Virus and Spyware Removal Guides, uninstall instructions
What is mainplaceupgradesfree[.]info?
mainplaceupgradesfree[.]info is designed to deceive visitors into using a fake installer for a new Adobe Flash Player version. Typically, websites of this type download installers of various potentially unwanted applications (PUAs). For example, browser hijackers, adware or even malicious programs such as Trojans and ransomware.
We strongly advise against downloading anything from mainplaceupgradesfree[.]info or similar web pages.
What is AlbCry?
Discovered by MalwareHunterTeam, AlbCry is based on another ransomware infection called Jigsaw. It encrypts files and renames them by appending the ".locked" extension to their filenames. For example, it renames a file called "sample.jpg" to "sample.jpg.locked", and so on.
Furthermore, AlbaCry displays two pop-ups: one for a ransom message and the other informing victims that they were hacked by ASC TEAM.NET.
What is SatanCryptor?
Discovered by malware researcher, S!Ri, SatanCryptor is a ransomware-type malicious program. It operates by encrypting data and demanding ransom payments for decryption. During the encryption process, all files are renamed with "#_THIS_FILE_IS_ENCRYPTED_", unique ID codes, the developer's email address and the ".satan" extension.
For example, a filename such as "1.jpg" would appear similar to "#_THIS_FILE_IS_ENCRYPTED_[30AA3CB5B8E83D0D] -[ID-A170B3A12FC66FC91253579C44AC9450] -[EMAIL-MREncptor@protonmail.com].satan", and so on for all affected files. After the process is complete, SatanCryptor stores an HTML application ("# SATAN CRYPTOR #.hta") on the desktop.
What is Node.js?
Discovered by Xavier Mertens, Node.js is a ransomware-type malicious software. This malware encrypts the data of infected devices and demands payment for decryption.
When Node.js encrypts, files are appended with the ".encrypted" extension. Therefore, a file such as "1.jpg" would appear as "1.jpg.encrypted" following encryption, and so on for all affected files. An HTML file ("How-to-buy-bitcoins.html") containing the ransom message, is created on the desktop.
What is listentoyoutube[.]online?
Listentoyoutube[.]online allows users to convert videos uploaded on YouTube to MP3 files, and then to download them. It is illegal to download videos from YouTube.
Furthermore, listentoyoutube[.]online uses rogue advertising networks - it redirects users to various untrustworthy, potentially malicious web pages. Typically, sites such as listentoyoutube[.]online lead to websites designed to advertise browser hijackers, adware, or even distribute installers of malicious programs (such as Trojans, ransomware).
What is AWT?
Discovered by Michael Gillespie, AWT is malicious software that shares many similarities with Snc ransomware. This malware is designed to encrypt data and demand payment for decryption tools/software. When AWT encrypts, all files are renamed with a unique ID, the developer's email address and the ".AWT" extension.
For example, a file like "1.jpg" might appear as something similar to "1.jpg.[1E857D00][getdataback22@protonmail.com].AWT", and so on for all affected files. Once this process is finished, a text file ("ReadMe.txt") is stored on the desktop and AWT displays a pop-up window.
What is add-to-browser[.]xyz?
add-to-browser[.]xyz is an untrustworthy website. There are countless rogue web pages on the internet which present visitors with dubious content and/or redirect them to other dubious and malicious sites including, for example, grabthemp3.com, thegoodcaster.com, and 27news.biz.
Note that add-to-browser[.]xyz specifically promotes dubious browser extensions. Websites of this type are usually accessed unintentionally, since many users are redirected to them by intrusive advertisements or Potentially Unwanted Applications (PUAs) already infiltrated into the system.
What is pointmp3[.]com?
pointmp3[.]com is the address of a website which offers an illegal service: it allows users to download audio from YouTube by converting uploaded videos to MP3 format.
This website also employs rogue advertising networks. People who use pointmp3[.]com are redirected to various other untrustworthy websites that advertise potentially unwanted applications (PUAs) such as adware, browser hijackers, or they even proliferate malicious software including ransomware, Trojans, and so on.
What is Devil?
Devil is a part of Phobos, a family of ransomware-type programs. It renames encrypted files by appending the victim's ID, developer's email address and ".devil" extension to filenames. For example, a file such as "1.jpg" is renamed to a filename such as "1.jpg.id[1E857D00-2574].[decrypt4data@protonmail.com].devil", and so on.
Like most programs of this type, Devil provides victims with instructions about how to contact the developers and decrypt files. In this case, it creates the "info.txt" file and displays a pop-up window (info.hta).
What is c0hen Locker?
Discovered by cyber security researcher Jack, c0hen Locker is a malicious program classified as ransomware. Malware within this classification is designed to encrypt the data of infected devices and then demand ransom payments from the victims (i.e., payment for decryption tools/software).
When the encryption is underway, all files are renamed with the ".c0hen" extension. For example, a filename such as "1.jpg" would appear as "1.jpg.c0hen", and so on. Once this process is complete, c0hen Locker displays a pop-up window that contains the ransom message.
More Articles...
Page 1264 of 2126
<< Start < Prev 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 Next > End >>