STOP Ransomware (sometimes called DJVU Ransomware) is an obnoxious virus, that encrypts files on computers using the AES encryption algorithm, makes them unavailable and demands money in exchange for so-called "decryptor". Files processed by the latest version of STOP Ransomware, in particular, can be distinguished by the .leto, .werd, .bora or .xoza extensions. The analysis showed that the cryptographic installer loaded with the "crack" or adware is installed under an arbitrary name in the
%LocalAppData%\folder. When executed, it loads four executable files there: 1.exe, 2.exe, 3.exe and updatewin.exe. The first of them is responsible for neutralizing Windows Defender, the second is for blocking access to information security sites. After the malware is launched, a fake message appears on the screen that says about installing the update for Windows. In fact, at this moment, almost all user files on the computer are encrypted. In each folder containing encrypted documents, a text file (_readme.txt) appears in which attackers explain the operation of the virus. They offer to pay them a ransom for decryption, urging them not to use third-party programs, as this can lead to the deletion of all documents.
Mac Heal Pro is deceptive Mac optimisation application. After installation, it opens on the whole screen and starts a fake system scan. It does not give users the opportunity to resize the window. When the scan is finished, Mac Heal Pro offers paid activation, which costs $60 - $70. The problem is, that viruses, errors and performance issues, found by this app, never existed on your Mac. Mac Heal Pro is categorized as rogue program, fake optimization software. The virus poses a threat to the financial security and privacy of the users, due to its misleading tactics, untrustworthy scan results, and unscrupulous developers. There are also some complaints, that Mac Heal Pro cannot be removed, or keeps coming back.
Similar Photo Cleaner is ad-supported application for Mac. It was developed to detect and remove duplicate photos and pictures. It is one of those pointless apps, that provide low functionality, but leads to severe computer and privacy problems. It installs without user's consent, and does not disclose all conditions of the installation. The consequences of installing the program are pitiable: users start seeing ads and pop-ups in browsers, they get unknown programs installed without their intention. Besides, some users complain, that they cannot quit Similar Photo Cleaner, as it displays pop-up, that cannot be closed (see the picture below). All this peculiar properties put the program to the category of potentially unwanted apps.
Smart Mac Booster is fake anti-virus and optimization software for Mac. It can be called an imposed application, as it is offered for download to users after an "in-browser" virus or error scan, that finds "severe issues". Of course, a real system scan cannot be performed in any browser, this is just a pretext to get Smart Mac Booster installed on a Mac. After infiltrating the system, the unwanted application initiates a quick scan and finds a huge amount of problems, that have to be fixed. In the end, the results are announced by the female computer voice. When victims try to resolve the problems, the software offers to buy the license. But what really puts the program in a category of badware is, that if users try to uninstall it from Applications, it'll either won't allow them to do it by showing alerts and warnings or will leave residual persistent module, that will cause errors in macOS.
Personal-video.live is a viral site with spam and advertising, which displays annoying notifications in browsers. This can happen due to infection with a virus that penetrates your computer along with downloaded files and works quietly in the background. Or users manually granted Personal-video.live access to the settings and allowed it to create push-notifications. While surfing the Internet or even when browsers are closed users may receive unwanted ads, news, promotions in the right-bottom corner of the desktop. Noticing these signs of infection, the user launches an anti-virus scan. If you use a good antivirus, it will find and remove the virus itself, but it will not touch the settings specified in browsers. Those can be fixed by manual manipulations or using special tools.