Virus and Spyware Removal Guides, uninstall instructions

Geminis Ransomware

What is Geminis?

Discovered by dnwls0719, Geminis is a malicious program categorized as ransomware. Systems infected with this malware suffer data encryption and users receive ransom demands for decryption keys/software. When Geminis ransomware encrypts data, files are appended with the ".geminis3" extension.

Therefore, a file originally named something like "1.jpg" would appear as "1.jpg.geminis3 following encryption, and so on for all affected files. After this process is complete, a ransom message ("README.txt") is dropped into every compromised folder.

   
Hesterinoc.info Ads

What is hesterinoc[.]info?

hesterinoc[.]info is one of many sites that redirect visitors to other untrusted websites or load dubious content. More examples of pages that function in this way are promodayz[.]com, overiesarticu[.]info and pushpush[.]net. Typically, these web pages are opened through dubious ads, rogue web pages or potentially unwanted applications (PUAs) installed on the browser.

Most users do not visit websites such as hesterinoc[.]info intentionally.

   
Magnetdl.com Ads

What is magnetdl[.]com?

magnetdl[.]com is a torrent website which uses rogue advertising networks and might contain copyrighted content. Note that buttons within magnetdl[.]com can lead to other untrusted and potentially malicious websites, including illegal streaming web pages. Note that 'torrenting' (using torrent clients) is not illegal, however, downloading copyrighted content is.

   
GoCryptoLocker Ransomware

What is GoCryptoLocker?

Discovered by Amigo-A, GoCryptoLocker is malicious software classified as ransomware. Ransomware is designed to encrypt data and demand payments for decryption. When GoCryptoLocker encrypts, all affected files are appended with the ".GEnc" extension.

For example, a file originally named something like "1.jpg" would appear as "1.jpg.GEnc" following encryption. After this process is complete, GoCryptoLocker displays a pop-up window.

   
History Hide Browser Hijacker

What is History Hide?

History Hide is advertised as a privacy-focused app that keeps users' searches private. In fact, it changes browser settings to promote its associated search engine (historyhide.com) and might also gather browsing-related and other data. Apps of this type are classified as browser hijackers.

People often download and install browser hijackers accidentally and, therefore, they are also categorized as potentially unwanted applications (PUAs).

   
Zooqle.com Ads

What is zooqle[.]com?

zooqle[.]com is an untrusted P2P (Peer-to-Peer) sharing website, which allows users to share content through torrent files. In fact, this site infringes copyright laws and uses rogue advertising networks. Therefore, visitors to this website are redirected to other dubious, deceptive and malicious sites.

This is a common monetization tactic employed by torrents and other dubious sites. Additionally, web pages such as zooqle[.]com are known to offer Trojans, ransomware and other malware for download, disguised as, or bundled with, normal software and/or media files. You are strongly advised against using zooqle[.]com or other untrusted download sources.

   
WisePCDoctor Unwanted Application

What is WisePCDoctor?

WisePCDoctor is advertised as program which allows users to scan, repair and improve the performance of their computers, however, due to its distribution method, WisePCDoctor is categorized as a potentially unwanted application (PUA). Generally, users do not download or install PUAs intentionally. Therefore, apps of this type should never be trusted.

   
U.S. Small Business Administration Email Virus

What is the fake "U.S. Small Business Administration" email?

The "U.S. Small Business Administration" email is part of yet another spam campaign exploiting the Coronavirus/COVID-19 pandemic.

Supposedly from the US Small Business Administration (SBA), the emails are disguised as containing information regarding the Paycheck Protection Program, Economic Injury Disaster Loans and Emergency Grants, and Small Business Debt Relief - as part of the CARES (Coronavirus Aid, Relief, and Economic Security) act.

These emails are designed to target small business owners/representatives, possibly SBA applicants who had their personally identifiable information exposed. The messages have infectious files attached, which contain GuLoader malware. This, in turn, infects systems with the Remcos Remote Access Tool (RAT).

When used for malicious purposes, this software is termed a 'Remote Access Trojan'.

   
TopicFirst Adware (Mac)

What is TopicFirst?

TopicFirst is a potentially unwanted application (PUA), an adware-type app supposedly designed to improve the browsing experience. In fact, it feeds users with advertisements, promotes Safe Finder (by opening it via akamaihd.net) and might also gather information. Users often download and install adware unintentionally and, therefore, TopicFirst is categorized as a PUA.

   
Hupigon RAT

What is the Hupigon RAT?

Hupigon is a Remote Access Trojan (RAT). Malware of this type allows almost user-level access and control over the infected device. RATs can have capabilities that enable likewise varied misuse. In the case of Hupigon, as well as granting access/control, it also has significant information-stealing capabilities.

This Trojan has been observed being proliferated for an extensive period of time through a variety of tactics. Recently, however, it was distributed using adult dating-themed spam campaigns, largely targeting faculty members and students of United States universities and colleges.

   

Page 1335 of 2289

<< Start < Prev 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal