Virus and Spyware Removal Guides, uninstall instructions

Shieldforbrowsers.com Ads

What kind of page is shieldforbrowsers[.]com?

While inspecting dubious pages, our researchers discovered the shieldforbrowsers[.]com rogue website. It is designed to run scams, promote spam browser notifications, and redirect visits to different (likely untrustworthy and malicious) sites.

Users typically access webpages like shieldforbrowsers[.]com via redirects caused by others that use rogue advertising networks.

   
Dark Display Adware

What kind of application is Dark Display?

We have discovered the Dark Display application while examining shady websites and inspecting deceptive advertisements. We learned that Dark Display is supposed to provide a dark mode for web browsers but functions as adware (it shows unwanted advertisements).

   
Simple Search Browser Hijacker

What kind of application is Simple Search?

Our team discovered the Simple Search application while analyzing deceptive web pages. We found that the purpose of Simple Search is to promote search.simple-searchs.com (force users to browse the Internet with a fake search engine). Simple Search promotes this address by hijacking a web browser (by modifying its settings).

   
RozbehOfSatan Ransomware

What is RozbehOfSatan ransomware?

RozbehOfSatan is the name of a ransomware-type program. It is a new variant of the Rozbeh ransomware. After executing a sample of RozbehOfSatan on our test system, it encrypted files and created a ransom note.

Typically, ransomware renames the affected files, but that is not to case with RozbehOfSatan. Once the encryption was completed, a pop-up window was displayed.

   
TextBoard Adware (Mac)

What kind of application is TextBoard?

Our team has spotted the TextBoard application while inspecting samples submitted to the VirusTotal website. After examination, we learned that the purpose of TextBoard is to display various advertisements. Thus, we classified this application as adware. Typically, users install software of this type inadvertently.

   
Togo Tab Browser Hijacker

What is Togo tab?

Togo Tab is a rogue browser extension that we found while inspecting dubious download webpages. We determined that this piece of software operates as a browser hijacker. It modifies browsers and promotes the togosearching.com illegitimate search engine.

   
Top Search Browser Hijacker

What is Top Search?

While inspecting untrustworthy download webpages, our research team discovered the Top Search browser extension. Our analysis of this extension revealed that it operates as browser-hijacking software and promotes the search.tops-searchs.com fake search engine.

   
LockBit 3.0 Ransomware

What kind of malware is LockBit 3.0?

LockBit 3.0 (also known as LockBit Black) is a new variant of the LockBit ransomware. It encrypts files, modifies their filenames, changes the desktop wallpaper, and drops a text file (named "[random_string].README.txt") on the desktop. LockBit 3.0 replaces the name of the file and its extension with random dynamic and static strings.

An example of how LockBit 3.0 renames files: it replaces "1.jpg" with "CDtU3Eq.HLJkNskOq", "2.png" with "PLikeDC.HLJkNskOq", "3.exe" with "qwYkH3L.HLJkNskOq", and so forth.

   
Ghsd Ransomware

What kind of malware is Ghsd?

Ghsd is ransomware, a form of malware designed to encrypt files. We discovered it while examining the samples submitted to VirusTotal. Ghsd is part of the Djvu ransomware family. It not only encrypts but also renames files (by appending the ".ghsd" extension to filenames) and drops the "_readme.txt" file containing a ransom note.

An example of how Ghsd renames files: it renames "1.jpg" to "1.jpg.ghsd", "2.png" to "2.png.ghsd", and so forth.

   
Ner Ransomware

What is Ner ransomware?

While inspecting recent malware submissions to VirusTotal, our researchers discovered a new variant of Sojusz ransomware called Ner.

We analyzed a sample of this ransomware by executing it on our test machine. Ner encrypted files and modified their filenames. Original titles were appended with a unique ID, cyber criminals' email address, and the ".ner" extension. For example, a file initially named "1.jpg" appeared as "1.jpg.[c5e4c3a8c7].[thetan@nerdmail.co].ner", etc.

Once the encryption was done, a ransom note - "!!!HOW_TO_DECRYPT!!!.txt" - was dropped onto the desktop. The text presented therein makes it evident that Ner targets companies instead of home users.

   

Page 766 of 2357

<< Start < Prev 761 762 763 764 765 766 767 768 769 770 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal