Virus and Spyware Removal Guides, uninstall instructions

Nett Ransomware

What kind of malware is Nett?

While investigating file submissions to the VirusTotal site, our researchers discovered a malicious program called Nett. It belongs to the MedusaLocker ransomware family.

After we ran a sample of Nett ransomware on our test machine, it encrypted files and added a ".nett" extension to their titles. For example, an original filename such as "1.jpg" became "1.jpg.nett", "2.png" – "2.png.nett", and so forth for all of the locked files.

Once the encryption concluded, the malware dropped a ransom note in an HTML file named "Recovery_Instructions.html". Upon reading this message, we found that Nett targets companies rather than home users. Ads

What kind of page is buycetsblog[.]com?

While investigating suspect websites, our researchers discovered the buycetsblog[.]com rogue page. After examining it, we learned that it promotes browser notification spam and redirects users to different (likely unreliable or harmful) sites.

Visitors to buycetsblog[.]com and similar webpages primarily enter them via redirects caused by websites using rogue advertising networks. Ads

What kind of page is vamtoacm[.]com?

Vamtoacm[.]com is the address of a rogue page that we discovered while browsing rogue websites. Upon inspection, we determined that this webpage promotes spam browser notifications and generates redirects to other (likely dubious/malicious) sites.

Most visitors to vamtoacm[.]com and pages akin to it access them via redirects caused by websites employing rogue advertising networks. Ads

What kind of page is news-yepiwu[.]cc?

Upon assessing news-yepiwu[.]cc, we concluded that it is an unreliable web page created to trick visitors into granting it permission to deliver notifications. We found that news-yepiwu[.]cc uses a clickbait technique to achieve it. Moreover, news-yepiwu[.]cc can redirect users to similar websites. Thus, this site should be avoided.

Zonix Ransomware

What kind of malware is Zonix?

Our research team found Zonix while investigating new submissions to the VirusTotal platform. Zonix belongs to the Xorist ransomware family. This malware encrypts data and demands ransoms for its decryption.

After we executed a sample of Zonix ransomware on our testing system, it encrypted files and appended their names with a ".ZoN" extension. For example, a file initially titled "1.jpg" appeared as "1.jpg.ZoN", "2.png" as "2.png.ZoN", and so on for all of the affected files.

After the encryption process was concluded, Zonix created a ransom-demanding message in a pop-up window and a text file named "HOW TO DECRYPT FILES.txt".

GuardGo Browser Hijacker

What kind of extension is GuardGo?

Our inspection of the GuardGo application revealed that it possesses features typical of browser hijackers. We observed that GuardGo is designed to promote by changing the settings of a web browser. It is recommended to avoid using apps like GuardGo and trusting sites promoted through them. Ads

What kind of page is sassonbanaibudgetrental[.]com?

Our researchers discovered sassonbanaibudgetrental[.]com while investigating suspicious websites. This rogue page is designed to deceive visitors into allowing it to deliver browser notifications. Additionally, it can redirect users to different (likely unreliable/hazardous) sites.

Most visitors enter webpages like sassonbanaibudgetrental[.]com through redirects caused by websites using rogue advertising networks. Ads

What kind of page is news-kezewe[.]cc?

During our examination of news-kezewe[.]cc, we noticed that this page uses a clickbait technique to trick visitors into allowing it to send notifications. Once allowed, news-kezewe[.]cc can deliver a variety of misleading notifications designed to open shady web pages. Thus, users should avoid permitting news-kezewe[.]cc to show notifications. Ads

What kind of page is myholobods[.]com?

Our inspection of the page has shown that this is a deceptive website designed to display misleading content. The sole purpose of myholobods[.]com is to lure visitors into permitting it to show notifications. Typically, users unintentionally land on sites like myholobods[.]com. Either way, such pages should be ignored (closed). Ads

What kind of page is news-wulacu[.]com?

Our researchers discovered the news-wulacu[.]com rogue page while browsing dubious websites. It operates by endorsing browser notification spam and redirecting users to different (likely untrustworthy/dangerous) sites.

Most visitors to pages like news-wulacu[.]com enter them via redirects caused by websites utilizing rogue advertising networks.


Page 2 of 2162

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal