Virus and Spyware Removal Guides, uninstall instructions

Primewallsecurity.co.in Ads

What kind of page is primewallsecurity.co[.]in?

During the examination of the site, we learned that primewallsecurity.co[.]in is a deceptive site that uses fear tactics to trick visitors into taking certain actions. Also, primewallsecurity.co[.]in aims to receive permission to show notifications that contain misleading warnings and other information.

   
Microsoft Windows Locked Due To Unusual Activity POP-UP Scam

What kind of scam is "Microsoft Windows Locked Due To Unusual Activity"?

Our researchers discovered the "Microsoft Windows Locked Due To Unusual Activity" technical support scam while investigating suspicious websites. This scheme masquerades as Microsoft's website warning visitors of system infections. The goal is to deceive victims into calling the fake support line and entangling them in a complex scam.

   
New Policy For Salary, Bonuses And Overtime Email Scam

What kind of scam is "New Policy For Salary, Bonuses And Overtime"?

Our team has analyzed this email and learned that it is deceptive. It is disguised as a notification from an organization regarding employment benefits. Scammers behind this email seek to steal personal information from recipients. Such emails are known as phishing attempts, and recipients should ignore them to avoid potential risks.

   
FIOI Ransomware

What kind of malware is FIOI?

FIOI is ransomware belonging to the Makop family. Our team discovered this variant during examination of samples submitted to VirusTotal. We found that FIOI encrypts files and appends the ".FIOI" extension (along with a string of random characters and an email address). Also, it changes the desktop wallpaper and creates the "+README-WARNING+.txt" file (a ransom note).

An example of how FIOI renames files: it changes "1.jpg" to "1.jpg.[2AF20FA3].[help24dec@aol.com].FIOI", "2.png" to "2.png.[2AF20FA3].[help24dec@aol.com].FIOI", and so forth.

   
The Sandbox Game Scam

What is the fake "The Sandbox Game" site?

During our inspection of the site (sandbox-game-airdrop.pages[.]dev), we found that it is a fake website mimicking the real one (sandbox[.]game). The fraudulent page is created by scammers who seek to steal funds (cryptocurrency) from unsuspecting individuals. Therefore, it is important not to interact with such websites.

   
Unclaimed Insurance Email Scam

What is "Unclaimed Insurance"?

We have examined this email and found that it is crafted to trick recipients into believing they can receive a large sum of money for cooperation. Schemes like this one are known as inheritance scams. Typically, fraudsters behind them try to extract money and (or) personal information from unsuspecting individuals.

   
SingleCamper Malware

What kind of malware is SingleCamper?

SingleCamper is an updated version of the RomCom RAT. SingleCamper was spotted being used as the primary implant in certain attacks carried out by threat actors. In these attacks, SingleCamper is responsible for executing all malicious post-compromise actions. It is loaded directly from the registry into memory and communicates with its loader via a loopback address.

   
SquidGrow Migration Claim Scam

What is the fake "SquidGrow Migration Claim" website?

While browsing suspicious websites, our researchers discovered this "SquidGrow Migration Claim" scam endorsed on squidgrow-claim.pages[.]dev (note that it could be hosted elsewhere). This fake page imitates the SquidGrow platform (squidgrow.wtf) and functions as a cryptocurrency drainer.

   
RoxiApp Unwanted Application

What is RoxiApp?

During our inspection, we could not determine what exactly the RoxiApp application does. However, we discovered that it installs alongside other unwanted components, and multiple security vendors have flagged the installer distributing RoxiApp as malicious. Therefore, users should avoid installing RoxiApp.

   
REVRAC Ransomware

What kind of malware is REVRAC?

REVRAC is a malicious program that encrypts data and demands ransoms for its decryption. Due to this behavior, this software is classed as ransomware.

On our testing system, REVRAC encrypted files and altered their filenames. Original titles were appended with a unique ID assigned to the victim and the ".REVRAC" extension. For example, a file initially named "1.jpg" appeared as "1.jpg.{AE53F3C6-811D-F11F-76B5-35C72B99A5C9}.REVRAC".

Once the encryption process was completed, the REVRAC ransomware created a ransom note in a text file titled "README.txt".

   

Page 46 of 2329

<< Start < Prev 41 42 43 44 45 46 47 48 49 50 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal