Virus and Spyware Removal Guides, uninstall instructions

Mediumhiquality.com Ads

What kind of page is mediumhiquality[.]com?

Wave analyzed mediumhiquality[.]com and found that this page displays a deceptive message to trick visitors into allowing it to show notifications. Also, mediumhiquality[.]com redirects to other websites that use clickbait techniques to receive permission to display notifications.

   
Search-News Default Search Browser Hijacker

What kind of application is Search-News Default Search?

While testing the Search-News Default Search application, we found that it functions as a browser hijacker. It promotes a fake search engine (search-news.xyz) by changing some of the settings of a web browser. We discovered Search-News Default Search on a shady web page.

   
Access To This MAC Has Been Blocked POP-UP Scam (Mac)

What is "Access To This MAC Has Been Blocked"?

It is a fake virus message displayed by a deceptive website (a technical support scam site). The purpose of this page is to trick unsuspecting visitors into calling the provided number. None of the messages on this page are real. Thus, this website should be ignored.

   
Venadvstar.com Ads

What kind of page is venadvstar[.]com?

Venadvstar[.]com is one of the many websites that display deceptive messages to trick visitors into allowing them to show notifications. Additionally, venadvstar[.]com redirects visitors to other shady websites. We discovered venadvstar[.]com while inspecting sites that use shady advertising networks.

   
Nlb Ransomware

What is Nlb ransomware?

Our researchers discovered the Nlb ransomware while investigating new submissions to VirusTotal. This malicious program is part of the Dharma ransomware family.

Once we launched a sample of Nlb on our testing system, it encrypted files and altered their titles. Original filenames were appended with a unique ID assigned to the victim, the cyber criminals' email address, and a ".nlb" extension. For example, a file initially named "1.jpg" appeared as "1.jpg.id-9ECFA84E.[Rileyb0707@aol.com].nlb".

Afterward, this ransomware created ransom-demanding messages in the form of a pop-up window and a text file titled "FILES ENCRYPTED.txt".

   
R0n Ransomware

What kind of malware is R0n?

R0n is ransomware that encrypts files and appends the victim's ID, ronvest@tutanota.de email address, and the ".r0n" extension to filenames. Also, R0n provides two ransom notes: it displays a pop-up window and creates the "info.txt". Our team discovered R0n while inspecting malware samples submitted to VirusTotal.

We also found that R0n is part of the Dharma ransomware family. An example of how R0n renames files: it changes "1.jpg" to "1.jpg.id-9ECFA84E.[ronvest@tutanota.de].r0n", "2.png" to "2.png.id-9ECFA84E.[ronvest@tutanota.de].r0n", and so forth.

   
Mztu Ransomware

What kind of malware is Mztu?

Mztu is one of the ransomware variants belonging to the Djvu family. Our team discovered it while inspecting malware samples submitted to VirusTotal. The purpose of Mztu is to encrypt files. Also, this ransomware appends the ".mztu" extension to filenames and creates the "_readme.txt" file (a ransom note).

An example of how Mztu modifies filenames: it renames "1.jpg" to "1.jpg.mztu", "2.doc" to "2.doc.mztu", and so forth. In some cases, threat actors steal sensitive data using malware like RedLine and Vidar before encrypting files with Djvu ransomware.

   
Dfewasflyin.xyz Ads

What kind of page is dfewasflyin[.]xyz?

While examining dfewasflyin[.]xyz, we found that this page displays a deceptive message to lure visitors into agreeing to receive notifications. It also redirects to other shady websites. Users do not normally visit sites like dfewasflyin[.]xyz on purpose.

   
Block Site Access Adware

What is Block Site Access?

Our research team discovered the Block Site Access browser extension during a routine investigation of untrustworthy websites. This extension is described as a productivity tool capable of temporarily blocking distracting Web resources. However, our inspection of Block Site Access revealed that it is advertising-supported software (adware).

   
Block Access Site Adware

What kind of application is Block Access Site?

While testing the Block Access Site browser extension, our team noticed that it operates as adware - it displays annoying advertisements. Adware is often promoted and distributed using questionable methods. We discovered Block Access Site on a shady website. Thus, using this app is not recommended.

   

Page 7 of 1750

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
About PCrisk

PCrisk logo

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal