Virus and Spyware Removal Guides, uninstall instructions

Trovi.com Redirect (Mac)

What is trovi.com?

trovi.com is a dubious website promoted through potentially unwanted applications (PUAs) called hijackers. One of these hijackers is weknow.ac, which is bundled into the setup of a fake Flash Player installer (updater).

Browser hijackers are categorized as potentially unwanted apps (PUAs) that promote fake search engines or other web pages by modifying browser settings. Additionally, they operate as information tracking tools and gather data about users.

   
Your Windows Computer Could Be Infected With Viruses! POP-UP Scam

What is "Your Windows Computer Could Be Infected With Viruses!"?

"Your Windows Computer Could Be Infected With Viruses!" is a scam promoted on an untrustworthy website that encourages visitors to remove viruses with a potentially unwanted application (PUA).

Neither websites of this type nor software promoted through them should ever be trusted. If this page opens randomly, it is likely that there is a PUA already installed on the browser or computer. PUAs usually cause unwanted redirects, gather user-data, and deploy intrusive ads.

   
LotR Ransomware

What is LotR?

Discovered by Raby, LotR is high-risk ransomware belonging to the GlobeImposter ransomware family. As with most ransomware infections, LotR stealthily infiltrates computers and encrypts stored files. Additionally, LotR appends filenames with the ".[new_wave@tuta.io].LotR" extension (e.g., "sample.jpg" is renamed to "sample.jpg.[new_wave@tuta.io].LotR").

Encrypted data immediately becomes inaccessible. Furthermore, after encrypting data, LotR stores the "#NEW_WAVE.html" file on the desktop. This file contains a ransom-demand message.

   
Maze Ransomware

What is Maze?

Discovered by Jérôme Segura, Maze is a ransomware-type program. People who have computers infected with Maze cannot access their files/data - the program encrypts files and keeps them in that state until a ransom is paid. Furthermore, it renames all encrypted files by adding a random extension to the filenames.

For example, "1.jpg" might become "1.jpg.ILnnD", and so on. Maze also changes the desktop wallpaper and creates the "DECRYPT-FILES.html" file, a ransom message with instructions about how to decrypt files.

   
KPOT Stealer

What is KPOT?

Discovered by Jorge Mieres, KPOT is a high-risk trojan designed to steal various personal information. This malware is typically distributed using fake web browser updaters (more information), however, this trojan was previously distributed using spam email campaigns.

KPOT can be purchased for $100 on hacker forums and, therefore, any aspiring cyber criminal can purchase this trojan and begin stealing data.

   
Windows Hard Disk Is At High Risk POP-UP Scam

What is "Windows hard disk is at high risk"?

"Windows hard disk is at high risk" is a technical support scam that is promoted on a deceptive website. Scam websites of this type are used to extort money from unsuspecting people by tricking them into paying for unnecessary software or services.

Typically, people do not visit websites of this type intentionally - they are redirected to them by deceptive ads that they have clicked, or potentially unwanted apps (PUAs) that have been installed on their browsers or computers. In addition to redirects, PUAs feed users with unwanted ads and gather browsing-related information.

   
Beets Ransomware

What is Beets?

Discovered by Jakub Kroustek, Beets is the name of a malicious program classified as ransomware and which is part of the Dharma ransomware family. Ransomware developers use these programs to encrypt victims' data and force them to purchase a decryption tool/key.

Beets renames each encrypted file by adding an email address, the victim's ID and the ".beets" extension to the filename. For example, "1.jpg" becomes "1.jpg.id-1E857D00.[vombombom@cock.li].beets". It also enables a pop-up window with instructions about how to decrypt files and creates a text file called "RETURN FILES.txt".

   
Rezuc Ransomware

What is Rezuc?

This ransomware belongs to the Djvu family and was discovered by Michael Gillespie. Rezuc is one of many ransomware-type programs that encrypts victims' files and blocks access to them until a ransom is paid (a decryption tool/key is purchased). Typically, when files are encrypted, their filenames are also changed.

In this case, Rezuc renames them by adding the ".rezuc" extension. For instance, "1.jpg" becomes "1.jpg.rezuc". Rezuc creates a "_readme.txt" file (containing a ransom message) and stores it in folders that contain encrypted files.

   
Phobos (.help) Ransomware

What kind of malware is Phobos (.help)?

Discovered by GrujaRS, Phobos (.help) is a part of the Phobos ransomware family. The cyber criminals who designed this malicious program use it to encrypt data and force victims to pay a ransom. Like most ransomware-type programs, Phobos (.help) renames each encrypted file.

In this case, it changes filenames by adding the ".help" extension plus the email address of Phobos (.help) developers, and a unique victim ID. For example, "1.jpg" might become "1.jpg.id[1E857D00-1016].[randal_inman@aol.com].help".

Additionally, this ransomware creates a ransom message in the "info.hta" (which displays a pop-up window) and "info.txt" files that contain information about how to decrypt files and contact cyber criminals.

   
mBytes Clean Pro Unwanted Application

What is mBytes Clean Pro?

mBytes Clean Pro developers present this app as a system optimization tool that can be used to scan the operating system, clean items that affect computer performance, remove threats that make computers vulnerable to malicious attacks, and so on.

In fact, mBytes Clean Pro is categorized as a potentially unwanted application (PUA), since the developers promote it using a deceptive method called "bundling". Therefore, many people download and install this app unintentionally.

   

Page 1616 of 2329

<< Start < Prev 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal