Virus and Spyware Removal Guides, uninstall instructions

What kind of browser extension is "Sites usage"?

Sites usage is the name of a rogue browser extension that our research team discovered while investigating deceptive software-promoting websites. This extension is presented as a tool that can provide website usage and maliciousness data. However, our inspection of Sites usage revealed that it operates as adware.

What kind of application is Stop AdBlocker?

We have tested the Stop AdBlocker browser extension and found that it operates as an advertising-supported application. It displays intrusive advertisements. Also, Stop AdBlocker can read and change data on all websites. We have discovered Stop AdBlocker on a shady web page.

What is Allock ransomware?

While inspecting new submissions to VirusTotal, our researchers discovered the Allock ransomware. This malicious program is part of the MedusaLocker ransomware family.

After a sample of Allock was executed on our testing system, it encrypted files and appended their filenames with a ".allock8" extension. To elaborate, a file originally named "1.jpg" appeared as "1.jpg.allock8", "2.png" as "2.png.allock8", etc. It is noteworthy that the number in the extension can vary based on the ransomware's iteration.

Once the encryption process was concluded, the Allock ransomware dropped a ransom note titled "how_to_back_files.html" onto the desktop. The text presented in this message makes it clear that this ransomware targets companies rather than home users.

What kind of malware is Sxn?

Sxn is ransomware - malware that blocks access to files by encrypting them. Unlike most ransomware variants, Sxn does not append its extension to the filenames of encrypted files. However, it drops 26 files with no data in them with the ".Locked" extension. Also, Sxn displays a pop-up window containing a ransom note.

We discovered the Sxn ransomware while examining malware samples submitted to the VirusTotal page.

What kind of malware is CodeRAT?

CodeRAT is the name of an information stealer aimed at Ukrainian-speaking users. Cybercriminals use it to steal sensitive information. Typically, malware of this type targets data that can be used to steal online accounts, money, identities, etc. It often runs silently in the operating system to avoid being spotted by victims.

What kind of email is "Session Validation Error"?

Our inspection of the "Session Validation Error" spam email revealed that it operates as a phishing scam. The letter states that an error occurred in the recipient's mailbox. When an attempt is made to rectify the error – the user is redirected to a phishing website. This page mimics the recipient's email account sign-in site.

What is Nosu stealer?

Nosu is the name of a malicious program classified as a stealer. This malware is designed to steal information from infected machines. The Nosu stealer can extract a wide variety of data from devices and installed applications. The most active campaigns associated with Nosu were noted in North and South America, as well as Southeast Asia.

What kind of page is reportyouridentitydata[.]site?

We have examined reportyouridentitydata[.]site and found that it runs the "Norton Security - Your PC might be infected with viruses!" scam. Also, reportyouridentitydata[.]site wants to show notifications. We discovered reportyouridentitydata[.]site while inspecting websites that use shady advertising networks.

What kind of email is "Professional Hacker Managed To Hack Your Operating System"?

After inspecting the "Professional Hacker Managed To Hack Your Operating System" email and its German language equivalent - we determined that this mail is spam.

These letters operate as sextortion scams. They make false claims about the recipients' devices being infected with malware and subsequently used to obtain compromising recordings and other private content. The fake emails demand payment under threat of the explicit content being leaked.

It must be emphasized that all the claims made by this mail are false and pose no danger to the recipients.

What kind of scam is "Walmart Loyalty Program"?

We have analyzed this site and found that it is running a survey scam. It shows a deceptive message claiming that visitors have been chosen to participate in a survey and will win a prize. People who fall for such scams never receive any prizes. Thus, the "Walmart Loyalty Program" scam should be ignored.