Virus and Spyware Removal Guides, uninstall instructions

What kind of malware is Mesmerised?

Our research team found Mesmerised ransomware while reviewing new file submissions to the VirusTotal website. This piece of malicious software is designed to encrypt files and demand ransoms for the decryption.

On our testing system, Mesmerised encrypted files and altered their filenames. To elaborate, a ".mesmerised" extension was added to the titles of affected files, e.g., "1.jpg" appeared as "1.jpg.mesmerised", "2.png" as "2.png.mesmerised", etc.

Once the encryption process was finished, this ransomware changed the desktop wallpaper and created a ransom note titled "Read_Me.txt".

What kind of application is Mantras_and_meditations_for_groups?

While investigating suspicious sites, our research team discovered a webpage promoting a fake software "crack". From this page, we downloaded an installation setup containing a Potentially Unwanted Application (PUA) called Mantras_and_meditations_for_groups. It is pertinent to mention that this installer was also bundled with other unwanted and potentially hazardous software.

What is "Alibaba" email scam?

We have determined that this email is a phishing attempt orchestrated by scammers. The fraudulent intent is to entice recipients to access a deceptive website and divulge personal information. The phishing email disguises itself as a communication from Alibaba, a legitimate Chinese multinational technology company known for its focus on e-commerce, retail, Internet, and technology.

What kind of page is gebehee[.]top?

Upon investigation of gebehee[.]top, it was observed that the website presents users with a deceptive survey and requests permission to send notifications. Additionally, gebehee[.]top redirects visitors to other questionable websites. As a result, users are strongly advised to refrain from visiting gebehee[.]top and to avoid consenting to notifications from the site.

What kind of scam is "AppleCoin"?

This "AppleCoin" platform is a scam. It operates as a crypto drainer, i.e., empties the cryptocurrency stored in wallets connected to it. This "AppleCoin" scheme has been observed being endorsed by posts made on the X (more commonly known by its former name – Twitter) social media platform.

What kind of malware is PureLand?

PureLand is a stealer-type malware targeting Mac devices. Programs within this classification are designed to steal information from infected systems. PureLand targets cryptocurrency wallets and other sensitive data.

This malware has been observed being spread under the guise of a Play-to-Earn video game. After the initial finding of PureLand, the lure was rebranded to the "Pearl Land Metaverse" blockchain game.

What kind of program is PDFsharp?

PDFsharp seems to be a tool designed for handling PDF files. Yet, upon thorough examination, it emerges as an unreliable application with an unclear purpose. Additionally, it comes bundled with other dubious apps - it gets installed together with other suspicious elements. Consequently, it is strongly advised not to place trust in PDFsharp.

What kind of program is PachycephalosaurusWyomingensis?

After a review, it has been established that PachycephalosaurusWyomingensis is a shady browser extension distributed via a malicious installer. PachycephalosaurusWyomingensis raises concerns due to its ability to activate the "Managed by your organization" feature in Chrome and Edge browsers, manage themes and extensions, and read various data.

What kind of malware is PatchWorkApt?

PatchWorkApt is a ransomware variant based on Chaos. It has been discovered while examining malware samples uploaded to VirusTotal. Upon infiltrating a computer, PatchWorkApt encrypts files, appends a string of random characters to filenames, and creates the "look_this.txt" file (a ransom note).

An example of how files encrypted by PatchWorkApt are renamed: "1.jpg" is changed to "1.jpg.b621", "2.png" to "2.png.xp9y", and so forth.

What kind of program is CanisLupusGregoryi?

CanisLupusGregoryi was discovered as a dubious application while examining a malicious installer downloaded from an untrustworthy page. This application has the ability to enable the "Managed by your organization" feature in Chrome and Edge browsers, read various data, and manage extensions and themes within a browser.