Virus and Spyware Removal Guides, uninstall instructions

2k19sys Ransomware

What is 2k19sys?

Belonging to Paradise ransomware family, 2k19sys is high-risk ransomware discovered by malware researcher mol69. It is designed to stealthily infiltrate computers and encrypt most stored data, thereby making it unusable. During encryption, 2k19sys appends filenames with the victim's unique ID, developer's email address, and ".2k19sys" extension.

For example, "sample.jpg" might be renamed to a filename such as "sample.jpp_T8JEa8_{file@p-security.li}.2k19sys". Additionally, 2k19sys opens a pop-up window and stores a text file ("-=###_INFO_you_FILE_###=-.txt") on the desktop.

   
Your Computer, Email And Smartphone Are Hacked Email Scam

What is "Your computer, email and smartphone are hacked"?

"Your computer, email and smartphone are hacked" is a typical scam that is proliferated through emails.

Typically, scammers use this technique to extort money from unsuspecting people by threatening to expose compromising photos or videos of them . Do not trust spam campaigns such as "Your computer, email and smartphone are hacked". When received, the associated emails should be ignored and deleted.

   
Bitcoin Collector Virus

What is Bitcoin Collector?

Bitcoin Collector is a malicious program promoted as a tool that allows users to earn from $15 to $45 (in Bitcoins) per day, free and automatically. This program supposedly operates as a cryptocurrency generator, however, its real purpose is to distribute malware.

Bitcoin Collector spreads india2lock ransomware and the Baldr trojan - two high-risk computer infections. We strongly recommend that you do not download, or more importantly, install, Bitcoin Collector.

   
Virus Hermes Ransomware

What kind of malware is Virus Hermes?

Virus Hermes is a high-risk ransomware-type infection based on an open-source ransomware project called Hidden Tear. After successful infiltration, Virus Hermes encrypts most stored files using the AES encryption algorithm. During encryption, Virus Hermes appends filenames with the ".Hermes" extension (e.g., "sample.jpg" is renamed to "sample.jpg.Hermes").

Note that there are two other ransomware infections with similar names (Hermes and Hermes 2.1), however, Virus Hermes and these other ransomware infections are not related. As well as encrypting data, Virus Hermes changes the desktop wallpaper, stores the "HOW TO DECRYPT FILES.txt" text file on the desktop, and opens a pop-up window.

   
Project Free Tv Virus

What is Project Free Tv?

Project Free Tv belongs to a group of websites that might cause unwanted downloads and installations, thereby leading to possible malware infections. As its name suggests, this web page allows users to watch various TV shows and movies free of charge. It contains a compilation of titles from A to Z and also allows users to search for movies or shows by genre.

This is a legitimate website, however, developers monetize it using dubious ad networks. In summary, Project Free Tv contains dubious ads and leads to deceptive, rogue websites. By using this web page, people risk being redirected to malicious pages or tricked into downloading and installing unwanted (potentially malicious) apps.

   
Mogera Ransomware

What is Mogera?

First discovered by Michael Gillespie, Mogera is a high-risk ransomware infection that belongs to the Djvu ransomware family. As with other infections from this family, Mogera stealthily infiltrates computers and encrypts most stored data, thereby making it unusable.

This ransomware also appends filenames with the ".morega" extension (e.g., "sample.jpg" is renamed to "sample.jpg.morega"). Following successful encryption, Mogera creates a "_readme.txt" text file and places a copy in each existing folder.

   
Kissmanga Virus

What is Kissmanga?

Kissmanga is the name of a group of websites that are linked to possible malware infections. This particular website contains a collection of graphic novels known as 'manga', which are comics and part of Japanese art. Some of the comics on the website might contain copyrighted manga.

This is a legitimate web page, however, it uses dubious ad networks, which developers use to monetize it.

The website contains various ads and, when browsed, causes redirects to deceptive, untrustworthy websites and deploys dubious pop-up ads. People who use this website might end up having unwanted apps (such as adware) or even malware installed on their browsers or computers.

   
Sysfrog Ransomware

What is Sysfrog?

Discovered by Michael Gillespie, Sysfrog is a malicious program categorized as ransomware. Programs of this type are designed to encrypt files: they lock files and keep them that state until developers are paid. I.e., ransomware victims are encouraged to buy decryption tools from these cyber criminals.

Sysfrog adds the ".sysfrog" extension to each file (it also prepends "[sysfrog@protonmail.com]"). For example, ".jpg." becomes "[sysfrog@protonmail.com]1.jpg.sysfrog". It also creates a ransom message within the "how_to_decrypt.txt" file, which can be found in folders that contain encrypted files.

   
Apple.com-monitor.live POP-UP Scam (Mac)

What is "apple.com-monitor[.]live"?

The apple.com-monitor[.]live website is used by scammers to promote the Cleanup My Mac potentially unwanted application (PUA). This website displays a fake virus alert notification stating that users' computers are infected and encourages them to download and install the PUA, which supposedly removes the detected viruses.

This website is commonly opened by a PUA that is already installed on the computer or browser. Therefore, most people do not visit this page intentionally. Furthermore, PUAs usually collect user-system information and display intrusive ads.

   
GottaCry Ransomware

What is GottaCry?

GottaCry is the name of a ransomware-type program that was discovered by MalwareHunterTeam. Rather than encrypting data, GottaCry deletes all files that are placed on the victim's Desktop. It also enables a pop-up window with instructions detailing how to return the lost files.

   

Page 1617 of 2329

<< Start < Prev 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal