Virus and Spyware Removal Guides, uninstall instructions

IS Ransomware

IS ransomware removal instructions

What is IS ransomware?

IS (also known as Ordinypt) ransomware was discovered by dnwls0719. IS is a malicious program which prevents victims from accessing their files, it does this by encrypting them with a strong encryption algorithm. As a rule, to recover their files victims must pay cyber criminals a ransom. IS adds the same random extension to the filenames of all encrypted files, for example, it renames "1.jpg" file to "1.jpg.KRk5p", and so on. Instructions on how to pay a ransom are provided in the text "KRk5p_how_to_decrypt.txt" text file. Its name depends on the extension of encrypted files.

WannaCry Hacker Group Email Scam

"WannaCry hacker group Email Scam" removal guide

What is "WannaCry hacker group Email Scam"?

"WannaCry hacker group Email Scam", as its name suggests - is an email scam. It uses a type of blackmail called "sextortion", which extorts money by threatening to reveal evidence of sexual activity. In this particular case, it claims that the evidence was obtained through the user's webcam. It states that this footage will be spread, if in a given period of time a certain amount of money will not be transferred to the account provided. It should be stressed, that none of these claims are true and cyber criminals behind this scam do no have any compromising material. All emails of this kind should be ignored.

Sextortion Email (Monero)

"Sextortion Email (Monero)" removal guide

What is "Sextortion Email (Monero)" scam?

"Sextortion Email (Monero)" is the name of a scam which scammers send with a purpose to trick people into paying them money. Scammers seek to trick recipients into believing that they have recorded a humiliating video which they will spread on the Internet if they will not receive a particular amount of Monero cryptocurrency. There are many similar scams, none of them should be trusted. People who receive such fraudulent emails should ignore and delete them.

Hermes837 Ransomware

Hermes837 ransomware removal instructions

What is Hermes837?

Hermes837 is a malicious software which is classified as ransomware, the person who discovered is GrujaRS. As a rule, ransomware-type programs are designed to encrypt data (make files inaccessible). Cyber criminals spread programs of this type to extract money from people by forcing them to buy decryption tools or/and keys from them. Hermes837 adds the ".hermes837" extension to the filenames of all encrypted files. For example, it renames "1.jpg" to "1.jpg.hermes837", and so on. Instructions on what to do next are provided in the "!!!READ_ME!!!.txt" file.

Mac System Currently Outdated And Corrupted POP-UP Scam (Mac)

How to avoid redirects to "Mac System currently outdated and corrupted" on Mac?

What is "Mac System currently outdated and corrupted"?

"Mac System currently outdated and corrupted" is a notification on a deceptive, scam page which is designed to trick people into installing a questionable app called My Mac Speedup. Visitors supposed to use this app to fix the occurred problem that was detected by this scam page. We strongly recommend not to trust websites of this type or apps that they are designed to promote. If a browser opens such pages regularly, then it is very likely that some installed potentially unwanted application (PUA) is the culprit of it.

Pirrit Adware (Mac)

How to remove Pirrit from Mac?

What is Pirrit?

Pirrit is the name of adware family, there is a number of adware-type apps that are part of it. Typically, apps of this type display various intrusive, annoying (and often deceptive) advertisements. In some cases adware can be used to gather various data as well. Either way, it is not recommended to have any adware installed on a computer or browser. As a rule, users download and install adware inadvertently, for this reason adware-type apps are also known as potentially unwanted applications (PUAs). POP-UP Scam (Mac)

How to remove "[.]xyz" from Mac?

What is "[.]xyz"?[.]xyz is a scam website, created for the promotion of the Cleanup My Mac application. This site functions by alerting users of fake threats it has detected. However, it should be emphasized that any viruses it finds are imaginary. It is strongly advised to never trust such sites, and refrain from download/installing suggested software. It is also noteworthy, that any apps such webpages offer are likely to be fraudulent and therefore nonoperational. Most visitors to[.]xyz, happen upon it accidentally. It is mostly accessed through rogue redirects caused by PUAs (potentially unwanted applications) already present on users' Mac operating systems.

Package Tracking App Browser Hijacker

Package Tracking App browser hijacker removal instructions

What is Package Tracking App?

Package Tracking App is a rogue application, advertised as a package tracker and a web searching tool. It is supposedly capable of providing details on ordered packages (tracking their route and similar). In all actuality, Package Tracking App is both a browser hijacker and a PUA (potentially unwanted application). As the former, it changes browser settings, promotes its fake search engine ( and monitors users' browsing activity. Its classification as the latter depends on the fact that most users download/install it unwillingly. POP-UP (Mac)

How to stop redirects to myhelpfuldownloads[.]com on Mac?

What is myhelpfuldownloads[.]com?

Myhelpfuldownloads[.]com is a questionable website which is used to promote software called Scanguard and other questionable applications. Typically, users do not visit pages like myhelpfuldownloads[.]com willingly. If a browser opens myhelpfuldownloads[.]com by itself, then it means that there an adware-type application is present. Adware is a software that is designed to display a variety of unwanted, often deceptive ads. Adware-type apps are categorized as potentially unwanted applications (PUAs), it is because most people download and install them unintentionally.

Guarded Ransomware

Guarded ransomware removal instructions

What is Guarded?

Guarded is a ransomware-type program which is similar to Sguard. Typically, programs of this type encrypt files so that victims could not access them without particular tools that can be purchased only from cyber criminals who developed ransomware. Guarded renames encrypted files by changing their extension (adding a new one) to ".Guarded". For example, it renames "1.jpg" to "1.jpg.Guarded" and so on. It also creates a ransom note, the "GUARDED-README.txt" text file. It contains instructions on how to purchase decryption tool.


Page 7 of 799

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
Malware activity

Global virus and spyware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal