Virus and Spyware Removal Guides, uninstall instructions

G-Cleaner Unwanted Application

What kind of software is G-Cleaner?

G-Cleaner (also known as GCleaner) is promoted as an app that supposedly speeds up and optimizes Windows computers. It is promoted as a legitimate application (and its appearance may suggest this) and has a website from which it can be downloaded. In fact, its installation setup also contains a malicious program. G-Cleaner is installed together with AZORult, a trojan-type malicious program.

   
Hceem Ransomware

What is Hceem?

Discovered by GrujaRS, Hceem is a ransomware-type infection that belongs to the Snatch ransomware family. As with many infections of this type, Hceem encrypts stored files and appends filenames with the ".hceem" extension (for example, "sample.jpg" is renamed to "sample.jpg.hceem").

Additionally, Hceem generates a text file ("RESTORE_HCEEM_DATA.txt") and places it in every existing folder.

   
Oraronerethet.info POP-UP Ads

What is oraronerethet[.]info?

oraronerethet[.]info is virtually identical to newchannel[.]club, hatnofort[.]com, terjuscalbuttont[.]info, and many other sites. It opens other untrustworthy websites or displays dubious content.

Typically, people do not visit this site intentionally - they are generally redirected to it by potentially unwanted applications (PUAs) installed on the system. PUAs cause redirects to dubious websites, deliver intrusive ads, and record user-system information.

   
Nythatspartaund.info POP-UP Ads

What is nythatspartaund[.]info?

nythatspartaund[.]info is one of many rogue websites that, once visited, displays dubious content or causes redirects to other untrustworthy websites. It is very similar to other pages of this type such as newchannel[.]club, hatnofort[.]com, and terjuscalbuttont[.]info.

These websites are generally opened by installed potentially unwanted applications (PUAs). People do not visit websites such as nythatspartaund[.]info or install PUAs intentionally. Additionally, most apps of this type serve users with ads and gather information relating to browsing activity.

   
Facebook Messenger Virus

What is "Facebook Messenger virus"?

"Facebook Messenger virus" was discovered by Ido Naor. Cyber criminals use it to spread FormBook, a trojan-type program, by sending various files through Facebook Messenger. If opened, these files cause installation of the aforementioned malicious program.

   
Kiratos Ransomware

What is Kiratos?

Kiratos is a high-risk ransomware-type infection that belongs to the Djvu malware family. As with other variants from this malware family, Kiratos stealthily infiltrates computers and encrypts most stored files. In doing so, Kiratos appends filenames with the ".kiratos" extension (for instance,  "sample.jpg" is renamed to "sample.jpg.kiratos").

Compromised data immediately becomes unusable. As well as encrypting data, Kiratos places a "_readme.txt" text file in every existing folder.

   
MatchPop Unwanted Application

What is MatchPop?

If the MatchPop program is installed on a computer without the user's knowledge, it should be uninstalled immediately. It is a cryptominer, a program that uses computer resources to mine cryptocurrency. In many cases, cyber criminals trick people into downloading and installing these programs so that they can use their computers to generate revenue.

   
Windows Protected Your PC POP-UP Scam

What is "Windows protected your PC"?

"Windows protected your PC" is the name of a tech-support scam promoted using a deceptive website. Like most of these scam websites, it often tricks people into believing that they need to contact scammers who pose as 'technicians', since the computers are supposedly infected and blocked. These websites cannot be trusted and the best option is to ignore and close them.

They are usually opened by potentially unwanted apps (PUAs) installed on browsers or computers. People do not generally visit these scam websites intentionally.

   
Hrosas Ransomware

What is Hrosas?

Hrosas is a ransomware-type infection discovered by Michael Gillespie. This is yet another variant of high-risk ransomware called Djvu. Generally, Hrosas stealthily infiltrates the system and encrypts most stored data. Additionally, Hrosas appends each filename with the ".hrosas" extension.

For example, "sample.jpg" becomes "sample.jpg.hrosas". After successfully encrypting data, Hrosas places a text file in each existing folder.

   
ApplicationWork Adware (Mac)

What is ApplicationWork?

ApplicationWork (also known as Application.work) is one of many potentially unwanted applications (PUAs) that are distributed through other software (they are bundled into set-ups). This application is categorized as adware - software that serves users with intrusive advertisements. Furthermore, many PUAs of this type often gather user-system information.

   

Page 1634 of 2329

<< Start < Prev 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal