Virus and Spyware Removal Guides, uninstall instructions

What is Sickfile ransomware?

Sickfile is the name of a ransomware-type program that our researchers discovered while investigating new submissions to VirusTotal.

After we executed a sample of Sickfile on our test machine, the ransomware encrypted files and appended their filenames with a ".sickfile" extension. To elaborate, a file titled "1.jpg" appeared as "1.jpg.sickfile", "2.png" as "2.png.sickfile", and so on for all of the affected files.

Once this process was completed, Sickfile ransomware created a ransom-demanding message named "how_to_back_files.html".

What kind of scam is "Fund Transfer Assistance"?

Our team has reviewed this letter and determined that it is a scam. The goal of this scam email is to deceive recipients into sending money and (or) providing sensitive information to the scammers. It is strongly advised not to respond to this letter (and always ignore emails of this type).

What kind of email is "Thank You For Shopping With Apple"?

After inspecting the "Thank You For Shopping With Apple" email, we determined that it is spam. The letter is presented as a notification regarding a purchase from Apple. The goal of this spam mail is to trick recipients into calling the "support helpline", likely to cancel the bogus purchase.

It must be emphasized that the "Thank You For Shopping With Apple" email is fake, as are all the claims it makes. It must likewise be stressed that this scam is in no way associated with Apple Inc.

What kind of page is globaldispadvertising[.]com?

After inspecting globaldispadvertising[.]com, we determined that it is a deceitful website that aims to trick visitors into allowing it to send notifications. Also, this site may redirect visitors to other suspicious websites. We discovered globaldispadvertising[.]com during an examination of pages that use rogue advertising networks.

What is zgRAT?

zgRAT is a piece of malicious software categorized as a Remote Access Trojan (RAT). Malware of this type is designed to enable remote access and control over infected machines. RATs tend to be highly multi-functional and can be used for various malicious purposes.

zgRAT has been observed being distributed through spam campaigns that promote the Agent Tesla malware, which installs this RAT.

What kind of email is "Qtumcoin[.]net"?

"Qtumcoin[.]net email scam" refers to a spam campaign comprising emails aiming to deceive recipients' into transferring cryptocurrency to a fake Qtum website. The letters we inspected claimed that a deposit had been made to the recipients' cryptowallets and lured them into visiting the aforementioned site.

What is "Windows Firewall Protection Alert"?

While inspecting rogue websites, our research team found a webpage promoting the "Windows Firewall Protection Alert" technical support scam.

This scheme closely mimics Microsoft's official website and Windows Security – the front-end of Microsoft Defender. The fake interface performs a system scan and detects threats that have led to the user's access to their device being blocked. The scam instructs to call "Windows Support" and resolve the issues.

It must be emphasized that all these claims are false, and they are in no way associated with Microsoft.

What kind of scam is "PayPal Account Has Been Charged"?

This is a fake letter from PayPal claiming that a certain amount of money will be deducted from the user's account. Scammers behind it attempt to trick recipients into calling the provided number. The PayPal company has nothing to do with this email. Thus, this letter should be ignored.

What kind of application is Popup Blocker Gold?

Popup Blocker Gold is marketed as a browser extension that blocks advertisements, but while testing it, we found that it actually generates advertisements, making it an advertising-supported application. It is worth noting that adware is often distributed/promoted using questionable methods. Thus, most users add/install it inadvertently.

What kind of scam is "Looking For Business To Invest"?

We have determined that this letter is an investment scam email. The individuals behind this scam purport to be interested in investing in a business and request the recipient's assistance with receiving and securing funds. Such scam emails are frequently used to obtain money and (or) personal information from unsuspecting users.