Virus and Spyware Removal Guides, uninstall instructions

CentralLocator Adware (Mac)

What is CentralLocator?

CentralLocator is the name of a potentially unwanted application (PUA) that is categorized as adware. This program supposedly enhances the browsing experience, however, it serves intrusive advertisements and gathers various information. Adware-type apps are termed 'PUAs', since people usually do not download or install them intentionally.

   
Android-recaptcha.info Ads

What is android-recaptcha[.]info?

android-recaptcha[.]info is a rogue website. Like many similar websites, it redirects visitors to other untrustworthy web pages or loads dubious content. Some examples of other sites that operate in this manner include find-soulmates[.]com, best-girls-ever[.]com and hellopushworld[.]com.

Web browsers commonly open these sites due to potentially unwanted applications (PUAs) installed on them. Typically, PUAs are designed to force browsers to open untrustworthy websites, display advertisements and gather browsing data.

   
Horriblemorning Ransomware

What is Horriblemorning?

Discovered by GrujaRS. Horriblemorning is malicious software belonging to the GlobeImposter ransomware family. This malware is designed to encrypt data and demand ransom payments for decryption. During the encryption process, all files are are appended with the ".Horriblemorning" extension.

Therefore, "1.jpg" would appear as "1.jpg.Horriblemorning", and so on for all affected files. After this process is finished, Horriblemorning stores an HTML file ("how_to_back_files.html") on the desktop.

   
Mainsourceofupdates.best POP-UP Scam (Mac)

What is mainsourceofupdates[.]best?

mainsourceofupdates[.]best is a deceptive website claiming that Adobe Flash Player is outdated. It operates by encouraging users into downloading/installing a fake Flash Player updater.

The rogue update installers are high-risk, since they are used to proliferate Potentially Unwanted Applications (PUAs) such as adware, browser hijackers, and malicious content (e.g. trojans, ransomware and other malware).

Few visitors arrive at mainsourceofupdates[.]best intentionally - most are redirected by intrusive advertisements or PUAs already infiltrated into the device.

   
Legion Loader Malware

What is Legion Loader?

Legion Loader is a malicious program designed to infect systems with 2-3 other programs of this type (or more). Research shows that Legion Loader is used to spread information stealers (such as Vidar, Predator the Thief and Raccoon Stealer), backdoors, cryptocurrency stealers and a cryptocurrency miner.

Legion Loader can thus cause many problems. If a system is infected with this malware (or other malicious software installed through it), it should be removed immediately.

   
R00t Ransomware

What is r00t?

R00t is a malicious program belonging to the Paradise ransomware family. It is designed to encrypt the data of infected systems so that ransom demands can be made for decryption software. During encryption, all affected files are renamed according to the following pattern: "_r00t_{random string}.njkwe".

For example, "1.jpg" might appear similar to "1.jpg_r00t_{pJFM2q}.njkwe", and so on for all compromised files. After this process is finished, r00t creates a text file called "---==%$$$OPEN_ME_UP$$$==---.txt" on the the victim's desktop.

   
Greta Thunberg Email Virus

What is "Greta Thunberg Email Virus"?

This spam campaign is disguised as an invitation to "the biggest climate protest". Cyber criminals behind it seek to trick recipients into opening the attached document or website link, and then installing Emotet. Note that Emotet is a malicious program categorized as Trojan.

It is designed to steal sensitive information. We strongly recommend that you ignore this email. Do not click the included link or open the attached file (document).

   
Parad1gm Ransomware

What is Parad1gm?

Discovered by GrujaRS, Parad1gm is malicious software belonging to the DopplePaymer ransomware family. This malware operates by encrypting data and then demanding ransom payments for decryption tools/software. When Parad1gm encrypts, all files are renamed with the ".parad1gm" extension.

For example, "1.jpg" would appear as "1.jpg.parad1gm", and so on for all affected files. This ransomware generates ransom messages for each encrypted file. The filenames of these messages consist of the original filename and ".parad1gm_readme" extension (e.g. "1.jpg.parad1gm" would be accompanied by "1.jpg.parad1gm_readme").

   
Gusimp.net Ads

gusimp[.]net redirect removal instructions

What is gusimp[.]net?

gusimp[.]net is a rogue web page, which is similar to find-soulmates.comhistleolderlandch.infoterko.pro and countless others (and also related to adf.ly). Visitors to this site are presented with dubious content and/or redirected to other untrustworthy or malicious websites. People do not often access gusimp[.]net intentionally - they are redirected by intrusive advertisements or Potentially Unwanted Applications (PUAs) already present on their systems. PUAs do not need express user permission to infiltrate devices. Following successful infiltration, they generate redirects, run intrusive ad campaigns and monitor users' browsing activity.

   
Finestream.club Ads

What is finestream[.]club?

Typically, people do not visit websites such as finestream[.]club intentionally. There are also many other similar pages on the internet.

Some examples are horny-vid[.]com, rex-news1[.]club and pushpush[.]net. Browsers are commonly forced to open these sites due to installed potentially unwanted applications (PUAs). These apps can open untrustworthy/rogue web pages, gather data and display advertisements. In most cases, people download and/or install PUAs inadvertently.

   

Page 1473 of 2329

<< Start < Prev 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal