Virus and Spyware Removal Guides, uninstall instructions

Godox Ransomware

What is Godox ransomware?

Godox is a ransomware-type program that our research team discovered while inspecting new submissions to VirusTotal. Additionally, we have determined that this piece of malicious software belongs to the VoidCrypt ransomware family.

After this ransomware was released onto our test system, it encrypted files and appended their filenames with a unique ID, the cyber criminals' email address, and a ".godox" extension. For example, a file originally titled "1.jpg" appeared as "1.jpg.(MJ-VR2865390471)(Folperdock@gmail.com).Godox".

Following the completion of the encryption process, Godox dropped ransom notes - "Decryption-Guide.HTA" and "Decryption-Guide.txt" - onto the desktop.

   
Notification Of DHL Shipment Email Scam

What is the "Notification Of DHL Shipment" email?

Our researchers determined that "Notification Of DHL Shipment" is a spam email. It is not associated with DHL - the logistics and delivery company; cyber criminals merely use the name to trick recipients into falling for the phishing scam. This fake notification targets email account log-in credentials through a phishing file attached to it.

   
Ccps Ransomware

What is Ccps ransomware?

During a routine inspection of new submissions to VirusTotal, our research team found another malicious program belonging to the Djvu ransomware family. It is called Ccps, and it is designed to encrypt data and demand payment for the decryption.

On our test machine, this ransomware encrypted files and appended their titles with a ".ccps" extension, e.g., a file initially named "1.jpg" appeared as "1.jpg.ccps", "2.jpg" as "2.jpg.ccps", etc. Once this process was completed, a ransom note - "_readme.txt" - was created.

   
Pushnott.com Ads

What kind of page is pushnott[.]com?

We have found out about the pushnott[.]com website after visiting sites (illegal movie streaming, torrent sites) that use shady advertising networks. Our team has analyzed pushnott[.]com and learned that it attempts to get permission to show notifications and redirects to similar pages.

   
TikTok Finder Adware

What is TikTok Finder?

TikTok Finder is a browser extension promising easy access to and search options on TikTok - the video-focused social media platform. Our researchers found this piece of software while inspecting dubious sites promoted by browser notification spam. After analyzing TikTok Finder, we determined it to be adware.

   
Disturbmachine.xyz Ads

What kind of page is disturbmachine[.]xyz?

We have discovered disturbmachine[.]xyz while examining websites that use rogue advertising networks (such as torrent sites, illegal movie streaming pages). After analyzing disturbmachine[.]xyz, we have concluded that it displays deceptive content to promote legitimate software and asks for permission to show dubious notifications.

   
Film Links Now | Default Search Browser Hijacker

What is Film Links Now | Default Search?

Discovered by our researchers while inspecting sites that use rogue advertising networks, Film Links Now | Default Search is a rogue browser extension. We determined that this piece of software is a browser hijacker. It modifies browser settings and promotes the filmlinksnow.com fake search engine.

   
Adskip Love Adware

What kind of application is Adskip Love?

We have found the Adskip Love application while visiting shady websites promoted through sites that use rogue advertising networks. Our team has tested this app and learned that it generates advertisements. Thus, Adskip Love is an advertising-supported app (adware). Ironically, its developers describe it as an extension that skips ads and blocks trackers.

   
Rdtwrmogzav Ransomware

What is Rdtwrmogzav ransomware?

Rdtwrmogzav is a ransomware-type program that our researchers found while looking through new malware submissions on VirusTotal. Additionally, we determined that this program is part of the Snatch ransomware family.

After being launched on our test system, Rdtwrmogzav encrypted files and appended their names with a ".rdtwrmogzav" extension. For example, a file initially titled "1.jpg" appeared as "1.jpg.rdtwrmogzav", "2.jpg" as "2.jpg.rdtwrmogzav", etc.

Once the encryption was finished, a ransom-demanding message - "HOW TO RESTORE YOUR FILES.TXT" - was created. Based on the ransom note, we can conclude that this ransomware is targeted at companies and not at home users.

   
Investmeny.org Ads

What kind of page is investmeny[.]org?

During a routine inspection of untrustworthy websites, our researchers discovered the investmeny[.]org site. This webpage promotes spam browser notifications and can redirect visitors to various unreliable/harmful sites. Most visitors to investmeny[.]org and similar pages enter them via others that use rogue advertising networks.

   

Page 631 of 2106

<< Start < Prev 631 632 633 634 635 636 637 638 639 640 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal