Virus and Spyware Removal Guides, uninstall instructions

What is Dcom?

First discovered by malware researcher Petrovic, Dcom is a new ransomware-type infection that belongs to the GlobeImposter family. After successful infiltration, Dcom encrypts most stored data, thereby making it unusable. During the procedure, Dcom appends each filename with the ".dcom" extension (hence its name).

For example, "sample.jpg" is renamed to "sample.jpg.dcom". Additionally, Dcom generates the "how_to_back_files.txt" text file and places it on the desktop.

What is mvideo[.]pro?

Similar to checking-in-progress.com, seceno.com, bikereddint.info and many others, mvideo[.]pro is yet another rogue website designed to feed users with dubious content and redirect them to other potentially malicious sites.

Most users arrive at mvideo[.]pro inadvertently - they are redirected by potentially unwanted applications (PUAs) or intrusive advertisements displayed on other rogue sites. Be aware that PUAs typically infiltrate computers without permission and, as well as causing redirects, deliver intrusive advertisements and record information relating to browsing activity.

What is mediafresh[.]online?

mediafresh[.]online is a rogue website that is virtually identical to checking-in-progress.com, ciessimple.pro, deloplen.com, and many others. Once visited, mediafresh[.]online redirects users to other rogue sites and delivers dubious content.

Many visitors arrive at mediafresh[.]online inadvertently - they are redirected by potentially unwanted applications (PUAs) or intrusive advertisements delivered by untrusted sites. PUAs infiltrate computers without users' consent. As well as causing redirects, they deliver advertisements and monitor browsing activity by gathering data.

What is mysuccesspaths[.]com?

mysuccesspaths[.]com is a website that uses rogue ad networks. Therefore, it causes redirects to other untrustworthy sites that might be designed to trick people into downloading unwanted apps. To avoid any problems that might be caused by mysuccesspaths[.]com, we recommend that you avoid it.

What is Litar?

Discovered by malware researcher, Petrovic, Litar is yet another data-locking infection that belongs to the Djvu ransomware family. Once infiltrated, Litar encrypts most stored data, thereby making it unusable. In addition, it appends filenames with the ".litar" extension (e.g., "sample.jpg" is renamed to "sample.jpg.litar").

The files are encrypted so that ransom demands can be made - after successfully compromising data, Litar generates the "_readme.txt" text file and stores it in each folder containing encrypted files.

What is 123movies?

123movies offers a TV and movie streaming service, however, developers do this illegally. Another problem with this web page is that it uses rogue advertising networks. Untrustworthy ads are displayed on the website, which redirects to other dubious, deceptive sites. We advise against using 123movies and its services. Also avoid visiting other sites of this kind.

What is converto[.]io?

The converto[.]io website offers features to download videos from YouTube and save them in .mp3 or .mp4 formats.

This is a typical YouTube video downloader/converter, however, note that it is illegal to download videos from YouTube. Additionally, this site uses rogue advertising networks and thus contains unwanted advertisements and causes redirects to other dubious web pages.

What is mp3-youtube[.]download?

mp3-youtube[.]download is presented as a simple and fast YouTube downloader and converter. Additionally, it is capable of downloading and converting videos from Facebook, Instagram, audio from Soundcloud, and so on. Note that it is illegal to download videos from YouTube and, furthermore, the mp3-youtube[.]download website uses rogue advertising networks.

What is checking-in-progress[.]com?

Similar to ciessimple.pro, miresnahapsi.pro, storynnews.com, and many others, checking-in-progress[.]com is a rogue website designed to feed users with potentially malicious content and redirect them to other dubious/dubious sites.

Visitors typically end up visiting checking-in-progress[.]com inadvertently, since they are redirected by potentially unwanted applications (PUAs) or intrusive advertisements displayed on other rogue sites. PUAs infiltrate computers without users' consent. As well as causing redirects, they also deliver intrusive ads and gather information.

What is Coinmoney?

Coinmoney is a ransomware infection written in the Go (Golang) programming language. This malicious program was discovered by A Shadow and infects computers through a Python extension called py2exe, which converts Python scripts into MS Windows executables. When executed, these spread Coinmoney via a LAN with the EternalBlue exploit.

When infected with Coinmoney, all files on the system become encrypted. Furthermore, it renames all files by appending the ".locked" extension to filenames. For example, "1.jpg" becomes "1.jpg.locked". The ransom message appears within an HTML file called "README.html".