Virus and Spyware Removal Guides, uninstall instructions

Pushstack.co Ads

What is pushstack[.]co?

pushstack[.]co is an untrustworthy website that contains dubious content. If opened, it can redirect people to a number of other websites of this kind. Note that visitors do not generally arrive this site intentionally - websites such as pushstack[.]co are opened by potentially unwanted applications (PUAs) installed on browsers and/or operating systems.

Furthermore, these apps are often designed to gather data and display ads. Some examples of web pages that have similar functionality to pushstack[.]co include shireamentsp[.]info, notify-system[.]com, and mediasvideo[.]live.

   
Major Ransomware

What is Major?

Discovered by GrujaRS, Major is a malicious program classified as ransomware. It is designed to encrypt data and keep it locked until a ransom is paid (i.e., decryption tools/software is purchased). During encryption, all files are appended with the victim's unique ID number, Major developer's email address, and the ".AIR" extension.

For example "1.jpg" might appear similar to "1.jpg.33868453691972502380.ex_parvis@aol.com.AIR", and so on for all affected files. After this process is complete, an HTML file ("TRY_TO_READ.html") is created and stored on the desktop. The wallpaper of the desktop is also changed.

   
Studentslearnintogether.club Redirect (Mac)

What is studentslearnintogether.club?

studentslearnintogether.club is the address of a fake search engine, which is promoted through a potentially unwanted application (PUA), a browser hijacker called Students Learn Together. Generally, hijackers promote these search engines by changing browser settings.

Furthermore, apps of this type usually gather information relating to users' browsing activities. Typically, people download and install browser hijackers unintentionally, and they are, therefore, classified as PUAs.

   
Smmhck POP-UP Scam (Mac)

What is "Smmhck"?

Smmhck is a group of scam websites, which operate by using scare tactics to trick visitors into downloading/installing dubious software. The researched variant endorsed the Smart Mac Booster Potentially Unwanted Application (PUA) in this manner.

When Smmhck is accessed, it warns users of 'viruses' detected on their MacOS (Mac Operating System) and recommends an application for their elimination. Note that no web page can find threats/issues on users' devices - these claims are false, deceptive and must not be trusted.

Furthermore, apps promoted on these pages are often bogus and nonfunctional. Few visitors enter Smmhck intentionally - most are redirected by PUAs or intrusive advertisements.

   
Flv2mp3.by Suspicious Website

What is flv2mp3[.]by?

flv2mp3[.]by operates as an online video downloader and converter. It allows users to download video files from YouTube and convert them to .avi, .mp4, and .mp3 format, however, the site also uses dubious advertising networks. Therefore, flv2mp3[.]by contains ads that redirect people who click them to dubious websites.

Do not use services that are provided by these web pages. Note that it is illegal to download videos from YouTube.

   
Lokf Ransomware

What is Lokf?

Discovered by Michael Gillespie, Lokf is a malicious program belonging to the Djvu ransomware family. It is designed to encrypt data and demand ransom payments for decryption.

During encryption, all files are renamed with the ".lokf" extension. For example, "1.jpg" becomes "1.jpg.lokf", and so on for all affected files. Once this process is complete, Lokf stores a text file ("_readme.txt") in every affected folder.

   
Corpseworm Ransomware

What is Corpseworm?

Discovered by Alex Svirid, Corpseworm is malicious software and a variant of Cryakl ransomware. It is designed to encrypt data and demand ransom payments for decryption.

During the encryption process, all affected files are appended with "[CS 1.7.0.1]", the developer's email address, and an extension comprising a random string of characters ("[CS 1.7.0.1][corpseworm@protonmail.com].[random_string]").

For example, "1.jpg" might appear as something similar to "1.jpg[CS 1.7.0.1][corpseworm@protonmail.com].zyk", and so on for all compromised files. After this process is complete, a text file ("README.txt") is stored on the victim's desktop.

   
LOCKEDS Ransomware

What is LOCKEDS?

Belonging to the DCRTR-WDM malware family, LOCKEDS is malicious software classified as ransomware. LOCKEDS encrypts data and keeps it locked until a ransom is paid. During the encryption process, all affected files are renamed with the ".LOCKEDS" extension.

For example, "1.jpg" becomes "1.jpg.LOCKEDS". After this process is complete, the "HOW TO DECRYPT FILES.hta" and "HOW TO DECRYPT FILES.txt" files are stored in each compromised folder.

   
Octopus Ransomware

What is Octopus?

Octopus is malicious software and part of the Phobos ransomware family. It is designed to prevent victims from accessing their files by encrypting them with a cryptographic algorithm. To decrypt their files (obtain a decryption tool), victims are encouraged to pay a ransom to the cyber criminals who developed Octopus.

Furthermore, Octopus renames all encrypted files by adding the victim's ID, email address, and ".octopus" extension to filenames. For example, "1.jpg" might be renamed to something like "1.jpg.id[1E857D00-2275].[octopusdoc@mail.ee].octopus", and so on for all encrypted files.

It also stores the "info.txt" and "info.hta" files on the victim's desktop. The first contains instructions about how to contact cyber criminals, whilst the second enables a pop-up window containing a ransom message.

   
Rooster865qq Ransomware

What is Rooster865qq?

Discovered by Raby, Rooster865qq is malicious software belonging to the Maoloa ransomware family. This program is designed to encrypt victims' data and demand ransom payments for decryption. When Rooster865qq encrypts files, it renames them with the ".Rooster865qq" extension.

Therefore, "1.jpg" becomes "1.jpg.Rooster865qq", and so on for all affected files. After this process is complete, an executable file called "HOW TO BACK YOUR FILES.exe" is created and stored on the desktop.

   

Page 1421 of 2245

<< Start < Prev 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal