Virus and Spyware Removal Guides, uninstall instructions

$PAWS Token Distribution Scam

What is the fake "$PAWS Token Distribution" website?

While investigating suspect sites, our researchers discovered this fake "$PAWS Token Distribution" page. The scam was promoted on allocate-pawscoin[.]xyz, yet it could be hosted elsewhere.

The webpage claims to be distributing tokens – instead, it operates as a cryptocurrency drainer. Essentially, funds are transferred from victims' digital wallets to those in the scammers' possession.

   
InstantQuest Browser Hijacker

What kind of software is InstantQuest?

Our researchers discovered the InstantQuest browser hijacker in a rogue installer promoted by a scam page, the latter was found during a routine investigation of untrustworthy websites.

This extension modifies browser settings to promote (via redirects) the finditfasts.com fake search engine. It is pertinent to mention that this extension could endorse other sites.

   
Phuthobsee.com Ads

What kind of page is phuthobsee[.]com?

Our analysis of phuthobsee[.]com has shown that the site is designed to obtain permission to show notifications. It uses a deceptive technique to achieve this. Once allowed, phuthobsee[.]com can deliver notifications created to open potentially malicious websites. Thus, phuthobsee[.]com should be avoided.

   
Abyssalminer.top Ads

What kind of page is abyssalminer[.]top?

During our examination of abyssalminer[.]top, we found that this page uses a deceptive method to get permission to show notifications. Once allowed, abyssalminer[.]top delivers fake warnings and other misleading notifications. Users should avoid visiting abyssalminer[.]top and never allow it to send notifications.

   
Proton.me Email Scam

What kind of email is "Proton.me"?

After inspecting this "Proton.me" email, we determined that it is fake. This spam message claims that several emails were withheld from reaching the recipient's inbox. This campaign lures victims into visiting a phishing website targeting account log-in credentials by enticing them with the supposed ability to review the nonexistent messages.

   
Aroidonline.com Ads

What kind of page is aroidonline[.]com?

While inspecting dubious websites, our researchers discovered the aroidonline[.]com rogue page. This site promotes browser notification spam; we observed it using several versions of a fake CAPTCHA verification test for this purpose. Additionally, aroidonline[.]com can generate redirects to different (likely unreliable/dangerous) websites.

Users primarily access aroidonline[.]com and similar webpages through redirects caused by sites that utilize rogue advertising networks.

   
Appspot.com Ads

What kind of page is appspot[.]com?

Our research team found the appspot[.]com rogue page while inspecting suspect websites. After investigating this webpage, we learned that it endorses browser notification spam and redirects users to other (likely dubious/malicious) sites. Most visitors enter pages like appspot[.]com through redirects caused by websites utilizing rogue advertising networks.

   
Your Netflix Subscription Is Expiring Soon Email Scam

What kind of email is "Your Netflix Subscription Is Expiring Soon"?

After reading the "Your Netflix Subscription Is Expiring Soon" email, we determined that it is fake. This spam message is presented as an alert concerning an expiring subscription. The goal of this phishing email is to steal recipients' Netflix accounts.

It must be emphasized that this scam email is not associated with the Netflix streaming service or the media company behind it – Netflix, Inc.

   
DavidHasselhoff Ransomware

What kind of malware is DavidHasselhoff?

Our researchers discovered DavidHasselhoff ransomware while reviewing new submissions to the VirusTotal platform. This malicious program belongs to the MedusaLocker ransomware family. DavidHasselhoff is designed to encrypt data and demand payment for its decryption; it uses double-extortion tactics to push victims into paying.

After we executed a sample of this ransomware on our test machine, it encrypted files and appended their filenames with the ".247_davidhasselhoff" extension. For example, a file like "1.jpg" appeared as "1.jpg.247_davidhasselhoff". It is noteworthy that the number in the extension may differ depending on the ransomware's variant.

Once the encryption process was finished, DavidHasselhoff ransomware dropped a ransom note titled "How_to_back_files.html".

   
Alltmcilive.com Ads

What kind of page is alltmcilive[.]com?

Our researchers discovered the alltmcilive[.]com rogue page while investigating questionable websites. After analyzing this webpage, we learned that it endorses browser notification spam and redirects visitors to different (likely unreliable/hazardous) sites. Most users enter pages like alltmcilive[.]com via redirects caused by websites that employ rogue advertising networks.

   

Page 62 of 2329

<< Start < Prev 61 62 63 64 65 66 67 68 69 70 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal