Virus and Spyware Removal Guides, uninstall instructions

Traw Dapp Unwanted Application

What is Traw Dapp?

Our investigation into the Traw Dapp shows that security vendors classify it as malicious, and the app lacks any identifiable functions. Additionally, Traw Dapp is used to deliver Legion Loader, malware that can deliver harmful payloads. As a result, users should not install Traw Dapp and promptly remove it if it is already present.

   
Spring Ransomware

What kind of malware is Spring?

Spring is a malicious program based on CONTI ransomware. It is designed to encrypt data and demand ransoms for the decryption.

Spring ransomware encrypts files and appends their names with a ".FIND_EXPLAIN.TXT.spring" extension. To elaborate, a file initially named "1.jpg" appears as "1.jpg.FIND_EXPLAIN.TXT.spring", "2.png" as "2.png.FIND_EXPLAIN.TXT.spring", and so on for all of the locked files. Afterward, Spring creates a ransom note titled "EXPLAIN.txt".

   
FedEx Delivery Address Confirmation Email Scam

What kind of scam is "FedEx Delivery Address Confirmation"?

During our analysis, we discovered that this is a phishing email disguised as a notification from FedEx, a legitimate American company specializing in transportation, e-commerce, and business services. The purpose of this deceptive email is to extract personal information from recipients through a phishing site.

   
PNGPlug Malware

What kind of malware is PNGPlug?

PNGPlug is a malware loader used in attacks targeting Chinese-speaking regions (such as Hong Kong, Taiwan, and mainland China). These campaigns often start with phishing websites designed to deceive users into running a malicious Microsoft Installer (MSI) package camouflaged as legitimate software.

   
Claim Obol Scam

What is the fake "Claim Obol" website?

After inspecting this "Claim Obol" website (claim.obol[.]bet; other domains are not unlikely), we determined that it is fake. It imitates the official site of the Obol Collective (obol.org), yet it is in no way associated with this platform. The imitator page promotes a cryptocurrency drainer that steals funds from exposed digital wallets.

   
Bittrex Inc Bankruptcy Notice Email Scam

What kind of email is "Bittrex Inc Bankruptcy Notice"?

After examining this "Bittrex Inc Bankruptcy Notice" email, we determined that it is spam. This fake message states that account holders with the Bittrex cryptocurrency exchange can reclaim their holdings, and the recipient can now transfer over four thousand USD of their digital assets. The scam email promotes a crypto drainer website that siphons funds from exposed digital wallets.

   
Anarchy Ransomware

What kind of malware is Anarchy?

Anarchy is a malicious program designed to encrypt data and demand payment for the decryption. Due to this behavior, Anarchy is classified as ransomware.

On our testing system, this malware encrypted files and appended their filenames with an "_anarchy" extension. For example, a file initially named "1.jpg" looked like "1.jpg_anarchy", "2.png" like "2.png_anarchy", etc. Afterwards, Anarchy opened the Command Prompt (cmd.exe) to display its ransom note.

   
SlowStepper Malware

What kind of malware is SlowStepper?

SlowStepper is a backdoor-type malware. Programs within this classification are intended to open a "backdoor" into systems for further infections and, in some cases – even carry them out.

SlowStepper was developed at least as early as 2019. It is a sophisticated backdoor that relies on multiple modules. This malware and its components are written in C++, Python, and Go programming languages.

SlowStepper is linked to a Chinese threat actor group named PlushDaemon. The group has previously launched attacks in China, Hong Kong, Taiwan, South Korea, New Zealand, and the United States.

   
BackConnect (BC) Malware

What kind of malware is BackConnect (BC)?

BackConnect (BC) is malware that establishes a connection between the infected device and a command-and-control (C&C) server controlled by the attacker. The malware has been linked to the QakBot loader and has been found on the same infrastructure that was used to distribute the ZLoader malware.

   
Search.withaiforchrome.com Redirect

What kind of website is search.withaiforchrome.com?

Search.withaiforchrome.com is a fake search engine discovered by our researchers while analyzing the ChatGPT Search for Chrome™ browser hijacker. This extension is advertised as a tool that provides a search option with an integrated ChatGPT generative artificial intelligence chatbot.

The inclusion of the trademark symbol (™) and ChatGPT's logo may imply an official connection to the chatbot service. In which case, it must be emphasized that neither this software nor the website(s) it promotes are associated with the real ChatGPT.

   

Page 2 of 2349

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal