Virus and Spyware Removal Guides, uninstall instructions

What kind of page is mkjxtu[.]com?

We discovered the mkjxtu[.]com page while examining various illegal movie streaming pages, torrent sites, and other sites that use rogue advertising networks. During analysis, we found that mkjxtu[.]com displays deceptive content/uses a clickbait technique to get permission to show notifications. Also, it redirects to untrustworthy pages.

What kind of malware is Fefg?

We have discovered the Fefg ransomware while examining the malware samples submitted to VirusTotal. The purpose of Fefg is to encrypt files. Also, this ransomware appends ".fefg" extension to filenames and creates the "_readme.txt" file. We found that Fefg is part of the ransomware family called Djvu.

An example of how Fefg modifies filenames: it renames "1.jpg" to "1.jpg.fefg", "2.jpg" to "2.jpg.fefg", and so forth. The text file created by this ransomware contains contact and payment information (it contains a ransom note).

What kind of page is highpotencysecurity[.]com?

Highpotencysecurity[.]com is a rogue webpage that our researchers found while inspecting dubious sites. This page is designed to load scams, promote browser notification spam, and redirect visitors to different (likely untrustworthy/malicious) websites.

Most users access such webpages through redirects caused by sites that employ rogue advertising networks.

What is GlobalQueue?

During a routine inspection of new VirusTotal submissions, we discovered the GlobalQueue application. After analyzing this rogue piece of software, we determined that GlobalQueue operates as adware and is part of the AdLoad malware family.

What kind of application is Movies Craver?

Movies Craver is advertised as a reliable and fast application allowing users to search for movies. We have discovered it on a deceptive website. During the examination, we found that Movies Craver generates unwanted advertisements. Thus, we categorized it as an advertising-supported application (adware).

What kind of page is kxcdn[.]com?

Kxcdn[.]com is a rogue website that our research team discovered while inspecting untrustworthy pages. This site promotes deceptive content, pushes spam browser notifications, and redirects visitors to other (likely unreliable/malicious) websites.

Users typically access webpages of this kind via redirects caused by sites employing rogue advertising networks.

What kind of malware is Growtopia?

Growtopia (also known as CyberStealer) is an information stealer written in the C# programming language. It can obtain system information, steal information from various applications, and capture screenshots. Its developer claims that it has created this software for educational purposes only. This stealer uses the name of a legitimate online game.

What is ApproachWired?

ApproachWired is a rogue application that our researchers found while inspecting new submissions to VirusTotal. Our analysis of this piece of software revealed that it operates as adware and belongs to the AdLoad malware family.

What is CockyGrabber?

CockyGrabber is a piece of malicious software classified as a stealer. This program is designed to steal information from browsers installed onto the infected system.

What kind of malware is FreedomTeam?

During our routine check on malware samples submitted to the VirusTotal page, we discovered a new ransomware variant (that belongs to the Spora family) called FreedomTeam. We found that it encrypts files, appends the victim's ID, freedomteam@mail.ee email address, and a string of random characters to filenames.

Also, it creates the "Read_Me!_.txt" and "ReadMe_Now!.hta" files. An example of how FreedomTeam renames files: it changes "1.jpg" to "1.jpg[ID=39C73m-Mail=FreedomTeam@mail.ee].1ohe", "2.png" to "2.png[ID=39C73m-Mail=FreedomTeam@mail.ee].1ohe", and so forth. Text files that this ransomware creates contain different ransom notes.