Virus and Spyware Removal Guides, uninstall instructions

Smartcaptcha.top Ads

What kind of website is smartcaptcha[.]top?

While analyzing pages that use rogue advertising networks, we encountered smartcaptcha[.]top - another questionable website. We learned that smartcaptcha[.]top displays a deceptive image and message to trick visitors into agreeing to receive notifications. Also, it redirects visitors to various scam websites.

   
BridgePro Adware (Mac)

What kind of application is BridgePro?

BridgePro is the name of an application that we discovered on a deceptive web page claiming that the installed version of Adobe Flash Player is out of date. After downloading and testing BridgePro, we found that it is an useless application that shows annoying advertisements. Therefore, we classified BridgePro as adware.

   
RedAlert (N13V) Ransomware

What is RedAlert (N13V) ransomware?

RedAlert (N13V) is a piece of malicious software classified as ransomware, a type of malware designed to encrypt data and demand payment for the decryption. This ransomware is a cross-platform program, the Windows variant is referred to as RedAlert, while the Linux VMware ESXi server targeting version is called N13V.

When we executed a sample of RedAlert (N13V) on our test machine, it encrypted files and appended their filenames with a ".crypt[number]" extension. For example, a file titled "1.jpg" appeared as "1.jpg.crypt416", etc.

Following the completion of this process, RedAlert (N13V) ransomware created a ransom note named "HOW_TO_RESTORE.txt". The message within this file indicated that this ransomware targets companies rather than home users. Additionally, RedAlert (N13V) uses double extortion tactics.

   
Readnet Ransomware

What kind of malware is Readnet?

Readnet is ransomware that our team discovered while inspecting malware samples submitted to the VirusTotal page. We found that Readnet is part of the MedusaLocker ransomware family. The purpose of ransomware is to encrypt files. Also, Readnet renames files by appending the ".Readnet7" extension to filenames (the number may vary) and drops a ransom note (the "HOW_TO_RECOVER_DATA.html" file).

An example of how Readnet ransomware modifies filenames: it renames "1.jpg" to "1.jpg.Readnet7", "2.png" to "2.png.Readnet7", "3.exe" to "3.exe.Readnet7", and so forth.

   
Correos Email Scam

What is Correos email scam?

After examining this email, we found that the scammers behind it pretend to be a state-owned company that provides postal service in Spain. The email is written in Spanish. Scammers use it to trick recipients into opening a fake Correos website and providing sensitive information. The email is written in Spanish.

   
DockMode Adware (Mac)

What is DockMode?

DockMode is an adware-type application that our researchers discovered during a routine inspection of new submissions to VirusTotal. We learned that this app belongs to the AdLoad malware family.

Our analysis revealed that this piece of software runs intrusive advertisement campaigns and may have browser-hijacking and data-tracking abilities.

   
EditWave Adware (Mac)

What kind of application is EditWave?

While examining deceptive websites (fake installers downloaded from them) we found an application called EditWave. It is unlikely that user would install this software on purpose. We found that EditWave an advertising-supported application - it bombards users with intrusive advertisements.

   
Po Ransomware

What kind of malware is Po?

Po is ransomware belonging to the Dharma family. We discovered this ransomware while analyzing malware samples submitted to the VirusTotal website. Po encrypts files, appends the victim's ID, recovery2022@tutanota.com email address, and ".Po" extension to filenames. Also, it provides two ransom notes: it displays a pop-up window and creates the "info.txt" file.

An example of how Po ransomware modifies filenames: it renames "1.jpg" to "1.jpg.id-9ECFA84E.[recovery2022@tutanota.com].Po", "2.png" to "2.png.id-9ECFA84E.[recovery2022@tutanota.com].Po", "3.exe" to "3.exe.id-9ECFA84E.[recovery2022@tutanota.com].Po", and so forth.

   
Ads4pc.com Ads

What kind of page is ads4pc[.]com?

During a routine inspection of untrustworthy sites, our researchers found the ads4pc[.]com rogue webpage. It operates by pushing browser notification spam and redirecting visitors to other (likely unreliable/harmful) websites. Most users enter these pages through redirects caused by sites using rogue advertising networks.

   
Style Flex Adware

What is "style flex"?

Our researchers discovered a rogue browser extension named style flex while inspecting dubious download webpages. This piece of software promises to allow users to modify website content alignment (i.e., left, right, center, etc.). However, our analysis revealed that it operates as advertising-supported software (adware).

   

Page 490 of 2106

<< Start < Prev 481 482 483 484 485 486 487 488 489 490 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal