Virus and Spyware Removal Guides, uninstall instructions

Refrebrepheon.info POP-UP Redirect

What is refrebrepheon[.]info?

refrebrepheon[.]info is one of many websites designed to redirect users to other malicious sites and deliver dubious content. This website is similar to many other rogue sites, such as ketintontrat.info, maranhesduve.club, and redrentalservice.com.

Users often visit refrebrepheon[.]info inadvertently - they are redirected by potentially unwanted applications (PUAs) or intrusive advertisements displayed on other rogue sites. PUAs typically infiltrate systems without permission. As well as causing redirects, they deliver intrusive ads and gather information.

   
NetSupport Manager RAT

What kind of software is NetSupport Manager?

The NetSupport Manager program is categorized as a Remote Access Tool (RAT). Like most programs of this type, it allow users to access computers, workstations, and servers locally and remotely. This is legitimate software that can be used by anyone, however, RATs are often misused by cyber criminals for malicious purposes, usually to steal various information.

   
Spyhunter Ransomware

What is Spyhunter?

Spyhunter is the name of a legitimate anti-malware program, however, cyber criminals have recently started to exploit this name in their ransomware campaign. Developers (cyber criminals) use it to encrypt victims' data (by blocking access) unless a ransom is paid. Spyhunter ransomware adds the ".spyhunter" extension to each encrypted file.

For example, "1.jpg" becomes "1.jpg.spyhunter". It also creates the "$HOWDECRYPT$.txt" text file containing a ransom message. It is possible that Spyhunter is a version of GarrantyDecrypt (another ransomware infection). This version was discovered by Karsten Hahn.

   
Raldug Ransomware

What kind of malware is Raldug?

Raldug is another variant of high-risk ransomware called Djvu. As with its predecessor, Raldug encrypts stored data, thereby making it unusable. Additionally, Raldug appends filenames with the ".raldug" extension (e.g., "sample.jpg" is renamed to "sample.jpg.raldug"). Raldug also places the "_readme.txt" text file in each existing folder.

It is common for Djvu ransomware to be distributed alongside information stealers such a Vidar or RedLine. Cybercriminals often use information stealers to obtain sensitive information before encrypting files.

   
Ytmp3.cc Suspicious Website

What is ytmp3[.]cc?

The ytmp3[.]cc website (called "YouTube to Mp3 Converter") operates as a media converter that allows users to convert YouTube videos to audio or video/mp3 or mp4 formats and then to download them.

The website uses various advertising networks that display ads leading to other untrustworthy sites. It does not specifically operate as malicious website, however, downloading videos from YouTube is illegal. Therefore, we advise that you do not use this website.

   
Zumanek Trojan

What is Zumanek?

Zumanek is high-risk malware categorized as a banking/Remote Access Trojan (RAT). This malware is distributed using social engineering. In this way, cyber criminals trick users into downloading and installing Zumanek without their consent. The presence of this infection might cause various privacy issues and significant financial loss.

   
Carcn Ransomware

What is Carcn?

Discovered by Jakub Kroustek, Carcn is a ransomware-type malicious program that belongs to the Dharma malware family. Developers spread this infection to prevent victims accessing their computer files unless a ransom is paid. Carcn is designed to encrypt data and make it unusable.

It also renames each encrypted file by adding the ".id-1E857D00.[carcinoma24@aol.com].carcn" extension, which contains the victim ID plus email address of the cyber criminals who developed Carcn.

For example, "1.jpg" might be renamed to a filename such as "1.jpg.id-1E857D00.[carcinoma24@aol.com].carcn". It also creates two ransom messages - one in a pop-up window and the other in the "FILES ENCRYPTED.txt" text file.

   
Ketintontrat.info POP-UP Redirect

What is ketintontrat[.]info?

ketintontrat[.]info is one of many rogue websites on the internet. This site is similar to hundreds of other pages of this type such as maranhesduve[.]club, undrabbifor[.]info, and tontritrattof[.]info. When visited, it causes redirects to several untrustworthy websites or displays dubious content.

Most people do not visit ketintontrat[.]info intentionally - they are generally redirected to it by potentially unwanted apps (PUAs) that are installed on their browsers or computers. Furthermore, PUAs often gather information and display intrusive ads.

   
Feed.ebooks-club.com Redirect

What is feed.ebooks-club.com?

feed.ebooks-club.com is another fake search engine. As with other sites of this type, it is presented as 'useful' - supposedly providing fast searches, accurate results, and so on.

These search engines are often promoted through potentially unwanted applications (PUAs), browser hijackers. In this case, the hijacker is an app called E-Books Club. This PUA collects data and changes browser settings.

   
George Carlin Ransomware

What is George Carlin?

George Carlin is a ransomware-type virus that stealthily infiltrates the system and encrypts most stored data. This is a new variant of another ransomware infection called Razy, however, it has many differences.

It is rather unusual as compared to other infections of this type: George Carlin does not append any extension to encrypted files or deliver any ransom-demand message - it simply changes the desktop wallpaper.

   

Page 1419 of 2106

<< Start < Prev 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal