Virus and Spyware Removal Guides, uninstall instructions
What kind of malware is Eiur?
Eiur is the name of ransomware belonging to a ransomware family called Djvu. We have discovered Eiur during our analysis of malicious installers distributed using deceptive pages. It was found that this ransomware encrypts files, appends the ".eiur" extension to filenames, and provides a ransom note (creates the "_readme.txt" file).
An example of how Eiur modifies filenames: it renames "1.jpg" to "1.jpg.eiur", "2.png" to "2.png.eiur", "3.exe" to "3.exe.eiur", and so forth.
What kind of page is resourceslatest[.]com?
We discovered the resourceslatest[.]com rogue webpage while inspecting unreliable sites. It operates by promoting scams, pushing browser notification spam, and redirecting visitors to different (likely dubious/malicious) sites.
Users typically enter resourceslatest[.]com and similar pages via redirects caused by websites using rogue advertising networks.
What is REVENLOCK ransomware?
REVENLOCK is a ransomware-type program we discovered while inspecting new submissions to VirusTotal. We determined that this program is part of the MedusaLocker ransomware family.
REVENLOCK encrypts files and appends their filenames with an extension. The variant we executed on our test system appended files with ".REVENLOCK7". For example, a file initially titled "1.jpg" appeared as "1.jpg.REVENLOCK7", "2.png" as "2.png.REVENLOCK7", etc. It is noteworthy that the number in the extension may vary depending on REVENLOCK's version.
Once the encryption was completed, a ransom note - "HOW_TO_RECOVER_DATA.html" - was dropped onto the desktop. Based on the message within, we can surmise that REVENLOCK targets companies rather than home users.
What is DeliteOutward?
DeliteOutward is a rogue app that our researchers found while checking out new submissions to VirusTotal. After analyzing this application, we discovered that it operates as advertising-supported software (adware) and belongs to the AdLoad malware family.
What kind of page is defendyourfiles[.]com?
Defendyourfiles[.]com is a rogue website that our researchers discovered while inspecting untrustworthy webpages. This page operates by hosting deceptive content, promoting browser notification spam, and redirecting visitors to other (likely dubious/malicious) sites.
Most users access defendyourfiles[.]com and webpages akin to it through redirects caused by sites using rogue advertising networks.
What kind of page is reserve-availability[.]cfd?
Reserve-availability[.]cfd is an untrustworthy page that runs a scam similar to "McAfee - Your PC is infected with 5 viruses!". Also, it asks visitors for permission to show notifications. Our team has discovered reserve-availability[.]cfd while examining other pages that use rogue advertising networks.
What kind of malware is DeadLocker?
DeadLocker is the name of ransomware discovered by MalwareHunterTeam. It was found that DeadLocker encrypts files, appends the ".deadlocked" extension to filenames, changes the desktop wallpaper, and displays a pop-up (a ransom note).
An example of how DeadLocker renames files: it changes "1.jpg" to "1.jpg.deadlocked", "2.png" to "2.png.deadlocked", and so forth.
What is YTStealer?
YTStealer is a piece of malicious software classified as a stealer. Malware within this category aims to steal a wide variety of sensitive data. However, YTStealer targets very specific information - one relating to victims' YouTube accounts. Thus the goal of the attackers behind this program is to gain access and control over YouTube accounts.
What is Harditem ransomware?
Harditem is a malicious program based on the Prometheus ransomware. We obtained a sample of this ransomware from VirusTotal.
After Harditem was launched on our test machine, it encrypted files and appended their filenames with the ".harditem" extension. For example, a file initially titled "1.jpg" appeared as "1.jpg.harditem", "2.png" as "2.png.harditem", etc. Once this process was completed, a ransom note named - "RESTORE_FILES_INFO.txt" - was created.
Fortunately, Harditem is decryptable, Avast has released a free decryption tool for this ransomware.
What kind of application is Tail web?
Tail web is the name of an application that our team has discovered while inspecting shady websites. After downloading and adding this app to a browser, we found that it changes some settings. It hijacks a web browser to promote tailsearch.com. While testing this site, we found that it is a fake search engine.
More Articles...
Page 535 of 2124
<< Start < Prev 531 532 533 534 535 536 537 538 539 540 Next > End >>