Virus and Spyware Removal Guides, uninstall instructions

Autolycos Malware (Android)

What is Autolycos?

Autolycos is the name of Android malware that infects devices via trojanized applications downloaded from the Google Play Store. Those apps were spotted in the middle of 2021. Most of them are no longer available on the Google Play Store. Autolycos subscribes victims to its premium services.

   
StrelaStealer Malware

What is StrelaStealer?

StrelaStealer, as its name implies, is a stealer-type malware. This malicious program specifically targets email account log-in credentials. StrelaStealer was first discovered by DCSO CyTec's researchers in November of 2022. Their findings revealed that this malicious program was distributed using spam mail targeting Spanish-speaking users.

   
Cloud 9 JavaScript BotNet

What is Cloud 9 JavaScript BotNet?

Cloud 9 JavaScript BotNet refers to a malicious browser extension capable of causing chain infections, which can result in the attackers assuming near-user-level control of the device. This malware is compatible with Google Chrome, Mozilla Firefox, Microsoft Edge, Internet Explorer, and other browsers.

Cloud 9 infections lead to the cyber criminals gaining the ability to access/control victims' devices; essentially, it operates as a RAT (Remote Access Trojan). RATs tend to be very versatile, and Cloud 9 is not an exception. It can add compromised machines into a botnet, launch DDoS attacks, steal data from browsers and systems, install additional malicious content/programs, and mine cryptocurrency.

Cloud 9 is commonly distributed through deceptive Adobe Flash Player update websites, and it can appear as a Flash Player extension on Chrome browsers. This malware has been on the market for a while; its been available on hacker forums since 2017 - therefore, it is likely spread using a wide variety of techniques.

   
Fisakalzb Ransomware

What kind of malware is Fisakalzb?

Fisakalzb is one of the Snatch ransomware variants. It encrypts files to make them inaccessible. Also, Fisakalzb appends the ".fisakalzb" extension to filenames and creates a text file named "HOW TO RESTORE YOUR FILES.TXT". That file contains a ransom note. We discovered Fisakalzb while inspecting malware samples submitted to the VirusTotal website.

An example of how Fisakalzb modifies filenames: it renames "1.jpg" to "1.jpg.fisakalzb", "2.png" to "2.png.fisakalzb", and so forth.

   
Datadesktopsecurity.online Ads

What kind of website is datadesktopsecurity[.]online?

Our team examined datadesktopsecurity[.]online and found that it is an untrustworthy page running the "McAfee - Your PC is infected with 5 viruses!" scam. Additionally, this site wants to show notifications. We discovered datadesktopsecurity[.]online while inspecting web pages that use rogue advertising networks.

   
Protectwatcher.xyz Ads

What kind of page is protectwatcher[.]xyz?

While investigating untrustworthy sites, our research team discovered the protectwatcher[.]xyz rogue webpage. It promotes online scams, pushes browser notification spam, and redirects visitors to other (likely unreliable and malicious) websites.

Users typically access pages like protectwatcher[.]xyz via redirects caused by websites that use rogue advertising networks, mistyped URLs, spam notifications, intrusive advertisements, or installed adware.

   
CleanBlocker Adware

What is CleanBlocker?

CleanBlocker is a rogue browser extension that our researchers discovered while inspecting deceptive websites. This piece of software is presented as an adblocker that can stop website tracking and block various advertisements. However, our analysis revealed that CleanBlocker's operates oppositely - it runs intrusive advertisement campaigns. Due to this behavior, this extension is classified as adware.

   
Web Video Player Adware

What kind of application is Web Video Player?

While testing the Web Video Player browser extension, we found that it shows intrusive advertisements, can read and change data on all websites, and display notifications. We discovered Web Video Player on a deceptive website. Since this app shows ads, we classified it as adware.

   
Movies Adware

What is "Movies" adware?

"Movies" is a piece of advertising-supported software (adware) belonging to the ChromeLoader malware family. This software operates by running intrusive advertisement campaigns.

Furthermore, ChromeLoader apps are known to install multiple unwanted/malicious extensions on Chrome browsers. Hence, if Movies is present on your system, it is likely that harmful browser extensions have infiltrated the device as well.

Our researchers discovered Movies when they downloaded a VHD file from a deceptive website.

   
Chily Ransomware

What is Chily ransomware?

While checking out new malware submissions to VirusTotal, our research team found the Chily ransomware. This malicious program is designed to encrypt data and demand ransoms for decryption.

Once we executed a sample of Chily on our test machine, it began encrypting files and altered their filenames. Original file titles were appended with a ".[Chily@Dr.Com]" extension, e.g., a file like "1.jpg" appeared as "1.jpg.[Chily@Dr.Com]", "2.png" as "2.png.[Chily@Dr.Com]", and so forth on our testing system.

Afterwards, this ransomware changed the desktop wallpaper and created a ransom-demanding message named "Read Me.Hta".

   

Page 417 of 2106

<< Start < Prev 411 412 413 414 415 416 417 418 419 420 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal