installation) of Agent Tesla RAT.

   
Chinz Ransomware

Chinz ransomware removal instructions

What is Chinz?

Chinz belongs to the Phobos ransomware family. It is a typical ransomware which is designed to encrypt victim's files, modify their filenames and provide instructions on how to contact its developers about the decryption. Chinz changes the name of every encrypted file by adding the victim's ID, yuzhou13@tutanota.com email address and appending the ".chinz" extension to its filename. For example, it renames a file named "1.jpg" to "1.jpg.id[1E857D00-2875].[yuzhou13@tutanota.com].chinz", "2.jpg" to "2.jpg.id[1E857D00-2875].[yuzhou13@tutanota.com].chinz", and so on. It displays a ransom note in a pop-up window and creates another one in the "info.txt" text file.

   
Secure Parking Email Virus

"Secure Parking" email virus removal guide

What is the "Secure Parking" email?

"Secure Parking" is the name of an email spam campaign. These scam emails are disguised as final warning notifications from Secure Parking - a legitimate international parking service provider. It must be emphasized that said mail is in no way connected to the genuine Secure Parking car park operator. The letters claim that recipients have received a fine for parking violation that needs to be addresses as soon as possible. Instead of containing information relating to the incident and issued fine, the attached file is designed to initiate the infection process/chain of the Taurus Stealer malware. Hence, upon being opened (and after the instructions provided within the document are carried out) - the file begins downloading/installing this malicious program.

   
Perfect Startpage Browser Hijacker

Perfect Startpage browser hijacker removal instructions

What is Perfect Startpage?

Perfect Startpage browser hijacker is designed to promote perfectstartpage.com, a fake search engine. It does that by modifying some of the browser's settings. Also, apps of this type tend to be designed to collect information related to user's browsing habits. Most of the times users download and install browser hijackers unknowingly, therefore, apps of this type are categorized as potentially unwanted aplications (PUAs).

   

Page 10 of 1024

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal