Virus and Spyware Removal Guides, uninstall instructions

Voodoosrc POP-UP Scam (Mac)

What are the "Voodoosrc" sites?

Voodoosrc is a group of deceptive websites, which are designed to run various online scams. Voodoosrc has been observed promoting the "Dear Safari User, You Are Today's Lucky Visitor" scheme, however, other scams can also be accessed through these sites.

Few visitors access these web pages intentionally - most are redirected to them via redirects caused by intrusive advertisements or Potentially Unwanted Applications (PUAs). Note that these apps do not need express permission to be installed onto systems.

   
CrowdExclusive Adware (Mac)

What is CrowdExclusive adware?

Promoted as supposedly improving the browsing experience, CrowdExclusive is actually an adware-type application. This app runs intrusive advertisement campaigns, which deliver various annoying and harmful ads. Due to its dubious proliferation methods, it is also classed as a Potentially Unwanted Application (PUA).

   
Mozart Malware

What is Mozart malware?

Mozart is malicious software that allows attackers (cyber criminals) to execute various commands on an infected computer through the DNS protocol. This communication method helps cyber criminals to avoid detection via security software. Mozart is categorized as a malware loader and executes commands that cause download and installation of malicious software.

If you believe that your computer is infected with Mozart, remove this malware immediately.

   
Get Forms Plus Browser Hijacker

What is the Get Forms Plus browser hijacker?

Get Forms Plus is a rogue application endorsed as a tool for easy access to various forms. It is classified as a browser hijacker, due to the modifications it makes to browsers to promote fake search engines (hp.hgetformsplus.com or search.hgetformsplus.com).

Additionally, it records browsing activity. Most users install Get Forms Plus unintentionally, and therefore it is also classed as a Potentially Unwanted Application (PUA). Note that Get Forms Plus is often distributed with another PUA called Hide My History.

   
Place-web.com Ads

What is place-web[.]com?

When opened, place-web[.]com redirects visitors to other untrusted websites or loads dubious content. There are many other rogue websites of this kind on the internet. For example, fast-push[.]com, mediatop[.]me and alldaystream[.]club. In most cases, people do not open these websites intentionally.

Generally, browsers open them when there are potentially unwanted applications (PUAs) installed. Most PUAs display intrusive advertisements and gather various data/information as well.

   
Local Classified Ads Browser Hijacker

What is the Local Classified Ads browser hijacker?

Local Classified Ads is a rogue application endorsed as a tool for easy access to classified advertisement content. It is categorized as a browser hijacker, due to the modifications it makes to browsers to promote search.localclassifiedsadstab.com, a fake search engine.

Furthermore, this app has data tracking capabilities, which are used to gather information relating to users' browsing habits. Local Classified Ads is also classified as a Potentially Unwanted Application (PUA), as most users download and install it inadvertently.

   
MaMo434376 Ransomware

What is MaMo434376 ransomware?

Discovered by dnwls0719, MaMo434376 is a malicious program belonging to the Deniz Kizi ransomware family. Systems infected with this malware have their data encrypted and users receive ransom demands for decryption tools/software. During the encryption process, all affected files are appended with the ".MaMo434376" extension.

For example, a file originally named "1.jpg" would appear as "1.jpg.MaMo434376" following encryption. After this process is complete, a ransom message (within "Please Read ME!!!.log") is dropped into each compromised folder. Additionally, this ransomware changes the desktop wallpaper.

   
Feed.chunckapp.com Redirect (Mac)

What is feed.chunckapp.com?

feed.chunckapp.com is an address (URL) designed to promote the search.safefinder.com fake search engine. Typically, fake search engines and addresses such as feed.chunckapp.com are promoted through potentially unwanted applications (PUAs).

Apps of this type usually gather browsing-related information and serve intrusive ads. In most cases, people download and install this rogue software unintentionally.

   
Download Office Tools Browser Hijacker

What is the Download Office Tools browser hijacker?

Download Office Tools is a rogue application classified as a browser hijacker and a Potentially Unwanted Application (PUA). This app is advertised as a tool for easy access to document and file format conversion services. It operates by making modifications to browsers to promote a fake search engine (search.hconvertmyvidsnow.com).

Additionally, it monitors users' browsing habits. Most users install this application unintentionally, hence its classification as a PUA.

   
Pxj Ransomware

What is Pxj?

Pxj ransomware was discovered by dnwls0719. Typically, software of this type is designed to encrypt files, change their filenames and create (and/or display) a ransom message.

Pxj renames encrypted files by appending the ".pxj" extension to filenames (e.g., "1.jpg" becomes "1.jpg.pjx", and so on) and creates a text file named "LOOK.txt". Pxj drops this ransom message onto the victim's desktop.

   

Page 1420 of 2323

<< Start < Prev 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal