Virus and Spyware Removal Guides, uninstall instructions

Basis-antivirus.com Ads

What kind of page is basis-antivirus[.]com?

After examining basis-antivirus[.]com, we found that this page is designed to trick visitors into paying for legitimate software by displaying deceptive content. Also, it asks visitors for permission to show notifications. Our team discovered basis-antivirus[.]com while inspecting websites that use rogue advertising networks.

   
Exploretoday.co Redirect

What is exploretoday.co?

Exploretoday.co is the URL of a fake search engine. These websites are typically promoted by browser-hijacking software, which modifies browser settings in order to cause redirects to illegitimate search engines. Furthermore, both the promoted sites and browser hijackers usually collect private data.

   
Wukbgater.buzz Ads

What kind of page is wukbgater[.]buzz?

While examining wukbgater[.]buzz, we found that this page uses a clickbait technique to trick visitors into agreeing to receive notifications. Also, it redirects to other shady websites. Thus, wukbgater[.]buzz cannot be trusted/should not be visited. Our team discovered wukbgater[.]buzz while inspecting pages that use rogue advertising networks.

   
Ofoq Ransomware

What is Ofoq ransomware?

Our research team found the Ofoq ransomware while inspecting new submissions to VirusTotal. This malicious program is part of the Djvu ransomware family.

After we executed a sample of this ransomware on our test machine, it began encrypting files and changed their titles. The original filenames were appended with a ".ofoq" extension, e.g., a file named "1.jpg" appeared as "1.jpg.ofoq", "2.png" as "2.png.ofoq", etc. Once this process was completed, a ransom note - "_readme.txt" - was created.

   
Ofww Ransomware

What kind of malware is Ofww?

Our malware researchers have discovered a new Djvu ransomware called Ofww. We found it while examining malware samples submitted to the VirusTotal site. Ofww is ransomware that encrypts files and appends the ".ofww" extension to filenames. It also provides a ransom note (creates the "_readme.txt" file).

An example of how Ofww renames files: it changes "1.jpg" to "1.jpg.ofww", "2.png" to "2.png.ofww", and so forth.

   
Oflg Ransomware

What kind of malware is Oflg?

While inspecting malware samples submitted to the VirusTotal page, our team discovered ransomware called Oflg. It is part of the Djvu ransomware family. Oflg encrypts the victim's files, appends its extension (".oflg") to the filenames of all encrypted files, and creates the "_readme.txt" file/a ransom note.

An example of how Oflg modifies filenames: it changes "1.jpg" to "1.jpg.oflg", "2.png" to "2.png.oflg", "3.exe" to "3.exe.oflg", and so forth.

   
Cousonelly.com Ads

What kind of page is cousonelly[.]com?

While inspecting cousonelly[.]com, we learned that the purpose of this page is to trick visitors into allowing it to show notifications. It displays deceptive content to get that permission.

Our team discovered cousonelly[.]com while examining websites that use rogue advertising networks (illegal movie streaming pages, torrent sites, and similar pages).

   
Steady-protection.com Ads

What kind of page is steady-protection[.]com?

Steady-protection[.]com is a rogue webpage that our researchers discovered while investigating untrustworthy websites. This page runs scams, promotes spam browser notifications, and redirects visitors to other (likely unreliable/harmful) sites.

Most users access steady-protection[.]com and webpages akin to it - through redirects caused by sites using rogue advertising networks.

   
Weather Forecast Online Adware

What is Weather Forecast Online?

During a routine inspection of questionable software-promoting webpages, our researchers found the Weather Forecast Online browser extension. It is endorsed as a quick-access tool for local weather forecasts, humidity reports, and other related online content. However, our analysis revealed that this extension operates as advertising-supported software (adware) instead.

   
ORCA Ransomware

What is ORCA ransomware?

Our research team discovered the ORCA ransomware while investigating new malware submissions to VirusTotal. This malicious program belongs to the ZEPPELIN ransomware family.

When we executed a sample of ORCA on our test system, it began encrypting files and altered their titles. Original filenames were appended with the ".ORCA.victim's_ID" extension, e.g., a file named "1.jpg" appeared as "1.jpg.ORCA.1D1-617-F3E", and so on.

After the encryption process was finished, ORCA created a ransom note - "HOW_TO_RECOVER_DATA.hta" - on the desktop. It is noteworthy that this ransomware employs double extortion tactics.

   

Page 5 of 1659

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
About PCrisk

PCrisk logo

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal