Virus and Spyware Removal Guides, uninstall instructions

Wanqu Ransomware

What kind of malware is Wanqu?

Wanqu is the name of ransomware that encrypts and renames files (by appending the ".Wanqu" extension) and drops "RESTORE_FILES_INFO.txt" and "RESTORE_FILES_INFO.hta" files (ransom notes) on the desktop. Our team discovered Wanqu while inspecting malware samples submitted to the VirusTotal website.

An example of how Wanqu modifies filenames: it renames "1.jpg" to "1.jpg.Wanqu", "2.png" to "2.png.Wanqu", and so forth.

   
AuroraShack Adware (Mac)

What is AuroraShack?

While investigating new submissions to VirusTotal, our researchers found the AuroraShack application. After analyzing it, we determined that this app operates as adware (i.e., runs intrusive ad campaigns) and belongs to the AdLoad malware family.

   
Fake Mobile Banking Rewards Malware (Android)

What is fake mobile banking rewards malware?

A new version of Android malware has emerged recently, targeting customers of Indian banks. Cybercriminals behind this campaign are using fake banking rewards applications to trick users into installing information-stealing malware with remote access trojan (RAT) capabilities. Their goal is to steal sensitive information.

   
Mscmart.com Ads

What kind of page is mscmart[.]com?

While investigating untrustworthy sites, our researchers found the mscmart[.]com rogue page. It pushes spam browser notifications and redirects visitors to other (likely questionable/malicious) websites. Users typically enter mscmart[.]com and similar pages through redirects caused by websites using rogue advertising networks.

   
Pushyoumail.com Ads

What kind of page is pushyoumail[.]com?

Pushyoumail[.]com is a rogue website that promotes browser notification spam and causes redirects to different (likely untrustworthy/malicious) sites. Our research team discovered this page during a routine investigation of suspicious websites. Users typically enter webpages of this kind via redirects caused by sites using rogue advertising networks.

   
Service-2022.site Ads

What kind of page is service-2022[.]site?

While inspecting dubious webpages, our researchers discovered the service-2022[.]site rogue site. It operates by promoting scams, pushing browser notification spam, and redirecting visitors to other (likely untrustworthy/malicious) websites.

Most users access pages like service-2022[.]site via redirects caused by sites using rogue advertising networks, mistyped URLs, spam notifications, intrusive ads, or installed adware.

   
Fonto.club Ads

What kind of page is fonto[.]club?

Fonto[.]club is a rogue page that our researchers discovered while inspecting suspicious websites. It is designed to promote deceptive material, push browser notification spam, and redirect visitors to other (likely untrustworthy/harmful) webpages.

Most users enter fonto[.]club and similar websites through redirects caused by pages that use rogue advertising networks.

   
Basis-antivirus.com Ads

What kind of page is basis-antivirus[.]com?

After examining basis-antivirus[.]com, we found that this page is designed to trick visitors into paying for legitimate software by displaying deceptive content. Also, it asks visitors for permission to show notifications. Our team discovered basis-antivirus[.]com while inspecting websites that use rogue advertising networks.

   
Exploretoday.co Redirect

What is exploretoday.co?

Exploretoday.co is the URL of a fake search engine. These websites are typically promoted by browser-hijacking software, which modifies browser settings in order to cause redirects to illegitimate search engines. Furthermore, both the promoted sites and browser hijackers usually collect private data.

   
Wukbgater.buzz Ads

What kind of page is wukbgater[.]buzz?

While examining wukbgater[.]buzz, we found that this page uses a clickbait technique to trick visitors into agreeing to receive notifications. Also, it redirects to other shady websites. Thus, wukbgater[.]buzz cannot be trusted/should not be visited. Our team discovered wukbgater[.]buzz while inspecting pages that use rogue advertising networks.

   

Page 7 of 1661

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
About PCrisk

PCrisk logo

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal