Virus and Spyware Removal Guides, uninstall instructions

Cip Ransomware

What kind of malware is Cip?

While analyzing the Cip ransomware sample, we found out that it belongs to the Dharma ransomware family. We also noticed that it encrypts files and appends the victim's ID, ciphercrypt@tuta.io] email address and the ".cip" extension to filenames. For example, it renames "1.jpg" to "1.jpg.cip", "document.txt" to "document.txt.cip".

Like most ransomware variants, Cip ransomware provides contact information (and other details regarding data recovery). It displays a pop-up window and creates the "info.txt" file containing ransom notes.

   
Clipboard Sync Beta Adware

What is Clipboard Sync Beta?

We detected Clipboard Sync Beta when researching scam websites. This adware-type browser extension was promoted by the "Install the extension for Chrome to protect your privacy" scam.

This piece of software promises to sync clipboard data between two desktop devices; instead, it runs intrusive advert campaigns (displays ads).

   
Important-incoming-news.com Ads

What kind of page is important-incoming-news[.]com?

Important-incoming-news[.]com was detected by our research team during a routine inspection of suspicious webpages. This site is designed to push its browser notifications, and it can cause redirects to other untrustworthy/malicious pages. Websites akin to important-incoming-news[.]com are primarily accessed via ones using rogue advertising networks.

   
Install The Extension For Chrome To Protect Your Privacy POP-UP Scam

What is the "Install the extension for Chrome to protect your privacy" scam?

Our researchers encountered the "Install the extension for Chrome to protect your privacy" scam while inspecting browser notifications delivered by various questionable sites. Specifically, an ad delivered by important-incoming-news[.]com that promoted a website running the scam in question.

Typically, schemes of this kind are used to promote a wide variety of untrustworthy software like fake anti-viruses, adware, browser hijackers, and PUAs (Potentially Unwanted Applications). This scam endorsed the Clipboard Sync Beta adware at the time of research.

   
MTX Ransomware

What is MTX ransomware?

When searching VirusTotal for new malware submissions, our researchers found yet another malicious program belonging to the Dharma ransomware family. This ransomware-type program is called MTX.

On our test system, this malware encrypted files and appended their titles a unique ID, the cyber criminals' email address, and a ".MTX" extension. For example, a file initially named "1.jpg" appeared as "1.jpg.id-9ECFA84E.[mtx88@onionmail.org].MTX".

Once the encryption was completed, MTX displayed a pop-up window and created a text file "info.txt" on the desktop - both contained ransom notes.

   
McAfee: SECURITY ALERT POP-UP Scam

What is the McAfee: SECURITY ALERT pop-up scam?

We have encountered the "McAfee: SECURITY ALERT" fake virus notification displayed by a deceptive website while visiting other pages that use rogue advertising networks. This scam is similar to many other scams that our team has discovered before. Websites of this type (fake notifications displayed by them) must be ignored.

   
Bestfaustcaptcha.top Ads

What kind of page is bestfaustcaptcha[.]top?

Our researchers found bestfaustcaptcha[.]top when analyzing shady websites. This page is a typical example of browser notification spam promotion. In addition to pushing its notifications, bestfaustcaptcha[.]top can redirect visitors to other questionable/malicious sites.

We accessed this webpage through another that uses rogue advertising networks; it is the most likely entry point to sites like bestfaustcaptcha[.]top. Other ways to enter them include mistyped URLs, redirects caused by browser notifications/ intrusive ads or by installed harmful software.

   
Security Suite Adware

What kind of software is Security Suite?

We have found the Security Suite adware while checking shady websites (Security Suite has an official download website too). We examined the deceptive page promoting Security Suite and noticed that it displays a fake message disguised as a notification from the Chrome browser. That message claims that Security Suite will block online ads.

   
Polizia Di Stato Ransomware

What kind of malware is Polizia Di Stato?

Polizia Di Stato is the ransomware that we discovered while analyzing samples submitted to VirusTotal. While testing this ransomware variant, we have learned that it encrypts files, appends the ".polizia" extension to filenames (for instance, renames "1.jpg" to "1.jpg.polizia", "2.jpg" to "2.jpg.polizia").

Also, Polizia Di Stato creates the "POLIZIA_DI_STATO.txt" file (a ransom note) and an image with two police officers. Cybercriminals behind this ransomware pretend to be state police officers to scare victims into paying a ransom. No police would ever attack computers with ransomware.

   
Test Certificate Adware

What is Test Certificate?

After installing this suspicious browser extension, our researchers classified Test Certificate as adware. While this piece of software claims to provide the service of easy website verification, it operates by running intrusive advertisement campaigns instead. Our research also revealed that Test Certificate spies on users' browsing activity.

   

Page 652 of 2105

<< Start < Prev 651 652 653 654 655 656 657 658 659 660 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal