Virus and Spyware Removal Guides, uninstall instructions

What kind of page is increasedpcsecurity[.]site?

Increasedpcsecurity[.]site is a rogue webpage that our researchers discovered while inspecting suspicious sites. It is designed to promote scams and browser notification spam. Furthermore, this page can redirect users elsewhere (likely untrustworthy/malicious) websites.

Most users enter increasedpcsecurity[.]site and similar webpage through redirects caused by sites that use rogue advertising networks.

What is Bitenc ransomware?

Bitenc is a variant of the Mallox ransomware. Malware within the ransomware classification is designed to encrypt data and demand payment for the decryption tools.

After we executed a sample of Bitenc on our testing system, it began encrypting files and appended their filenames with a ".bitenc" extension. For example, a file initially titled "1.jpg" appeared as "1.jpg.bitenc", "2.png" as "2.png.bitenc", and so on for all of the affected files.

Once this process was finished, a ransom-demanding message – "FILE RECOVERY.txt" – was dropped onto the desktop.

What kind of email is "Interested In Buying From You"?

After inspecting the "Interested In Buying From You" email, we determined that it is malspam – malicious spam. The letter is presented as an inquiry regarding a purchase, the details of which can be found in the attached file. However, the attachment is designed to infect recipients' devices with the FormBook malware.

What kind of email is "New Security Features"?

Our inspection of the "New Security Features" email revealed that it is a phishing scam. The spam letter claims that the recipient's account must be updated since it will be unusable otherwise. The aim of this fake mail is to trick recipients into providing their email account log-in credentials to the promoted phishing website.

What is Sickfile ransomware?

Sickfile is the name of a ransomware-type program that our researchers discovered while investigating new submissions to VirusTotal.

After we executed a sample of Sickfile on our test machine, the ransomware encrypted files and appended their filenames with a ".sickfile" extension. To elaborate, a file titled "1.jpg" appeared as "1.jpg.sickfile", "2.png" as "2.png.sickfile", and so on for all of the affected files.

Once this process was completed, Sickfile ransomware created a ransom-demanding message named "how_to_back_files.html".

What kind of scam is "Fund Transfer Assistance"?

Our team has reviewed this letter and determined that it is a scam. The goal of this scam email is to deceive recipients into sending money and (or) providing sensitive information to the scammers. It is strongly advised not to respond to this letter (and always ignore emails of this type).

What kind of email is "Thank You For Shopping With Apple"?

After inspecting the "Thank You For Shopping With Apple" email, we determined that it is spam. The letter is presented as a notification regarding a purchase from Apple. The goal of this spam mail is to trick recipients into calling the "support helpline", likely to cancel the bogus purchase.

It must be emphasized that the "Thank You For Shopping With Apple" email is fake, as are all the claims it makes. It must likewise be stressed that this scam is in no way associated with Apple Inc.

What kind of page is globaldispadvertising[.]com?

After inspecting globaldispadvertising[.]com, we determined that it is a deceitful website that aims to trick visitors into allowing it to send notifications. Also, this site may redirect visitors to other suspicious websites. We discovered globaldispadvertising[.]com during an examination of pages that use rogue advertising networks.

What is zgRAT?

zgRAT is a piece of malicious software categorized as a Remote Access Trojan (RAT). Malware of this type is designed to enable remote access and control over infected machines. RATs tend to be highly multi-functional and can be used for various malicious purposes.

zgRAT has been observed being distributed through spam campaigns that promote the Agent Tesla malware, which installs this RAT.

What kind of email is "Qtumcoin[.]net"?

"Qtumcoin[.]net email scam" refers to a spam campaign comprising emails aiming to deceive recipients' into transferring cryptocurrency to a fake Qtum website. The letters we inspected claimed that a deposit had been made to the recipients' cryptowallets and lured them into visiting the aforementioned site.