Virus and Spyware Removal Guides, uninstall instructions

Assistance Lifting The Cargo Email Scam

What is "Assistance Lifting The Cargo"?

Our inspection of the email has shown that it is fraudulent. Scammers created it to trick recipients into sending them money and (or) personal information. It is disguised as a letter regarding a cargo and includes a financial offer. Whoever receives this email should ignore it to avoid financial loss and (or) other issues.

   
Treasurer Shared A Folder Email Scam

What kind of scam is "Treasurer Shared A Folder"?

Our examination of the email has revealed that it is a phishing email. It is disguised as a letter regarding a shared folder and designed to lure recipients into opening a deceptive page (through the provided link) and entering personal information. Recipients should be careful when encountering such emails to avoid privacy and security risks.

   
McAfee - Computer Is At Risk Of Virus Infection POP-UP Scam

What is "McAfee - Computer Is At Risk Of Virus Infection"?

We have discovered that it is a typical pop-up scam designed to trick visitors into taking certain actions. Usually, scammers behind scams like this one use scare tactics to achieve their goals. Users should avoid visiting such pages and close them if they encounter them to avoid potential negative outcomes.

   
PrimeLookup Browser Hijacker

What kind of extension is PrimeLookup?

We have tested the PrimeLookup browser extension and found that adding it results in browser hijacking. Usually, extensions of this type change the settings of web browsers to promote certain addresses. PrimeLookup hijacks web browsers to promote finditfasts.com, a fake search engine.

   
VXUG Ransomware

What kind of malware is VXUG?

VXUG is ransomware, which our team discovered during an inspection of samples submitted to VirusTotal. We found that VXUG is a variant of CryLock. Once infiltrated, it encrypts and renames files and creates a ransom note ("how_to_decrypt.hta"). VXUG appends an email address, a number, and a victim's ID to filenames.

For example, it changes "1.jpg" to "1.jpg[staff@vx-underground.org][1].[F27195A8-B7BFB093]", "2.png" to "2.png[staff@vx-underground.org][1].[F27195A8-B7BFB093]", and so forth.

   
MetaMask Wallet Verification Email Scam

What is "MetaMask Wallet Verification"?

Our analysis of the email has revealed that it is a fraudulent letter masquerading as a notification from MetaMask regarding wallet verification. The scammers behind this phishing scheme aim to lure unsuspecting recipients into disclosing personal information on a fake web page. Recipients should ignore such emails to avoid potential consequences.

   
Hawk Ransomware

What kind of malware is Hawk?

While analyzing malware samples uploaded to the VirusTotal platform, we discovered Hawk, a ransomware variant designed to encrypt files. In addition to encrypting data, Hawk creates a ransom note ("#Recover-Files.txt") and appends the victim's ID, sup.logical@gmail.com email address, and the ".hawk" extension to filenames.

For example, it renames "1.jpg" to "1.jpg.id[XX-B2750012].[sup.logical@gmail.com].hawk", "2.png" to "2.png.id[XX-B2750012].[sup.logical@gmail.com].hawk", and so on.

   
PlayBoy LOCKER Ransomware

What kind of malware is PlayBoy LOCKER?

PlayBoy LOCKER is ransomware designed to encrypt files and append the ".PLBOY" extrension to filenames. It also generates a text file ("INSTRUCTIONS.txt") containing a ransom note and changes the desktop wallpaper. An example of how PlayBoy LOCKER modifies filenames: it changes "1.jpg" to "1.jpg.PLBOY", "2.png" to "2.png.PLBOY", and so forth.

   
ZOHO Mail Interruption Notice Scam

What is "ZOHO Mail Interruption Notice scam"?

Our team has analyzed this email and uncovered that it is a phishing email created to trick recipients into disclosing personal information on a fake web page. This fraudulent email is disguised as a notification from an email service provider. Whoever receives it should ignore it to avoid privacy risks.

   
Gonor.xyz Ads

What kind of page is gonor[.]xyz?

Gonor[.]xyz is the address of a rogue webpage discovered by our researchers during a routine investigation of suspicious sites.

After inspecting this page, we determined that it promotes browser notification spam and generates redirects to other (likely unreliable/hazardous) websites. Users primarily access webpages like gonor[.]xyz via redirects caused by sites utilizing rogue advertising networks.

   

Page 42 of 2329

<< Start < Prev 41 42 43 44 45 46 47 48 49 50 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal