Virus and Spyware Removal Guides, uninstall instructions

Valak Malware

What is Valak?

Valak is malicious software that downloads JScript files and executes them. What happens next depends on the actions performed by the executed JScript files. It is very likely that cyber criminals behind Valak attempt to use this malware to cause chain infections (i.e., using Valak to distribute other malware).

Research shows that Valak is distributed through spam campaigns, however, in some cases, it infiltrates systems when they are already infected with malicious program such as Ursnif (also known as Gozi).

   
ProgressExpert Adware (Mac)

What is ProgressExpert?

ProgressExpert is an adware-type app that has browser hijacker characteristics. It operates by running intrusive advertisement campaigns, making modifications to browser settings and promoting a fake search engine. ProgressExpert promotes Safe Finder through akamaihd.net.

Additionally, most adware programs and browser hijackers have data tracking capabilities employed to monitor users' browsing activity. Due to the questionable tactics used to distribute ProgressExpert, it is also classified as a Potentially Unwanted Application (PUA).

   
Cov19 Ransomware

What is Cov19?

Cov19 is a malicious program belonging to the Scarab ransomware family. Systems infected with this malware experience data encryption and users receive ransom demands for decryption. During the encryption process, all affected files are renamed according to this pattern: random character string and the ".cov19" extension.

For example, a file like "1.jpg" could appear as something similar to "7QucYQjs1w48jA.cov19" following encryption. After this process is complete, a ransom message ("TO RECOVER.TXT") is dropped into all compromised folders.

   
Apex Enquiry Email Virus

What is the "Apex Enquiry" email?

"Apex Enquiry" is the name of deceptive emails, which are part of a spam campaign designed to proliferate the Agent Tesla RAT (Remote Access Trojan). These messages target users, companies, businesses and similar entities that deal with large orders.

The "Apex Enquiry" emails ask recipients to review an attached file, which supposedly contains shipment details and provides the necessary information to proceed with the order. In fact, opening the attached file starts installation of Agent Tesla malware.

   
Nomadnews.club Ads

What is nomadnews[.]club?

nomadnews[.]club is a rogue website, which cannot be trusted and should be avoided. Browsers usually open websites such as nomadnews[.]club due to installed potentially unwanted applications (PUAs). People not often visited these web pages intentionally.

When opened, however, sites such as nomadnews[.]club display dubious content or open other untrusted websites. Some examples of other websites similar to nomadnews[.]club are thediseasetracker[.]com, zpredir1[.]com and biz-4u[.]com. As well as promoting dubious websites, PUAs gather browsing data and display unwanted, intrusive advertisements.

   
HermesLookup Adware (Mac)

What is HermesLookup?

HermesLookup is a rogue application categorized as adware, which also possesses browser hijacker traits. Following successful infiltration, this app runs intrusive advertisement campaigns (i.e., delivers unwanted and harmful ads), modifies browsers and promotes fake search engines.

Additionally, HermesLookup is likely to have data tracking capabilities, which are employed to monitor users' browsing activity. Due to the dubious methods used to proliferate HermesLookup, it is also classified as a Potentially Unwanted Application (PUA). One of the dubious techniques used to proliferate this application is via fake Adobe Flash Player updates.

Note that bogus updaters/installers commonly distribute Trojans, ransomware and other malware.

   
UniversalWebResults Adware (Mac)

What is UniversalWebResults?

UniversalWebResults (also known as UniversalWebResult) is designed to feed users with various advertisements. It also functions as a browser hijacker and changes certain browser settings to promote the address of a fake search engine. Apps of this type (adware, browser hijackers) also collect browsing data.

Research shows that UniversalWebResults is distributed by using a fake Adobe Flash Player and, therefore, people often download and install this app unintentionally. For these reasons, UniversalWebResults is also categorized as a potentially unwanted application (PUA).

   
DragonCyber Ransomware

What is DragonCyber?

DragonCyber belongs to a ransomware family called Jigsaw. Like most programs of this type, it encrypts files, modifies filenames and generates a ransom message. DragonCyber renames all encrypted files by appending the ".dc" extension to filenames. For example, it renames "1.jpg" to "1.jpg.dc", "2.jpg" to "2.jpg.dc", and so on.

This ransomware also displays a pop-up window, which contains instructions about how to recover data that was encrypted by it.

   
Cisco AnyConnect Virus

What is "Cisco AnyConnect Virus"?

"Cisco AnyConnect Virus" is a generic term used to describe unwanted or malicious content distributed under the guise of content relating to the Cisco AnyConnect application. Cisco AnyConnect is a unified security endpoint agent that delivers multiple security services for enterprise protection.

It also provides the visibility and control necessary to identify users and devices that are accessing the extended enterprise. Therefore, it is designed as a tool to provide secure access to remote workers. The untrusted/malicious content distributed under the guise of this product/company is in no way connected to the legitimate Cisco Systems, Inc. company.

   
Microsoft Lync Virus

What is Microsoft Lync?

Microsoft Lync (and Office Communicator) is a former name of Skype for Business, a popular instant messaging application. Research shows that there are a number of fake, deceptive Microsoft Lync installers designed to distribute unwanted, malicious applications.

This is not the first time cyber criminals have used the name of well-known, legitimate products or services for malicious purposes. If the installer for Microsoft Lync/Skype for Business is promoted on an unofficial website, this is not the legitimate Microsoft product and is likely to be potentially unwanted or even malicious software.

   

Page 1358 of 2329

<< Start < Prev 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal