Virus and Spyware Removal Guides, uninstall instructions

Smmhck POP-UP Scam (Mac)

What is "Smmhck"?

Smmhck is a group of scam websites, which operate by using scare tactics to trick visitors into downloading/installing dubious software. The researched variant endorsed the Smart Mac Booster Potentially Unwanted Application (PUA) in this manner.

When Smmhck is accessed, it warns users of 'viruses' detected on their MacOS (Mac Operating System) and recommends an application for their elimination. Note that no web page can find threats/issues on users' devices - these claims are false, deceptive and must not be trusted.

Furthermore, apps promoted on these pages are often bogus and nonfunctional. Few visitors enter Smmhck intentionally - most are redirected by PUAs or intrusive advertisements.

   
Flv2mp3.by Suspicious Website

What is flv2mp3[.]by?

flv2mp3[.]by operates as an online video downloader and converter. It allows users to download video files from YouTube and convert them to .avi, .mp4, and .mp3 format, however, the site also uses dubious advertising networks. Therefore, flv2mp3[.]by contains ads that redirect people who click them to dubious websites.

Do not use services that are provided by these web pages. Note that it is illegal to download videos from YouTube.

   
Lokf Ransomware

What is Lokf?

Discovered by Michael Gillespie, Lokf is a malicious program belonging to the Djvu ransomware family. It is designed to encrypt data and demand ransom payments for decryption.

During encryption, all files are renamed with the ".lokf" extension. For example, "1.jpg" becomes "1.jpg.lokf", and so on for all affected files. Once this process is complete, Lokf stores a text file ("_readme.txt") in every affected folder.

   
Corpseworm Ransomware

What is Corpseworm?

Discovered by Alex Svirid, Corpseworm is malicious software and a variant of Cryakl ransomware. It is designed to encrypt data and demand ransom payments for decryption.

During the encryption process, all affected files are appended with "[CS 1.7.0.1]", the developer's email address, and an extension comprising a random string of characters ("[CS 1.7.0.1][corpseworm@protonmail.com].[random_string]").

For example, "1.jpg" might appear as something similar to "1.jpg[CS 1.7.0.1][corpseworm@protonmail.com].zyk", and so on for all compromised files. After this process is complete, a text file ("README.txt") is stored on the victim's desktop.

   
LOCKEDS Ransomware

What is LOCKEDS?

Belonging to the DCRTR-WDM malware family, LOCKEDS is malicious software classified as ransomware. LOCKEDS encrypts data and keeps it locked until a ransom is paid. During the encryption process, all affected files are renamed with the ".LOCKEDS" extension.

For example, "1.jpg" becomes "1.jpg.LOCKEDS". After this process is complete, the "HOW TO DECRYPT FILES.hta" and "HOW TO DECRYPT FILES.txt" files are stored in each compromised folder.

   
Octopus Ransomware

What is Octopus?

Octopus is malicious software and part of the Phobos ransomware family. It is designed to prevent victims from accessing their files by encrypting them with a cryptographic algorithm. To decrypt their files (obtain a decryption tool), victims are encouraged to pay a ransom to the cyber criminals who developed Octopus.

Furthermore, Octopus renames all encrypted files by adding the victim's ID, email address, and ".octopus" extension to filenames. For example, "1.jpg" might be renamed to something like "1.jpg.id[1E857D00-2275].[octopusdoc@mail.ee].octopus", and so on for all encrypted files.

It also stores the "info.txt" and "info.hta" files on the victim's desktop. The first contains instructions about how to contact cyber criminals, whilst the second enables a pop-up window containing a ransom message.

   
Rooster865qq Ransomware

What is Rooster865qq?

Discovered by Raby, Rooster865qq is malicious software belonging to the Maoloa ransomware family. This program is designed to encrypt victims' data and demand ransom payments for decryption. When Rooster865qq encrypts files, it renames them with the ".Rooster865qq" extension.

Therefore, "1.jpg" becomes "1.jpg.Rooster865qq", and so on for all affected files. After this process is complete, an executable file called "HOW TO BACK YOUR FILES.exe" is created and stored on the desktop.

   
ProdigySearch Adware (Mac)

What is ProdigySearch?

ProdigySearch is advertised as an application that helps users to search more and efficiently, however, it is classified as a potentially unwanted application (PUA) and adware. Typically, people do not download or install apps of this type intentionally. If installed, they feed users with various advertisements and collect information relating to browsing activity.

For these reasons, we advise that you uninstall ProdigySearch and other adware from browsers and operating systems immediately.

   
Chksumm POP-UP Scam (Mac)

What is "Chksumm"?

Chksumm is a family of scam websites designed to promote dubious applications, which are typically fake and nonfunctional. This variant promotes the Smart Mac Booster Potentially Unwanted Application (PUA). The deceptive web pages show alerts of various 'threats' and 'issues' supposedly found on visitors' devices and offer software for their elimination.

Note that no website can detect problems within operating systems. Therefore, such claims cannot be trusted. Most visits to Chksumm occur inadvertently, often via redirects caused by intrusive advertisements or PUAs.

   
Dear Safari User, You Are Today's Lucky Visitor POP-UP Scam (Mac)

What is Dear Safari User, You Are Today's Lucky Visitor?

"Dear Safari User, You Are Today's Lucky Visitor" is another scam message delivered by deceptive websites. Most visitors arrive at these sites inadvertently - they are redirected by intrusive ads or potentially unwanted applications (PUAs). Research shows that potentially unwanted applications typically infiltrate systems without permission.

As well as causing redirects, they deliver intrusive advertisements and gather sensitive information.

   

Page 1419 of 2242

<< Start < Prev 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal