Virus and Spyware Removal Guides, uninstall instructions

SearchStudio Adware (Mac)

What is SearchStudio?

SearchStudio is classified as adware and a browser hijacker: it displays advertisements and promotes the address of a fake search engine by modifying browser settings. In most cases, users download and install apps of this type inadvertently and, for this reason, they are categorized as potentially unwanted applications (PUAs).

Research shows that many users install SearchStudio through a deceptive Adobe Flash Player installer. Note that adware-type apps and browser hijackers often track and record browsing related (and other) data.

   
Sombes.com Ads

What is sombes[.]com?

sombes[.]com is a rogue website sharing many common traits with cooperativasantamargherita.comclick-to-win-prize.comsabs-news.info and countless others. This web page presents visitors with dubious content and/or redirects them to other untrusted/malicious websites.

Few users access sombes[.]com or similar sites intentionally - most are redirected to them by intrusive advertisements and/or Potentially Unwanted Applications (PUAs).

   
My Coupons Online Browser Hijacker

What is My Coupons Online?

My Coupons Online is a dubious application classified as a browser hijacker. It is endorsed as a tool for quick access to various coupons and discounts. My Coupons Online operates by making alterations to browser settings to promote hmyonlinecoupons.com (a bogus search engine).

This app also monitors users' browsing activity. Due to the dubious techniques used to spread My Coupons Online, it is classified as a Potentially Unwanted Application (PUA). Note that My Coupons Online is often proliferated together with another PUA called Hide My History.

   
PDFSearches Browser Hijacker

What is PDFSearches?

PDFSearches is rogue software classified as a browser hijacker. Following successful installation, it modifies browser settings to promote a fake search engine (pdf-searches.com). This browser hijacker also has data tracking capabilities, which are employed to monitor users' browsing activity.

Due to the dubious methods, used to proliferate PDFSearches, it is also classified as a Potentially Unwanted Application (PUA).

   
Suspicious Sign-In Attempt Prevented Email Scam

What is the "Suspicious sign-in attempt prevented" email?

"Suspicious sign-in attempt prevented" is the subject/title of scam emails designed to promote various untrusted and potentially malicious websites. The messages claim that recent log-in attempts to users' email accounts have been stopped, since the password provided was inaccurate.

Users are asked to investigate this activity, however, rather than accessing information concerning the supposed sign-in attempts, they are redirected to a dubious web page. At the time of research, one of the sites promoted by "Suspicious sign-in attempt prevented" emails was oawhaursaith.com.

   
Important: You Have 19 Pending Incoming Email(s) Scam

What is the "Important: You have 19 Pending incoming email(s)" deceptive letter?

"Important: You have 19 Pending incoming email(s)" is the title of a scam email. This message warns recipients that certain emails will be deleted due to a server error, unless they update their email servers. In fact, the link in the message redirects to a phishing website hosted by the Googleapis API service.

The site is presented as a log-in page through which users can supposedly access their email accounts, however, any information entered into this web page is exposed to the scammers.

   
TroyStealer Malware

What is TroyStealer?

TroyStealer is malicious software designed to steal information. This stealer has been observed being distributed via spam email campaigns. The deceptive messages spreading this malware were targeted at Portuguese users.

The researched email variant was presented as a notification of a declined payment, which supposedly failed to go through due to incorrect bank account details provided by the recipient, however, the attached file, which allegedly contains the erroneous information, instead contains the malicious executable of TroyStealer.

   
Cooperativasantamargherita.com Ads

What is cooperativasantamargherita[.]com?

When opened, cooperativasantamargherita[.]com redirects visitors to other bogus web pages or displays dubious content. This is a rogue website, which operates in a similar way to sabs-news[.]info, pushcleansystem[.]com, checkvd[.]com, and many others.

Typically, sites such as cooperativasantamargherita[.]com are opened through deceptive ads, similar sites, or by installed potentially unwanted applications (PUAs). I.e., users do not often visit these web pages intentionally. These PUAs also gather data and display ads.

   
ESCAL Ransomware

What is ESCAL?

ESCAL was discovered by Ravi. This ransomware prevents victims from accessing/using their files by encryption. It renames them and drops the "!!_FILES_ENCRYPTED_.txt" text file (ransom message) in every folder that contains encrypted files. ESCAL renames files by appending the ".ESCAL-p9yqoly" extension to their filenames.

For example, it would rename a file such as "1.jpg" to "1.jpg.ESCAL-p9yqoly", "2.jpg" to "2.jpg.ESCAL-p9yqoly", etc.

   
HCK Ransomware

What is HCK ransomware?

Discovered by Jakub Kroustek, HCK is a malicious program belonging to the Dharma ransomware family. System infected with this malware experience data encryption and users receive random demands for decryption.

During the encryption process, all affected files are renamed following this pattern: original filename, unique ID assigned to the victims, cyber criminals email address and the ".HCK" extension. For example, a file such as "1.jpg" would appear as something similar to "1.jpg.id-1E857D00.[cavefat@tuta.io].HCK" after encryption.

Once this process is complete, ransom messages are created in a pop-up window and "FILES ENCRYPTED.txt" text files, which are dropped into every compromised folder.

   

Page 1111 of 2106

<< Start < Prev 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal