Virus and Spyware Removal Guides, uninstall instructions

Claim SatoshiDEX (SATX) Scam

What is the fake "Claim SatoshiDEX (SATX)" website?

"Claim SatoshiDEX (SATX)" is a scam that is almost a perfect visual copy of SatoshiDEX (satoshidex.ai). Upon inspection, we determined that this fake page (satoshidex-ai[.]org and potentially others) is a cryptocurrency drainer. The scheme lures users into exposing their digital wallets to steal the assets stored therein.

   
Payroll Report Status Email Scam

What is "Payroll Report Status"?

We have inspected this email and learned that its purpose is to extract personal information from recipients. Emails of this type are classified as phishing emails. This particular email is disguised as a letter regarding a change in the payroll report status to appear legitimate and lure recipients into opening a deceptive website.

   
Aethir ($ATH) Allocation Scam

What is the fake "Aethir ($ATH) Allocation" website?

"Aethir ($ATH) Allocation" is a scam imitating the Aethir platform (aethir.com). This scheme entices users to inadvertently expose their digital wallets to a crypto drainer by promoting an allocation increase of ATH cryptocurrency. Victims of this scam experience financial loss.

   
UnicornSpy Malware

What kind of malware is UnicornSpy?

UnicornSpy is malware used to steal sensitive information. Cybercriminals have been observed using UnicornSpy to target energy companies, factories, and suppliers (and developers) of electronic components. The channel used for the distribution of this malware is email. However, threat actors may also deliver UnicornSpy using other methods.

   
Guardflares.com Redirect

What is guardflares.com?

We have inspected guardflares.com and discovered that it is a fake search engine. We also found that guardflares.com is promoted through a variety of browser hijackers, such as SpeedyLook, SearchNinja, BlazeSearch and many other. Search engines promoted through such extensions should not be trusted. If guardflares.com and SpeedyLook (or any other questionable extensions) are present within a browser, they should be removed.

   
Ymir Ransomware

What kind of malware is Ymir?

Ymir is a ransomware-type program. It operates by encrypting files (using ChaCha20 cryptographic algorithm) and demanding ransoms for the decryption.

The filenames of files locked by Ymir are altered by being appended with an extension comprising a random character string. For example, a file initially titled "1.jpg" has appeared as "1.jpg.6C5oy2dVr6".

After the encryption is concluded, Ymir drops ransom notes – "INCIDENT_REPORT.pdf" – into each affected folder. This ransomware also displays another message in a full-screen that precedes the log-in screen.

   
SpeedyLook Browser Hijacker

What kind of extension is SpeedyLook?

Our examination of SpeedyLook has revealed that it is an unreliable browser extension designed to hijack a web browser by changing its settings. This extension forces users to visit guardflares.com. Additionally, SpeedyLook enables the "Managed by your organization" setting (in Chrome browsers).

   
Email Password Time Running Out Scam

What is "Email Password Time Running Out"?

We have analysed this email and found that it is a scam email designed to appear like a notification from an email service provider. This email contains a link to a phishing website designed to steal personal information. Recipients should ignore such emails and know how to recognize them.

   
$testME Token Claim Scam

What is fake "$testME Token Claim" website?

Our examination of the site (testme.mefoundaiton[.]xyz) has shown that it is a deceptive platform offering individuals to claim $testME tokens. The true purpose of this web page is to steal cryptocurrency from victims. Therefore, this and similar sites should be avoided.

   
RunningRAT Malware

What kind of malware is RunningRAT?

RunningRAT is a Remote Access Trojan (RAT) that was known for stealing sensitive information from victims. Now, cybercriminals are using it to distribute cryptocurrency miners. RunningRAT is likely to lead to higher electricity costs and hardware damage for victims. Thus, it should be removed from infected systems as soon as possible.

   

Page 33 of 2329

<< Start < Prev 31 32 33 34 35 36 37 38 39 40 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal